If it's free its for me
7 Free Cybersecurity Resources
“If it’s free, it’s for me” - Unknown
Good words to live by.
There is a collection of Cybersecurity knowledge out there, with much of it being free.
Below is an overview of these resources that won’t cost a dime. Let’s get into it.
Command Line Kung Fu
This is a blog I have recommended to people wanting to get their hands dirty with the command line. It’s not updated these days, but there are lots of gems in there and it’s how I picked up many CLI moves.
It goes over working through and solving specific problems from the command line.
It focuses on the “how”, with explanations on solutions from OG’s in the field.
I’m big on doing the fundamentals well. (You’ll see this theme throughout the resources discussed) You simply get a lot out of things when steps are not skipped.
For example, finding names of files matching a particular string. From here, there’s a Linux walkthrough, a Windows walkthrough, and a MacOS one.
As you can see in the image, a possible interview question.
Cybr
A platform for AWS security training. There are a lot of free options, including Intro to AWS Lambda Enumeration, Securing S3 with Ransomware, Introduction to AWS IAM Enumeration, and more.
With both Blue team and Red team options, it gives you a chance to get hands on with different services and tools in a lab environment.
Github Awesome Compilations
This “simple trick” will work for any Cybersecurity domain and even other domains in tech.
Searching the phrase awesome followed by “literally any security domain” will give you Github compilations of resources for that given topic.
Github is a great resource in general, but using this keyword search will provide immense value when looking for free resources.
For example awesome “malware analysis” or awesome “blue team” or awesome “macos security”.
Even if you don’t include Github in your search it should be the top result in google.
From here, checking out these compiled lists will bring you a lot of options to explore.
LetsDefend
This is a hands on platform with Capture the Flags. It has various challenges in security topics and learning paths.
What is unique about this one is it is focused on the Blue team side of things, and it can get quite granular.
Another positive of this platform, some of the exercises are similar to interview exercises you may see. There are courses and exercises, modeled after real world investigations.
OverTheWire
This is another CTF platform (Capture the Flag) with various challenges in security topics and sets of questions to go through.
Bandit, for example takes you through the command line from basically zero and levels you up by the end, with challenges increasing in difficulty as you go. I recommend this one for folks starting out.
After going through it, you will have a versatile skill-set at the command line.
TryHackMe
I couldn’t go over free Cybersecurity resources without mentioning TryHackMe. A platform many are drawn to when getting their hands dirty or learning the ropes. It’s also a good way to refresh on something you have previously worked on, but haven’t had hands on practice with lately.
A gamified platform that has mostly free exercises, with some subscriber-only rooms.
Udemy
Udemy is another marketplace for online learning.
One of the differences here is these courses are generally made by practitioners and not Universities (like Coursera).
This allows for a different perspective, and a more likely path of being able to reach out to the instructor directly.
There are a lot of courses both free and paid.
Lastly, my free course on Linux Fundamentals is on Udemy. If you want to support me, please check it out and let me know your thoughts.
I always recommend people to learn Linux well if they’re getting started in Cybersecurity, and I hope you get a lot of value out of it.
These are some of the many free resources out there (we covered 8), and I encourage you to check them out and see what works for you.
What I Read This Week
Kali Linux can now run in Apple containers on macOS systems
Apple’s new containerization framework that allows Apple Silicon hardware to run isolated Linux distros
Pretty cool stuff compared to wrestling with compatibility issues
After installing the containerization framework, just run
container run --rm -it kalilinux/kali-rollingEU to start rolling out biometrics entry system for non-EU visitors from October
This will capture biometric data, such as fingerprints, and facial image, gradually replacing the current system of passport stamping
Technological convenience or the continuation of the surveillance state?
New Plague Linux malware stealthily maintains SSH access
Interesting Linux malware focusing on defense evasion and persistence
"Environment variables such as SSH_CONNECTION and SSH_CLIENT are unset using unsetenv, while HISTFILE is redirected to /dev/null to prevent shell command logging."
Breaches
The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025
Highlights the breaches of the summer, Including an uptick in healthcare and insurance
Scattered Spider and Microsoft Sharepoint RCE vulnerabilities made some of the biggest headlines these past few months
Google Breach: The Cost of a Call: From Voice Phishing to Data Extortion
One of Google’s corporate Salesforce instances was impacted (full report in the above story)
The attacker guides the victim to visit Salesforce's connected app setup page to approve a fake version of the app. This then gives the attacker access
Wrapping Up
In the end, there are lots of resources out there. We focused on free ones readily available for consumption.
I hope this overview of free content helps add to your arsenal of resources.
See you in the next one.