Need guidance

This topic contains 9 replies, has 8 voices, and was last updated by  hanyhasan 6 years ago.

  • Author
    Posts
  • #8442
     meetjsh 
    Participant

    Hello friends,

    After almost 6 yrs of experience in different domains, I have now landed in Information security field. Where my work is nothing but maintain some documents and copy-pasting some articals from new paper and sending them to other colleagues. I thought , it would be better to know more about Info Security field and make future in this as it sounds interesting to me. I have started it last year already 27 yrs old. I bought few books and used google for it and learned basic of C, Ruby and Python. Which I almost forgotten after 3-4 months. I have tried all possible ways to get more knowdege like reading security+, network +, basic ethical hacking books..Joining a onlline hacking course but all in vain as without practical it will not lead anywhr and theortical part will drained away from mind after somtime.finaly I m here… My question are

    I decided to go for EC council CEH exam..going to take one more online course as I dont have any practical knwldge.. i thnk it migt help..
    could someone please let me know if there is any other certificate which has same or better value than this and reasonable to giv a try.

    Sould I still concentrate on programing as I think without practical it is no use…
    How to get a job in this field which keep me busy a bit in technical issue so i can learn and apply the techniques which i am using in net.

    Is there any online Skype, gtalk comunity who worked together on inforamtion security projects and ready to help new comers.. I m in Germny..

    Would be very thankful for your suggestions..
    Regards,
    meet

  • #52963
     dynamik 
    Participant

    Look at the courses from eLearnSecurity and Offensive Security.

    Also, look into setting up a virtual network where you can create vulnerable virtual machines to practice on. You will indeed lose this knowledge unless you work with it, so you need to keep active.

    Welcome to the forums.

  • #52964
     n37sh@rk 
    Participant

    ajohson is correct Offensive Security and eLearn Security are both great places Hacking Dojo also has an online hacking lab environment. I just took the class from InfoSec institute for the Ethical Hacking it gives you CPT and C|EH I passed the C|EH and am currently finishing the pratical for the CPT. If you can afford to take a call online that’s not a bad one at all. Other wise keep reading and welcome!

  • #52965
     UKSecurityGuy 
    Participant

    I’ll backup aJohnson’s recommendation of a virtual vulnerable network.

    Once you’ve created a network, create a flaw in it, and then exploit that flaw to gain your goal. Document the entire process so you can refer back to it repeatedly.

    I personally prefer creating vulnerable networks that are vulnerable due to misconfiguration rather than software with holes in them. Holes get patched, but misconfiguration almost never gets changed until someone points it out.

    Theres nothing like knowing exactly how a flaw is created to understand (and remember) how to exploit it.

  • #52966
     Grendel 
    Participant

    @n37sh@rk wrote:

    Hacking Dojo also has an online hacking lab environment.

    Yes, we have an online lab for students, but check out the “Media Page” on the HackingDojo.com site as well for information and targets to set up the virtual hacking lab, if you’re unfamiliar with this concept:

    http://hackingdojo.com/dojo-media/

    There are some of my conference talks on that page as well, but look for the one titled “Penetration Test LiveCDs – DefCon 15” for a more in-depth discussion of LiveCDs used for pentesting labs. There is a free video on setting up a lab here:

    http://hackingdojo.com/downloads/videos/virtual_lab/

    Enjoy!

  • #52967
     meetjsh 
    Participant

    Thanks a lot for prompt replies..
    Could you guys please provide you suggestion on below points..

    should I continue with Programing lang or concentrate on hacking tools and other hacking things more?
    Would it be correct for a person who does nt have any networking or IT background to start with CEH .. I think i can pass that exam after few months of preparation?

    Or will it help me out to get entry level job in pen test or hacking field?

    Thnaks

  • #52968
     Grendel 
    Participant

    You can get a job in the pentesting field with no pentesting experience, but harder to do without IT or networking – not impossible.
    Be aware that the CEH will get you past the HR filters when applying for a job, but means almost nothing to a hiring manager who is more interested in your ability to use a methodology, your knowledge of protocols and how to exploit them, and your fu with the different tools. That said, get your CEH but spend most of your time learning how to pentest, not just how to use the tools.

  • #52969
     impelse 
    Participant

    it takes sometime to learn pentest, it is constant process until became familiar.

    Use tools, build your own lab, practice attacking a server in your lab/or other lab, etc, etc.

    Remember learn to walk before running, so keep learning the base, CEH is a good knowledge, but the other training mention here are good to really acquire skills.

  • #52970
     Phillip Wylie 
    Participant

    Some good advice from the others. I have taken courses from eLearnSecurity, Offensive Security, Hacking Dojo (before it was called Hacking Dojo), and a CEH course. I learned the least from the CEH course. The CEH course taught me how to use individual tools, but not putting it together using a methodology. These other courses go beyond just teaching you the tools. I would recommend starting with eLearnSecurity or Hacking Dojo and Offensive Security after you have a better understanding of pentesting.

  • #52971
     hanyhasan 
    Participant

    Hi , take some time and watch this webinar from elearnsecurity by Armando .
    http://www.elearnsecurity.com/collateral/webinar/pentesting_beginners/
    ..
    It will answer all your question in you head, its almost 1 hour . i download it convert it to mp3 so i listen it like 3 or 4 times then i decide what i want be in ” info sec” .

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?