Skip to content

Communities#

Finding the right community accelerates learning. The groups below range from broad security forums to highly focused OT/ICS spaces. Many host CTFs, mentorship threads, and reading groups that are hard to find elsewhere.

General Security Communities#

Reddit#

  • r/netsec — Curated technical security news and research. One of the best signal-to-noise ratios in online security discussion.
  • r/AskNetsec — Question-and-answer forum for practitioners at all levels. Good for getting unstuck on specific topics.
  • r/ReverseEngineering — Focused on malware analysis, binary research, and protocol reversing. Useful for understanding ICS firmware and custom protocols.
  • r/OTSecurity — OT/ICS-specific discussion on application-specific security best practices.

Discord Servers#

  • TryHackMe Discord — Active community tied to the TryHackMe learning platform. Great for beginners working through structured labs.
  • Hack The Box Discord — Large community around HTB challenges and machines. Intermediate-to-advanced focus with mentorship threads.
  • Red Team Village — Large community built to train people's critical thinking skills, enable collaboration, and discuss strategies in offensive security.
  • Black Hills Infosec — BHIS is a Cybersecurity/Information Security firm who also supports a discord community for red teaming discussion and collaboration.
  • PLC — General community for people interested in the world of Programmable Logic Controllers (PLCs). PLC has a prominent group interested in OT and ICS principles and best practices.
  • RFID Love by Iceman — Group dedicated to RFID research, specifically revolving around the Proxmark3 device. Iceman and his team develop the most-prominent firmware for the Prxomamrk3 on GitHub.
  • Flipper Devices — Community for people interested in the Flipper Zero and other upcoming devices from the company.

Red Teaming and Offensive Security#

  • Red Team Alliance — Training and community focused on adversary simulation and physical security. One of few spaces that explicitly bridges cyber and physical tradecraft.
  • VX-Underground — Public archive of malware samples and academic malware research papers. Important for understanding threat actor TTPs in a research context.

OT/ICS Security Communities#

  • CISA — The USA's Cybersecurity and Infrastructure Security Agency (CISA) has email newsletters outlining recent CVE's, potential impacts to OT/ICS infrastructure, as well as OT/ICS security training.
  • EnergySec — Community focused on energy sector cybersecurity, including OT environments. Hosts forums, working groups, and annual events.
  • ISACA ICS/SCADA Group — Professional community within ISACA focused on control systems governance and security frameworks.

Physical Security and Locksport#

  • /r/lockpicking — Locksport community with a strong focus on sport picking, belt rank challenges, and mechanical security research. Entry point for understanding physical security controls.
  • TOOOL (The Open Organisation Of Lockpickers) — International locksport organization. Publishes research on lock vulnerabilities and hosts local chapters.
  • Deviant Ollam's Resources — Practitioner resources from a well-known physical penetration tester. Covers locks, access control, and physical red teaming methodology.

CTF and Training Communities#

  • CTFtime — Aggregator for Capture the Flag competitions worldwide. Participating in CTFs builds the technical skills needed for real-world red teaming.
  • PicoCTF — Beginner-friendly CTF platform from Carnegie Mellon University. Good structured starting point for people new to security challenges.
  • HackTheBox — Gamified lab environment with machines ranging from beginner to expert. Useful for building hands-on skills in a legal, controlled context.