Web:
List of hacking and CTF challenges: https://www.blackroomsec.com/wp-content/uploads/List-of-Hacking.pdf
Owasp Top 10 – 2017: https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf
Deliberate vulnerable websites: http://vulnweb.com/
Google Hacking DB, Exploits: https://www.exploit-db.com/
OS:
CIS Benchmarks: https://www.cisecurity.org/cis-benchmarks/
Nessus download: https://www.tenable.com/downloads
Nix auditor: https://github.com/XalfiE/Nix-Auditor
Lynis download: https://cisofy.com/downloads/