For books, this one is older, super basic and you can get the tools required if you email the author:
https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
But if you don't understand how the internet works on a fundamental level....not sure if pen testing should be where you start.
He may enjoy; Pentration Testing: A hands-on Introduction to hacking by Georgia Weidman https://www.amazon.com/dp/1593275641/ref=cm_sw_r_cp_apa_i_A-bsFbRMD6DN4
It focuses on Pentration Testing, the act of testing how secure a system is from unauthorized access. If he's interested in making a new firewall, he has to test it right?
I want to at least tackle a workbook on the Linux command line, review networking protocols and such, and work through Georgia Weidman's <em>Penetration Testing: A Hands-On Introduction to Hacking</em>, otherwise I fear I'd be throwing money down the drain with lab access.
Are there prerequisite certifications and/or pre-OSCP hands-on training materials that this sub recommends for noobs like me? :-)
I graduated from NTU EEE recently and have only decided to embark on the cybersecurity path after my internship which involves learning about penetration testing for an MNC. My supervisor was kind enough to actually give me some insights and let me set up my own virtual machines to learn the basics of cybersecurity and from there, I decided to take some certs (CCNA R&S, Security+ etc.) to get a better chance of going into this field in the future.
I would suggest that you pick up a book to understand how it works and try your hand on some experiments using virtual machines. TBH you only need a strong interest rather than technical skills to go into this field for an entry position so make sure that you are really interested in this path. If you have any queries hit me up.
OP, get this book. It’s a great starting point. Hands on approach to setting up a home lab and using common pen test tools.
Penetration Testing: A Hands-On Introduction to Hacking https://www.amazon.com/dp/1593275641/ref=cm_sw_r_cp_api_i_3MvcBbZFM0P1R
> Gloria book
Do you mean Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman
Penetration Testing: A Hands-On Introduction to Hacking https://www.amazon.com/dp/1593275641/ref=cm_sw_r_cp_apa_h4oYAbTMDV0T3
I personally think it doesn't go into enough detail, which I suppose is to be expected for an introductory book that covers an absolutely massive subject. It doesn't help that there's not much info out there so I'm kinda flying blind.
I have a Safari Books subscription through my job so I'm trying to supplement it with CEH resources I find.
Don't know your background. I've been doing networking and security auditing/policy type stuff for a few years, so I think I have a solid understanding of the basics. I just started Georgia Weidman's book and it seems pretty easy to follow so far. The problem is... there's just so much; it's never ending haha. Nerd out on YouTube, etc, and see what interests you. Then in the process you'll probably stumble upon other stuff you need/want to learn.
My best advice as somebody who's also just starting... just start, my friend! You got this
The basics. Id go to my local bookstore and get a good book, like the Georgia Weidman book
A person new to netsec should not be doing pentesting, just my .02.
As a pentester you would typically need to follow a methodology of some sort. Here is a well known one http://www.pentest-standard.org/index.php/Main_Page
Typically you would first enumerate all open tcp/udp ports using a port scanner such as nmap. Then you would analyze ports one by one to see if they contain any vulnerabilities. If it’s a service running an outdated version of a particular software you would look up exploit-db and see if there is a corresponding exploit. Then tweak it to give you reverse shell to your IP address in metasploit or netcat. If it’s a web service you would use web methodology such as the one from here https://jdow.io/blog/2018/03/18/web-application-penetration-testing-methodology/ to look for web vulnerabilities in the web application and attempt to gain a shell that way. After you get a shell you might be highest privileged user or you might need to escalate your privileges. If you are regular user you look for ways to escalate your privileges depending on operating system you are logged in to. Get hackthebox vip account because this will give you access to retired vms and especially windows.
The OSCP certification is pretty much is doing combination of the steps described above on multiple machines. There is a book which goes over this methodology as well https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
Here is a great resource that many people use as a resource to study for OSCP as well https://xapax.gitbooks.io/security/content/ And if you search for oscp survival guide you can get additional resource to reference. Also rtfm is a good reference book as well.
Edit: here’s a good guide on using methodology with template you can import https://411hall.github.io/OSCP-Preparation/
Also, second what /u/BigDaddyXXL said.
Penetration testing sounds like something he would like. In order to be good at it you have to fundamentally understand how machines work, this includes boring things like understanding command line programs and reading tons of man pages.
Georgia Wiedman has a book thats considered one of the essentials for pen testing https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641 That book is a little dated, but learning how to exploit old stuff and how to use the tools and start on exploit dev is great.
https://www.hackthebox.eu/ has a ton of great challenge boxes that will allow you to hack in real time and you can even join teams to learn more
Hack This Site - Hack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project. Hack This! - Want to learn about hacking and network security? Discover how hacks, dumps and defacements are performed and secure your website against hackers with HackThis!!
Finally there are some good infosec podcasts such as https://www.twitch.tv/hackerrehab and https://darknetdiaries.com/ the first which is open line and able to have live questions asked in twitch chat or via call in and the second which dissects real life hacks.
College is kind of a sham in this field a lot of the time, focusing on certifications is big for most companies, however, by the time he is in in college some of the degree programs may be better.
Georgia's book is great.
https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
When it comes to learning new things I think you have to decide for yourself what and where the worth is. Monetarily speaking I don't necessarily think you would benefit from OSCP unless maybe you tried to do cloud security. Knowledge wise I would say that you might not even learn anything directly helpful to your current job. However that being said, I think you would learn an immense amount from even attempting OSCP. The time commitment is not anything to be blink at though and you may find that your time is better used elsewhere. Hacking can be profitable and with the knowledge under your belt and a little fortitude you could turn those skills into a part time hobby that would pay fairly decently with bug bounties. Ultimately to anyone just wanting to hack for fun and not looking to do it for a career I would personally recommend utilizing free resources like https://www.hackthebox.eu/ to learn. OSCP as a cert provides you with nothing more than a playground to hack in a little bit of direction and ultimately validation with a cert. All of which say for the last one can be found for free or at least significantly cheaper than going through OSCP. Check out this book for a good intro https://www.amazon.com/dp/1593275641/ref=cm_sw_r_cp_apa_i_Pk6jFb1WSMJ31
I realy enjoyed
​
Hacking The Art Of Exploitation
​
Its a great hands on book for beginners to get started
​
https://www.amazon.co.uk/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
​
​
and for learning more about linux I would recommend
​
Linux For Hackers
​
https://www.amazon.co.uk/Linux-Basics-Hackers-Networking-Scripting-ebook/dp/B077WWRK8B
For Pen testing this is the best book. You can message Georgia on twitter and she will send you a repo link with all the files you need to follow along.
https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
I think this is the book referenced above https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
OK. If you can get to civilization, you might find this useful: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/
> I recommend George's book posted above.
This book?:
I'm b4 IT audit as well. SOX testing as well. I'm taking interviews for security positions. I haven't had a hard time with the getting interviews, but I eat, sleep, live cyber.
If you want into the field from your current situation, I highly recommend becoming all-consumed with cyber. I went from not being able to write an excel formula to scripting in bash, configuring my own network, vulnerability scanning, and am working on exploitation techniques currently. I listen to podcasts and cultivate my reddit and twitter fastidiously to laser-focus on cyber.
Get this book and learn the skills in it: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/ref=sr_1_1?ie=UTF8&qid=1513609015&sr=8-1&keywords=penetration+testing
Start a homelab with a cheap Datacenter server from ebay. Highly recommend an old R710. Many are designed for virtualization and include advanced remote controllers that allow full console access over a web socket. They also commonly come with outdated firmware that updating will challenge you A LOT to learn how to update. (hint: while the server firmware may be updated, it is separate from the DRAC. You also may need a deprecated version of JRE if you want to access it without connecting a monitor)
Or spin up an AWS instance and configure it for yourself. Distributed application architecture ("microservices") using advanced container control software (see Capital One's new software offering: Critical Stack) and data lakes are the future. Aligning yourself with skills that complement that architecture would set you up well for the future
Take the CISSP and OSCP. CISSP is only worth a small amount of respect, but I doubt you are ready for OSCP given the situation you described. CISSP will at least let employers know you're not "just another auditor". Once you have it under your belt, you'll at least be getting a second glance in the resume pile. But you'll need to continue on and get the CCNA R&S as well as OSCP.
If you like to read / work through some books, Penetration Testing by Georgia Weidman is very similar to the course materials in the OSCP and The Art of Exploitation by Jon Erickson can be very helpful.
I also highly recommend you delve deep into Linux and Windows system administration. These are topics that are not covered all that well in the books above, nor the course material you will receive. Specifically, during the Lab and the Exam, getting into a system with a low privilege shell is often not all too difficult, but privilege escalation is.
Edit: To prepare for privilege escalation, what you could do is, work your way through this "checklist" and understand why/how these commands would help you in gaining root.
Learn sysadmin skills (linux sysadmin especially), learn to program in atleast one language can be anything: javascript or even python. Learn to hack web applications. Learn about infrastructure penetration testing. Have a look at hackerone.com and bugcrowd.com. Here are some guides to get your started: Here is a copy paste of what I sent to another guy. Anyways here is my reading list: Check this too for practice: (List of vulnerable web applications that you can try on)https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project Try hackerone and bugcrowd too. Live sites you can hack. Some Stuff to read: https://forum.bugcrowd.com/t/common-assessment-tool-cheatsheets/502 https://forum.bugcrowd.com/t/researcher-resources-tutorials/370 https://ghostbin.com/paste/5o5zc https://www.reddit.com/r/netsec/comments/4k7y0q/video_of_hack_on_catalan_police_union/ http://0x27.me/HackBack/0x00.txt https://www.reddit.com/r/netsec/comments/3782hv/here_are_some_burp_suite_tutorials_for_you_guys/ Also read: 1. The Web Application Hacker's Handbook. (800 pages but just browser through it) 2. The Database Hackers's Handbook 3. Android Hacker's Handbook 4 . This book is good if you still very new: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641 Also read this: https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf and this: https://github.com/jhaddix/tbhm Also check my subbreddit: /r/netsec_reading http://www.slideshare.net/bugcrowd/how-do-i-shot-web-jason-haddix-at-defcon-23 Some more blackhat stuff: https://ghostbin.com/paste/5o5zc https://www.reddit.com/r/netsec/comments/4k7y0q/video_of_hack_on_catalan_police_union/ http://0x27.me/HackBack/0x00.txt https://www.reddit.com/r/netsec/comments/3782hv/here_are_some_burp_suite_tutorials_for_you_guys/
I'm not sure about that book. For beginner penetration testing I would grab http://www.amazon.com/Penetration-Testing-Hands--Introduction-Hacking/dp/1593275641. I think this is a terrible starting point though, the book will end up dusty in the corner of your room. I would start from the ground up, networking or learning a language or something.
This is very close to what you will be doing in the cert https://www.amazon.com/gp/product/1593275641
Not sure if it's that good for beginners, but I'd give it a try. Penetration Testing: A Hands-On Introduction to Hacking
No the Army hacker mos is 35Q. 25D is a network defense MOS. 255S is the WO MOS and I think i've heard rumors about an Officer MOS. Eventually they will all likely transition to 17 series.
The CEH is a good start, but realize that its more than about the test. Start preping now, getting books like this and this. These will give you good prep if you practice. Eventually you will want to look at certs like the CPT and the OSCP and look at seeing if a lat-move to 35Q is possible. that is if you want to go offensive. If you want to go defense you need to start reading up on computer networking (CCNA level knowledge) and intrusion detection. You should still get the CEH for DoD purposes but you'll want to work towards the GCIA and GCED. Look to lat-move into 25D. I have no idea how you get approval to go as a 25B. As you can see its possible, but I had no luck in such endevors while I was in.
If you decide to get out (if you an't move into them on the inside) Apply for NSA, INSCOM, and defense contractors. VA/MD/DC is your stomping ground. GA is a possibility, but i'd leave i as an option rather than a goal. Make sure you get your TS/SCI before you get out. (if you need help on this LMK)
This books gives you easy samples to play with: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641
It explains in an easy way how to set up vulnerable vm's and how to use exploits to attack them. The exploits mostly come from exploit-db and aren't too difficult.
This is a really good book to get you started in the right direction.
https://www.amazon.co.uk/dp/1593275641/ref=cm_sw_r_cp_apa_nyhaCbJ417EY0
By the time you've finished the Napier degree you'll be in a very good place with the addition of a couple of certifications such as CISSP. It's not actually that great a course but it appears on a lot of job requirements.