Actually, start with some programming, then move on to "The Art of Exploitation" it's the best book on "hacking" I've ever used...
Swiggy is wise. Listen to Swiggy.
Also check out the book, “How to Disappear.” Don’t keep it at home. Keep it at a friend’s house.
How comfortable are you with python in general? There are some sites out there like codesignal.com that offer many small Python challenges you can do reasonably quickly. As far as "Black Hat Python" drills, not many that can be finished in 20 mins. but you can always follow the Violent Python chapters while at work. That's what I did, and it seems to go pretty smoothly.
has anyone else thought of maybe buying a one-way to ticket somewhere and maybe start anew and maybe only tell 1 or 2 people about it?
i think i've been so obsessed with the idea of disappearing that i even ordered this book from my bookstore
Also, second what /u/BigDaddyXXL said.
$39 on Amazon brand new if you are in the US - even free shipping if you have Prime. I would suggest used - good/like new but they only save you like $5 so might as well buy new.
https://www.amazon.com/Violent-Python-Cookbook-Penetration-Engineers/dp/1597499579/
Practical Malware Analysis by Andrew Honig and Mike Sikorski:
I’m a proud owner of a signed copy by Andrew 😁
Hacking the art of exploitation (Amazon) (No Starch) is good for learning the foundation stuff. Its getting a bit old but the foundations are still the same there are just more defenses for some of the techniques now
this book taught me a bit about it. It was interesting to say the least. It gives examples of exploits, like how pointers can totally ruin someone's day.
Warning, it'll make you peek at some assembly. You don't really need to understand it fully to get the jist tho.
Computerphile also has some good videos on this topic, and how people "attack". It may give you an idea.
I don't know a lot, but this is how I learned about it to some degree until I swapped to a different education path.
Get your hands on a copy of the The Web Application Hacker's Handbook, Chapter 21. Step by step breakdown so you don't forget anything.
All he needs to run to another country is a plane ticket and this book from Amazon. It's easy really.
For books, this one is older, super basic and you can get the tools required if you email the author:
https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
But if you don't understand how the internet works on a fundamental level....not sure if pen testing should be where you start.
I have this one Learn Ethical Hacking From Scratch.
I think its not bad but course content is a little bit poor and hacking methods old.
If you want to start hacking
this books very good. Also u dont have money you can also find it on Google..
​
So the short answer is yes. I bought a book that explained how to do it, or just in general removing your digital footprint for a less visible life. I’d strongly recommend it. The first instruction in the book is to buy it with cash, so no one can trace your interest in disappearing. Bad news, it is a lot of work. Like a lot a lot of work. Probably more work than sorting out whatever you got going on, or just cutting contact with people and making a fresh start, but not totally undoable. Changing your name, cutting contact, and just moving away might be enough for what you need with less labor, but would be a far cry from disappearing altogether.
In terms of efficiently using your copious free time, there are better resources that are specifically tailored to cybersecurity as a software engineering practice. For example, if your day job is working on backends for web applications, this is a great book that I keep on my bookshelf: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
security+ won't hurt, but it's not focused on how to write secure backend code, it's focused on how to secure a company's IT systems. If you were on an infrastructure or dev ops team as opposed to backend, it might be more relevant.
https://www.amazon.co.uk/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/
The above is the best book written on the subject.
I know it's fairly old but it's still the definitive work in malwar analysis and is used as the standard book in cyber forensics university modules. There is no better place to start.
I'm learning web hacking you don't need to know how to make a website to do web hacking (though it recommend). You do need some fundamental like the basics of networking, html and how a website works. I learned (still learning)through reading books, and ctf. I recommend reading the web application hackers handbook. https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/ref=mp_s_a_1_1?dchild=1&keywords=the+web+application+hacker%27s+handbook&qid=1617744793&sprefix=the+web+application&sr=8-1
And read about Owasp top 10 vulnerability in web application
Also hackerone a bug bounty platform has ctfs about web hacking that can teach you the basic. There other sites like hackthissite,hackthebox,and tryhackme that provide web ctf to practice web hacking
I'd reccommend to read this:
https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
Pdf available online.
It's not meant for QAs directly but I think that it's very important skill to understand how things work and to be able to find the root cause of bugs.
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws https://www.amazon.com/dp/1118026470/ref=cm_sw_r_cp_api_i_zPGMFbG4F69BB
Try this book for OSWE. I wouldn’t call it a prerequisite but the more skills you have going in the easier it is. If you developed a good workflow, methodology, and try harder attitude you’ll be fine.
I honestly have no idea between the differences of the two without looking it up. I took my Net+ back in 2007. The new test and objectives should be fun because it covers all the new things out there to include SCADA. Pretty good stuff.
From my experience doing certs, I really love the "All-In-One" series books. Mike Myers has been authoring the Network+ (and other books) for a while now and he has a book on Amazon for the n10-006 version. I would highly recommend getting that!
https://www.amazon.com/CompTIA-Network-Guide-Sixth-N10-006/dp/0071848223
I strongly recommend the Comptia Network+ Exam Book. I've had it for a while now, and you will learn quite litterly everything there is to know about the backbone of networking and the internet. It's meant as a preparation for the CompTIA Network+ Certification, which certifies you are competent enough to work in a networking environment, and is very comprehensive (~ 600 pages). It was invaluable for my positions in cybersecurity.
Hacking: The Art of Exploitation
"This book will teach you how to:
– Program computers using C, assembly language, and shell scripts – Corrupt system memory to run arbitrary code using buffer overflows and format strings
– Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
– Outsmart common security measures like nonexecutable stacks and intrusion detection systems"
etc., etc.
Dunnow if it's exactly what are you looking for, but sounds similar.
Just read this book How to Disappear: Erase your digital footprint, leave false trails, vanish without a trace. I'm sure you can find it on z-lib or something
Hacking the art of exploitation (Amazon) (No Starch) is good for learning the foundation stuff. Its getting a bit old but the foundations are still the same there are just more defenses for some of the techniques now.
Google stuff until you can understand the whole book.
Hacking the art of exploitation (Amazon) (No Starch) is good for learning the foundation stuff. Its getting a bit old but the foundations are still the same there are just more defenses for some of the techniques now
Google stuff until you can understand the whole book.
Nju i powershell sam pojeo - ful korisne i praktične stvari.
Trenutno sam na Practical Malware Analysis
A škicam si od Kevina Mitnicka - Ghost in the Wires, Art of Invisibility i Art of Deception.
Yeah sounds like you have enough background now to be able to successfully make a move into netsec, it's not something that day 1 IT staff can expect to be good at or move into and is really a more advanced career path.
Sounds like your linux, and programming experience will give you an edge that direction.
A good book/resource is hacking art of exploitation https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441
This is the book I used to learn it. Practical Malware Analysis is a great resource to get started. With the purchase of the book, you get a code so you can download benign "malware" and get a hands on learning experience.
​
Looks promising from the TOC