The list below are relevant resources that the COAR team utilizes:
Security Tool Sets
| NMap | Kali | Nikto |
| Nessus | Metasploit | Metasploitable |
| VirtualBox | OWASP Top Ten | OWASP ZAP |
| SQLMap | w3af | Burp Suite |
| OpenVAS |
Cyber Terminology Resources
Cyber News
| Homeland Security Newswire | TechNewsWorld |
| SANS Newsletters | SC Magazine |
| GCN News | Information Week Dark Reading |
| The Hacker News | Threat Post |
Vulnerability Tracking and Reporting
| ICS-CERT | US-CERT |
| MS-ISAC | CVE - Common Vulnerabilities & Exposures |
| Verisign Cyber Security Intelligence | Offensive Security Public Exploit Database |
| Rapid7 Public Vulnerability and Exploit Database |
Interactive Learning Modules
Reddit Channels
| /r/netsecstudents - netsec for students (*this is probably be the best place to start for beginners*) | r/netsec/ - network security | /r/blackhat - Hackers on Steroids | /r/computerforensics - IR Archaeologists |
| /r/crypto - Cryptography news and discussion | /r/Cyberpunk - High-Tech Low-Lifes | /r/lockpicking - Popular Hacker Hobby | /r/Malware - Malware reports and information |
| /r/onions - Things That Make You Cry | /r/privacy - Orwell Was Right | /r/pwned - "What Security?" | /r/REMath - Math behind reverse engineering |
| /r/ReverseEngineering - Binary Reversing | /r/rootkit - Software and hardware rootkits | /r/securityCTF - CTF new and write-ups | /r/SocialEngineering – social engineering tactics |
| /r/sysadmin - Overworked Crushed Souls | /r/vrd - Vulnerability Research and Development | /r/xss - Cross Site Scripting |