The question:
I want to become proficient at pentesting on computers and phones. I have a running version of Kali Linux on my computer and am using the "Kali Linux Cookbook" as a reference. What book or online tutorials would you recommend for me to use in order to get better?
A few things I think you should do to get started.
1. Get rid of Kali. It is a shortcut to learning to have all these tools already there. You'll learn way more by figuring out what tool you need for a job/task (feel free to use the index of tools in Kali which is readily available) and installing the tool yourself. Ubuntu is the most supported hacker tool wise but there are other distros. Pick whatever suits you. Use a VM so you can undo stuff if you break your distro but that's pretty rare these days. Most things apt-get install or compile from source on ubuntu without issues.
2. You are in luck these days as there are tons and tons of resources available to learn infosec.
-Books I'd start with ( buy or torrent depending on ability)
- The latest Hacking Exposed book. The methodology it teaches is still relevant today and its a 10,000 ft view of different hacking areas
- Pick a basics of pentesting book (or a few) to start with I've stopped reading the basics books but any of them should wet your appetite.
Some examples (more netsec):
- Penetration Testing: A Hands-On Introduction to Hacking – by Georgia Weidman
- The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy –by Patrick Engebretson
- The Hacker Playbook - By Peter Kim (decent but more of an outline vs teaching)
- Metasploit: The Penetration Tester's Guide - by David Kennedy and Jim O'Gorman
Some examples (webappsec)
- Web Application Security, A Beginner's Guide - by Bryan Sullivan and Vincent Liu (read this, its decent)
- Hacking Exposed Web Applications (current version)
- Web Application Hackers Handbook (more advanced)
Some examples (social engineering)
- Social Engineering: The Art of Human Hacking
- Kevin Mitnicks books
- Social Engineering Penetration Testing: Executing Social Engineering Pen Tests, Assessments and Defense -by Gavin Watson and Andrew Mason
Some examples (Physsec/redteam)
- Unauthorised Access: Physical Penetration Testing For IT Security Teams - by Wil Allsopp and Kevin Mitnick
- Practical Lock Picking, Second Edition: A Physical Penetration Tester's Training Guide - by Deviant Ollam
Lots more here, the list is a bit dated i'll try to update it this week but it IS sorted by category
http://astore.amazon.com/carnal0wnage-20
Exploit dev
- Tons and tons of books/resources. Unless you are really really interested in writing exploits I wouldn't start here. Understanding the above will give you more opportunities for jobs in the business, writing exploits and automating tasks will come naturally as you progress
3. Pick a scripting language to work on
- python is probably most supported/popular
- ruby is what metasploit is written in, so there is value in learning that
- javascipt/node.js will be useful going forward as well
4. Online CTFs
- Pretty good list here: http://captf.com/practice-ctf/
- Vulnhub for downloadable images to try https://www.vulnhub.com/
- Search for downloadable vulnerable images to hack against herot, metasploitable, owasp broken apps
5. Training
Lots out there, plenty is torrentable or pay for it if you feel like it/can (you should if you can afford it -- those people work hard on it). With the amount of resources you should be able to learn the basics without paying a dime and seek out mentors or ask questions over email/twitter for topics you are stuck on.
Second Question:
Also, what steps did you initially take to become proficient at computer security?
-I was a computer science major in college so I came out knowing some of the basics. My job in the military was communications and I ended up doing a lot of layer 2/layer 3 stuff along with MCSE type tasks. Its going to be important for you to learn, if you don't already know, A+ type material and Network+/basic CCNA type materials. Hacking is all about exploiting the mistakes someone made setting things up, abusing protocols, but a lot of finding/identifying/exploiting misconfigurations. This is a lot easier if you understand how to do these basic configurations.
Aside from that, start practicing, reading blogs/twitter, watching talks that interest you. I'd start with a basic ones but also stuff advanced/over your head. Getting your mind blown occasionally helps let you know there really is no limit to the stuff you can do, what you can learn, etc. http://www.securitytube.net/ has pretty much everything and more content than you will ever be able to consume plus lots of free courses.
That's what I have for starters as you asked a pretty generic question, so hope that helps
Chris
Great to know! How often you would say you spend on your computer just playing around and trying new stuff?
ReplyDeleteFor all the beginner in Pentester, thank you :-)
ReplyDeleteThank you, really helpful. One more question, I'm in my early forties and thinking of getting into this stuff, really fascinated and interested, I'm more than a little computer savvy and have taught myself more than a little computer programming over the years. Would you say it's too late to get into infosec or should I just go for it?
ReplyDeleteThanks again!
Bullshite!!!
ReplyDeleteI keep hearing how the Infosec field has a shortage of folks and how welcoming they are to people coming into the field. Bahhh Humbug. I have nearly 20 years of IT experience across several platforms and have been in varied positions over those years even performing Infosec-related duties. And when I decide to leverage that experience and migrate to Infosec, specifically Penetration Testing, all I hear how I don't have any "direct experience." So all those talks boasting of a welcoming community I now see are bogus. Don't believe the hype as they say.
Thanks for putting this all together. I have a group of college students who have been coming to me for advice and this is a great place for me to point them to, and I may "acquire" some of your content to put into my reply emails for new advice seekers.
ReplyDeleteRob
glad it helped Rob.
ReplyDelete