Theme: Learn to Attack
Why?
- Purple is a lovely colour
- Lose less at CTFs
- Get another security certification
Why (srsly)
- See life/work from the other side
- Understand attacks and attacks better
- Be able to run attacks (in lab) to study them
- Get better at defence and analysis
- Make sense of pentest reports, threat intel
a bunch of VMs**, some books, and some online challenges
** and a safe place to run them, ref: 2017 lab brownbags
- VulnHubs like Mr Robot, Sokars, BadStore
- Books like Erikson, Weidman (sp)
- Chall/CTFs like (use WeChall and CTFTime)
- Bandit
- PPTL , HTB.eu , ...
MSFU Reddits / Stack Exchanges ?
- Kali (BlackArch, etc)
- Samurai WTF
PenTesting with Kali
Guided Studies (PDF, Videos) Lab Exercises
- toolset for attack and exploitation
- process and methods for attack and reporting Targets in Lab network
Offensive-Security
- Backtrack, Kali, Nethunter
- Exploit DB , ??
- live hands on test and report exam
- Bash, Powershell, Python, and Excel
- Pluralsight, DataCamp, Codecademy, local Automation Engineers