Security is essential.
Security needs to convince: https://utcc.utoronto.ca/~cks/space/blog/tech/SecurityNeedsToConvince
Network recon without being detected.
OSINT → tool hierarchy for information gathering
Spiderfoot → CLI/webUI automated OSINT scanner
crt.sh → subdomain finder based on SSL certs
Search engine specifiers that sometimes reveal useful info.
https://www.exploit-db.com/ → Practical CVEs
https://primer.picoctf.org → CTF introduction
https://book.hacktricks.wiki/en/index.html → CTF resources for different attacks
https://trailofbits.github.io/ctf/ → CTF field guide
https://hacktricks.boitatech.com.br/misc/basic-python/bypass-python-sandboxes → break python sandbox
https://play.picoctf.org/practice/ → CTF practice
Feeds for security updates one should follow.