Liz Wigglesworth

There are lots of excellent resources for learning cybersecurity. This page lists the ones that I've used and will happily recommend. If you have any recommendations for things that I might find useful based on the information listed here, feel free to send a message my way.

As a side note, everything in this list is either free or reasonably priced (< $200 USD).

Cybersecurity & Tech Learning Resources That I Recommend

Videos & YouTube Channels

• Professor Messer's Security+ videos
• Dr Josh Stroschein - The Cyber Yeti (malware analysis)
• LaurieWired (malware analysis & code)
• LiveOverflow's Binary Exploitation Playlist
• L0psec Reversing (macOS malware analysis)
• Matt Brown (IoT pentesting)

Conference Talks, Presentations, & Training

• Antisyphon Training
• Black Hat
• DEF CON
• The Diana Initiative
• LayerOne
• Off by One Security
• PancakesCon
• REcon
• SANS Digital Forensics & Incident Response
• SANS Institute
• Wild West Hackin' Fest

General Tech + Fun Stuff

• Ben Eater (hardware and low-level programming)
• Kay Lack (fun computer science videos - my favorite is the one about ed)
• Low Byte Productions (low-level programming)
• Matt Godbolt (low-level programming & computer science)
• No Boilerplate (tech, programming, & brainpower)

CTFs

• Overthewire Bandit (Linux essentials)
• CyberStart/CyberFastTrack (no longer active, but these folks were a great resource to me in high school & college)

Books

• Practical Malware Analysis by Michael Sikorski & Andrew Honig
  • The great red tome. A great starting point for learning the basic concepts & diving into Windows malware analysis. The labs take more effort to run as new Windows features and versions come out, but this book is still an excellent resource.
• Serious Python: Black-Belt Advice on Deployment, Scalability, Testing, and More by Julien Danjou
  • This book has good information on going from "I can write Python that does something and usually works" to "I can write larger Python codebases that are pleasant to read and work with", which is precisely why I bought it.
• High Performance Python: Practical Performant Programming for Humans by Ian Ozsvald, Micha Gorelick
  • How to get better at writing code to solve CPU-bound problems in Python.
• Securing DevOps: Security in the Cloud by Julien Vehent
  • A tour of DevOps practices, web application security, cloud security, and several case studies.
• Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things by Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou & Beau Woods
  • A guide on IoT pentesting methodology and technology that walks you through several aspects from network analysis to hardware hacking. Lots of fun things to learn about.

Courses

• TCM Practical Malware Analysis and Triage course - a great course for getting started. It's kind of a spiritual successor to the original Practical Malware Analysis book. This course doesn't go nearly as in-depth as the book, but it doesn't need to. It's great for information on getting a modern malware analysis lab set up, which is one thing that the PMA book can't help with anymore. I went through the PMA book before this course, but you could certainly do it the other way around.
• TCM Beginner's Guide to IoT and Hardware Hacking - a solid introductory course that will guide you through building the skills needed for hardware hacking. It covers basic electronics up to beginner firmware reverse engineering. The entire course is centered on going through the pentesting process on an old TP-Link router. I enjoyed it and found the explanations clear. There's naturally plenty of topics that this course doesn't cover, but going through it gave me the basic knowledge and vocabulary to start looking at other resources.

Resources In Progress

• Very slowly making my way through old Flare-On challenges
• Nightmare: Reverse engineering & binary exploitation challenges
• Malware Data Science: Attack Detection and Attribution by Joshua Saxe & Hillary Sanders (4/12 chapters complete)

Resources On My TODO List...

• The Android Malware Handbook: Detection and Analysis by Human and Machine by Qian Han, Salvador Mandujano, Sebastian Porst, V.S. Subrahmanian, Sai Deep Tetali & Yanhai Xiong
• pwn.college: modules on beginner cybersecurity, binary exploitation, and more. Recommended by someone I chatted with at WiCyS 2025.
• A very long list of books from No Starch Press (thank you, Humble Bundle...)