Security Courses

The best courses to learn how to simplify cyber security are open. So open access. Open access (OA) refers to freely available, digital, online information.

We prefer open access security courses that use a Creative Commons license.

Instead of creating yet another cyber security training or course, why not making an existing training resources better?

Capture The Flag 101

Capture The Flags, or CTFs, are a kind of computer security competition. Teams of competitors (or just individuals) are pitted against each other in a test of computer security skill. In this guide/wiki/handbook you’ll learn the techniques, thought processes, and methodologies you need to succeed in Capture the Flag competitions.



Great site with an archive of many Capture The Flag (CTF) competitions. See the best teams, players and find competitions. A real complete archive of past and future CTF events.


Computer Networks: A Systems Approach

Great resource for learning all about network security. For starters and full professionals. Sources of this book are on Created by Larry Peterson and Bruce Davie. Read the latest version of this book on:

Digitally Aware

Basic Security Awareness Training. Slides are available in Dutch and in English on the github repository:

Basic course on security awareness

This is not a course like many others. This digital security course (or “security awareness”) will allow you to find out what are the correct behaviors to keep to manage information securely.


Malware Analysis

Developed and used by RPISEC to teach Malware Analysis. Free to use and to improve. See:

MITRE:Cyber Threat Intelligence Training

Great cyber threat intelligence (CTI) for everyone who is active in a large (governmental)organisation.

The training contains five modules that consist of videos and exercises. This training was designed to be completed in approximately 4 hours, and may be completed solo or as a team. All training material can be found at:

Open-Source Phishing Framework

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training. Download the toolkit from:

More info on:

OWASP Juice Shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application. This application can be used in security trainings or awareness trainings. The Juice Shop encompasses vulnerabilities from the OWASP Top Ten along with many other security flaws as present in many real world applications…

So hack the Shop on:

Security awareness base course

Nice awareness training. Created by the an Italian Govermental organisation. Note you need to install Hugo first in order to launch te course.


The Fuzzing Book

Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. You can interact with chapters as Jupyter Notebooks. Great open book to spend some time on.

Git repository can be found on:

But check the nice looking website on:

The Cyber Law Toolkit

The Cyber Law Toolkit is a dynamic interactive web-based resource for legal professionals who work with matters at the intersection of international law and cyber operations. The toolkit consists of hypothetical scenarios. Each scenario contains a description of cyber incidents inspired by real-world examples, accompanied by detailed legal analysis.



The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. All OSS with the code on Github.

Check it out and play! -