When learning complex subjects with a large range of variety it can often be overwhelming to find what you need to learn in order to get “good” at your chosen discipline. Many discussions center around advice such as you need to know “everything” or other unhelpful, unspecific outlines. I’ve made an infosec mind map for my own learning which I hope you find useful. The purpose of this is to break down different topics into bite sized chunks of learning. By bite sized it may still take you a week or two to get a handle on any one topic within the map, but if you can successfully check off each item you should have a good handle on each discipline listed.
After taking on the challenge of Offensive Securities “Pentesting With Kali” (PWK) course I knew I was addicted. The buffer overflow section was so much fun I knew I needed more. There was something about subverting a program to do your own bidding by sending it a special string that to me was the epitome of hacking. Considering the extremely good experience I had with Offensive Security they were the natural choice for my next training step into the world of exploit development.
Recently I’ve been reading a ton of questions, posts and general discussion about getting into the ‘Information Security’ game, and in my opinion at least it’s typically followed up by a fair amount of misleading information. That might be a little harsh considering I’m sure it’s good intentioned, it’s also even possible that the advice worked for them (there is no one size fits all advice) but I thought I’d lay my thoughts out here in the hope of helping a new budding hacker move forward.
Cracking passwords has two aspects that need to be considered when taking into account how likely it is to reveal the information you need. They are defined as follows:
With the increase in GPU crackers, oclHashcat being my favorite, a large emphasis has increasingly been put on power as opposed to efficiency. People suspect that because they can throw a wordlist of 1 billion entries against a hash that it’s the optimal solution. I’m not saying that you shouldn’t try it as your last resort, but perhaps there is a better way to put the odds in your favour.
This is going to be a quick write up of what will hopefully become more common exploration’s into the fantastic range of vulnerable VM’s over at http://vulnhub.com/. I’m a firm believer that nothing teaches techniques like applying them to unique problems so hopefully walking through the process can help see how I go about discovering things.