Greetings, sorry for the wall of text and thank you for those of you who read through it entirely.
I am a junior network security professional... i guess. I have my first job in the industry and i am looking for guidance on how to get to the next level. Firstly i will list my current skillset and then i will discuss my desired field. I am about to graduate university with my BA in CS but i feel it hasn't prepared me or given me the knowledge i was after. (Maybe i was lazy when i should have been more proactive) I know basic programming, Java and C++ syntax, basic structures and functions. I never really considered myself a programmer because building a program from start to finish was always hard for me. I can read someone else's code and understand what it is doing, but creating it myself is near impossible. I have my Security+ cert with some very limited network and deadbox forensics. I have taken a couple CEH equivalent classes (Outside of my university) and was able to learn and use the tools provided with success. This, however, only made me feel inadequate because using someone else's tools without knowing what they do is disheartening to say the least. And lastly, my current position has me doing security appliance installation with a lot of the new expensive toys like fire-eye etc.. So to sum up my current low level skills:
Basic NCASE + FTK deadbox and network forensics
Average network security fundamentals (Sec+)
Basic Programming Knowledge (Object Oriented)
Basic CEH experience, using premade scripts to find vulnerabilities i don't understand and deliver a reverse shell
Average experience with current security vendor technologies.
My desired Field would be Pen tester - Network Incident Response - Reverse Malware Engineer
To accomplish this goal, i decided to do a lot of research. I found that most Pen testers are knowledgeable in scripting, programming, DB languages as well as a really strong grasp on networking. So i imagine i need to acquire those skills and do it in a way that gives me a better then BASIC understanding. So i am designing my home lab and writing a "Homemade" Degree Plan.
This is where i need advice as i want to make sure i am headed in the right direction. Firstly, i was thinking about learning key things one at a time and using them to build my knowledge base. Here is my home degree plan:
1. Learn Python. I know i need to get better at programming but i hate Java and C. I hear Python is better for those looking to learn how to automate tasks and make smaller programs faster. I have already completed Codecademy and am reading Violent Python. Is this a good first move? (I can use the book to make tools to use in my pen test lab outlined below)
2. Once i have a firm grasp on Python and more importantly i continue to USE IT, i was think of learning more about SQL and databases. I could start learning how to do manual SQL injections and really understand what i am doing during those attacks.
3. REPEAT with sniffers and security tools. After learning SQL and datebasing, with injection techniques i will start over again but this time using some security tools to get in the way/see what the network looks like when the attack is happening.
4. Once i feel i have a decent understanding on all of the above, i will tackle Reverse Engineering mMalware with IDA Pro (or free equivalent). I have taken a course at my university so it is not 100% new to me.
The next question i need help with is my lab setup. Does anyone know any resource on setting up advanced Home-labs? I want to setup an environment where i have the ability to do Malware Analysis, Penetration Testing, OpenSource Security Appliance install and Network Sniffing. I have a Cisco 3560 and a Cisco Aironet AP and an oldish server(6gigs of ram) with server 2012 and VMworkstation. Ideally i want to place the pen testing targets on the WinServer hosting VMware but i imagine i wouldn't want to host the malware analysis VMs there as well. Also i want to be able to see the traffic off a span port so i see what certain activities look like when traversing the network. Lastly i want to be able to place open source security tools in between my attack machine and victim. Should i try to set the lab up this way or am i being inefficient? Would just using the VMware workstation without the switch be good enough?
Sorry for the wall of text but i figured i should ask some smart people before i try to do this all myself and piss my wife off by buying a bunch of new hardware :)
Thanks in advance
Street
