Jump to content
Hak5 Forums
flux3d

Starting in pen testing

Recommended Posts

flux3d   

Hey Y'all,

First off thanks for taking the time to read this, and second I have always been interested in pen testing I am currently studying networking and was wondering if there are any good reads and or practice labs you wold recommend on setting up for a learning tool. 
 

Share this post


Link to post
Share on other sites
Rkiver   

There are a few great books, https://www.nostarch.com/pentesting is one that Shannon actually recommended and is a great read.

It's not too expensive, and it gives an idea on how to get started and see if it's really something you want to do.

http://thehackerplaybook.com/dashboard/ is also a nice one.

 

As for building a lab. Any open source VM system, some Virtual machines, and start poking and seeing what you can figure.

  • Upvote 1

Share this post


Link to post
Share on other sites

Great site for programing and computer security books is: https://www.packtpub.com

Packt Publishing also offers a FREE eBook download everyday: https://www.packtpub.com/packt/offers/free-learning

It is a legit business that I have purchased books from on Amazon but they also have there own site where you can save a ton of money on books.

Share this post


Link to post
Share on other sites
digip   

start with some reading up on the concepts, and video tuts form places like security tube, youtube will get you started. Cybrary is more like reading for theory and concept, and sure they give you some ideas on tools to try, but not much hands on hacking as much as reading help files. Georgia Wiedman's course is the exception though, and she goes through some basics of using linux in general to methods of penetration testing(she also wrote a book). There is also the guide to Metasploit - https://www.nostarch.com/metasploit which may have a little bit difference from the latest and greatest MSF, but is still a good primer as well as the offsec MSFU wiki. https://www.offensive-security.com/metasploit-unleashed/

When you're ready to try actually performing the tasks, you'll need a lab. For me, I have vmware and virtual box setup so I can run Kali in a VM and import various CTF's to play with. Vulnhub is an EXCELLENT site for just such fun. Getting OVA's to play nice in vmware is a PITA though, so I run both vmware for kali and virtualbox to host the OVA's. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×