Cybersecurity and Ethical Hacking is HUGE when it comes to categories in it and especially from a corporate/employment, this is one of the main realisations I have come to this week, it reminds me of when I got my first job in an ‘IT Helpdesk’ many a year ago, you go through higher education thinking about working in IT without any real comprehension about what roles there will be available.
I can remember working in the helpdesk and being explained to about all the 2nd and 3rd line support teams like Desktop, UNIX, Application Support, Server, Networking, Infrastructure and the like and where I am at just now reminds me very much on that experience although I am much older and wiser and clued up to cybersecurity.
In my thirst for cybersecurity knowledge, I have been listening to podcasts, reading books and articles as well as watching YouTube videos and hearing things like Red Team, Blue Team, Penetration Testing, Wi-Fi Hacking, Android Hacking, Injection, WEP and WPS Attacks, SQL Injection and the list goes on.
The plan is to take my time learning about them all and then following/focussing my interests which I imagine to be CTF (capture the flag) games, learning Linux Kali/Linux Parrot and their tools a lot more and hardware devices like the kinds you find at Hak5.
CTF is a cybersecurity type competition where the contestants taking place are given different levels of difficulty and different challenges that focus on Exploitation, Crypto, Reverse Engineering and such, I was actually blown away by how many CTF sites there was for people to play and practice.
Playing CTF is an excellent way for security professionals, system admins, web developers, ethical hackers to really grow their knowledge and I can’t wait to get started to be honest, I have finished the networking videos I mentioned in previous blog post and my plan is to move onto ‘Ethical Hacking Extreme: The Career Accelerator Program’ which covers the following.
Test Report Template
Penetration Test Report
Set up VM’s with Parrot
- Stage 1 – Information Gathering
Passive Information Gathering
Active Information Gathering (Host Discovery)
Active Information Gathering (Scanning)
Penetration Test Report Phase 1
- Stage 2 – Threat Detection and Vulnerability Analysis
Searching for CVE
Searching Exploits using SearchSploit
Version Detection in Metasploit ( Additional Lecture for Practical )
Threat Analysis on Samba
Penetration Test Report Phase 2
- Stage 3 – Exploitation
Selecting an Exploit
Selecting a Payload
Launching an Attack
Penetration Test Report Phase 3
So will definitely be getting into the nitty-gritty of it all and PROPERLY start to feel like I am getting going.
The plan is to blog each stage from the above course so hopefully another post this week or next on ‘Stage 1 – Information Gathering’ although I must admit I have been looking at Cybrary, Pentester academy and EH Academy so if I decide to go with any of them before the week is out I will let you know what I choose.
With regards to going over networking, I am 100% positive I made the correct choice in doing so, you really need to know about External/Internal IP Addresses, Ports and which each one is used for (Here is a cheat sheet for you), understanding the OSI Layers, DNS etc
Also, I purchased the Alfa AWUSO36NH and also have the AWUS036NHA on its way too ?
Here is a couple of decent articles and a video that is ‘Computer Networking Tutorial for Beginners & Basics Network Fundamentals.
“I decided to offer my own take on networking basics to make certain that everyone here has these basic skills down, which I consider foundation skills for hacking. In reality, without basic networking and Linux skills, becoming a master hacker will certainly remain beyond your reach.”
“Recently, there have been some questions regarding networking popping up and we have decided to put together this series to try and cover this gap.”
Computer Networking Tutorial for Beginners & Basics Network Fundamentals
Also, I am super excited to tell you I have a ‘Bash Bunny’ from Hak5 on its way which I can’t wait to start playing with and working in IT I’ve access to many people for testing ?
As well as all of this above I am looking to be getting a subscription to ‘eforensicsmag’ but it is pretty expensive so won’t be getting it at the moment but hopefully soon.
Just a quick update for you, will be updating the site over the coming week or two by adding pages, getting it aesthetically more pleasing and adding an advert or two, I don’t expect to actually make anything off of them but if I do it will be going straight back into the page.