Jump to content

Friend/Mentor/Direction/Help? All of the above.


Recommended Posts

Hey, everyone!

First off, I'm new here. I've been doing my best to look around the forums and do as much research as I can on my own but it still leaves me wanting one thing...Help.

A bit about myself first. I've been working with computers for as long as I remember and just 5 years ago I decided to give myself a bit of direction and shoot for a network Admin or Engineering position but it wasn't until the past year that I've wanted to get into the InfoSec field and I really don't have anyone that I know to bounce ideas off of or just talk tech. I've gotten a few of the basic CompTia certs and then Cisco CCNA R&S and Security certs which has taught me so much but I've recently been studying some Cybersecurity and Pentesting courses. Now I just feel lost with what I should really stick with to study.

I work in a small/med size business as the only IT staff so I do everything there but I'm desperately trying to get into an large to enterprise size environment to learn even more and not be stuck in a bubble.

Would anyone be willing to offer some career advice or direction on what to actually shoot for to be in the InfoSec field? I would love to be a pentester but I have little to no programming experience right now and I really want to be involved in managing security appliances and kind of on the front lines of being a defender.

I currently have a handful of courses of Udemy for Pentesting (The Cyber Mentor) and then some Cisco CCNP Route, Switch, And Security courses to brush up on and stay current.

I'm really trying to find a community in my city to network and make friends for personal and career advancement but I don't even know where to start.

I'd love to have someone to just ask questions when I get stuck on a Kali tool or just how to make myself more valuable as a potential job candidate.

Any help would be appreciated!

Link to post
Share on other sites

We have a whole topic on it that you can find here. It's a great starting point.

 



Also check out the IRC, discord etc etc.

Edited by Rkiver
Link to post
Share on other sites

Hey justLooking.  If your doing the The Cyber Mentor course where he has you create VMs and a domain and all that, when you get to pivoting between the two VMs could you let me know if you get that to work?  I couldn't and couldn't figure out why.  I'm going to try again today or tomorrow using a different approach but I could pivot between some of my old winxp VMs like nothing...I just can't seem to do it using the VMs I created for his course.  Thanks.

Link to post
Share on other sites
10 hours ago, Rkiver said:

We have a whole topic on it that you can find here. It's a great starting point.

 



Also check out the IRC, discord etc etc.

Yes, thanks! I've started here but I just feel very overwhelmed with the information so I decided to start reaching out to the community as well. I have some books I want to order to read for sure, podcasts like Beers with Talos, DarkWeb Diaries, Hak5's Threat Wire, and Security Weekly I try and keep up with, plus lately the Talos security blog and random Youtuber's channels.

I need to get into an IRC chat since that seems like the thing every IT person needs to have done by now!

7 hours ago, Bob123 said:

Hey justLooking.  If your doing the The Cyber Mentor course where he has you create VMs and a domain and all that, when you get to pivoting between the two VMs could you let me know if you get that to work?  I couldn't and couldn't figure out why.  I'm going to try again today or tomorrow using a different approach but I could pivot between some of my old winxp VMs like nothing...I just can't seem to do it using the VMs I created for his course.  Thanks.

Yeah for sure! I have GNS3 for those types of labs but I tend to get sidetracked. What lesson is it so I can try to revisit it?

I know at one point Armitage was being used to compromise an dual-honed server to pivot that way. Is it along those lines? GNS3 was a PITA to setup for a while but it's amazing to use. I also have an HP server with extra NICs I could probably mess around with for a real attack.

Link to post
Share on other sites

I started to mess with GNS3 then like you said, got sidetracked.  For cyber mentor it was chapter 19 post exploitation.  He talked about pivoting, modified the VMs a bit and showed it working.  I did the same but couldn't pivot for some reason.  I tried multiple Kali and Parrot VMs with and without armitage all with no luck.  I did however try it on some older xp VMs and I could pivot just fine.  So either I missed a step or he left a step out.  But either way I would like to get it to work.  I'm going to start messing with them again now.

Link to post
Share on other sites
5 hours ago, Bob123 said:

I started to mess with GNS3 then like you said, got sidetracked.  For cyber mentor it was chapter 19 post exploitation.  He talked about pivoting, modified the VMs a bit and showed it working.  I did the same but couldn't pivot for some reason.  I tried multiple Kali and Parrot VMs with and without armitage all with no luck.  I did however try it on some older xp VMs and I could pivot just fine.  So either I missed a step or he left a step out.  But either way I would like to get it to work.  I'm going to start messing with them again now.

I'll have to take a look at this sometime during the week since I've only made it to Chapter 13! I had so many issues with HackTheBox and OpenVPN so I got stuck there for quite a while. I'm not sure what  versions of OS you are running but the first thing that came to mind is maybe you have a patched version of the OS? Unless it's a network based attack like a MITM as opposed to Windows exploit.

I haven't messed with ParrotOS but I do have a copy. Trying to get a grasp with Linux in general since I have maybe a years experience.

 

Link to post
Share on other sites

So I'm going to ask a question here and maybe even make my own topic on it cause this ones a bit interesting...  So the issues I'm running into seem to really stem from the architecture.  The win10 VMs from cyber mentor and now my physical win10 boxes that I'm practicing on are all 64bit.  The vanilla style (if you will) metasploit that comes with both Kali and Parrot can do both 32bit and 64bit...but can it really do 64bit?  Or is this really something that is more tailored for metasploit pro which is paid for?  I'm about to start testing on win10 32bit just to see if any of these issues go away.  Cause with my kali and parrot VMs, I'm to the point where I can't even get psexec to work.  Which makes no sense since I know the username/password...since I created them for the box.  Anytime I'd create a 64bit payload through msfvenom my listener would crash very quickly.  And that was due to using a 32bit listener.  A 64bit listener would work but then none of the commands or options seem to work.  A 32bit payload and listener work best...but then it seems like "getsystem" and trying to get the hash don't seem to work.  And I had zero problems back in the day when I had a winxp setup...

Link to post
Share on other sites

I know I didn't mean to.  This one was more directed towards justLooking but then thought others might not see my general question.  Let me know if you want me to remove any or all.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...