NetSPI U Resource Hub
Welcome to the NetSPI University (NetSPI U) resource hub! Below is a list of resources that provide fundamental web application testing and cybersecurity knowledge as well as introductions to the concepts that will be covered in-depth during the program. If you find time to explore these resources, many of them will be helpful to further your learning and growth throughout the course of NetSPI U and beyond.
Vulnerability Deep Dives
You might need some background information (see the TryHackMe section if you’re having a hard time with these), but these will likely be the most relevant materials to focus on first. We recommend that you walk through ALL of the material that we have linked on this page, but we also understand that might be overwhelming.
Kontra Highlights
- OWASP Top 10 for Web
- Stored + Reflected Cross-Site Scripting (XSS)
- SQL Injection (SQLi)
- XML Entity Injection (XXE)
- Horizontal + Vertical Privilege Escalation
- OWASP Top 10 for API
- SQL Injection (SQLi)
- XML Entity Injection (XXE)
- Broken Function + Object Level Authorization
- Front-End Top 5
- JavaScript Section
Background Research
TryHackMe Links
- Cybersecurity Introduction
- DNS in Detail
- HTTP in Detail
- OWASP Top 10
- Linux Fundamentals 1
- Linux Fundamentals 2
- Linux Fundamentals 3
- Hashing – Crypto 101
- Encryption – Crypto 101
- Basic Pentesting
- Pentesting Fundamentals
Subscriber Only:
“HackTheBox Bug Bounty Hunter Path”
(note that some of these might be paid)