.

A little bit of guidance..

<<

mayjune

Post Sun Jan 16, 2011 10:48 am

A little bit of guidance..

Hi,

I am sorry if the post is in the wrong section but couldn't figure out where to put it. I am kinda stuck as to how do i plan my learning. I have joined hackingdojo level 1, its going good but a bit slow. I asked The trainer (Thomas) for some guidance. He recommended me to do some project with some open source projects out there. To build up my basic knowledge I have compiled a list of books to read.

Currently I am reading
A Practical Guide To Linux Commands, Editors, And Shell Programming

I plan to read the following books :-

01) Operating System Concepts

02) Counter Hack Reloaded 2nd Edition

03) Programming Grounds Up

04) Computer Organization and Design, 3rd ed, 2005 - Patterson & Hennessy

05) TCP IP Illustrated Volume 1 - Richard Stevens

06) Malware - Fighting Malicious Code (2003)

07) NMAP - Network Scanning - Fyodor

08) Professional Penetration Testing Creating And Operating A
Formal Hacking

09) Wiley - Reversing-Secrets of Reverse Engineering [2005]

10) Reverse Engineering Code with IDA Pro

11) Linux Kernel Development 3rd Edition

12) Honeypots For Windows (2005)

13) Internet Denial Of Service - Attack And Defense Mechanisms (2004)

14) A Buffer Overflow Study - Attacks and Defenses (2002)

15) Hacking - The Art of Exploitation 2ND Ed

16) Gray Hat Hacking: The Ethical Hacker's Handbook

17) Lenas Reverse Engg Tuts (video series)

As per my research, each are excellent books in there domains ( I maybe wrong). Now. I don't know if I am doing it right.

Should I include something in this?
Should I change the order of reading?

I wanted to target nmap for Google Summer of Code. But then, I am not sure if its too far fetched idea! What all open source projects can I target and study accordingly for Summer of Code or Otherwise!

I have 6 months free, so I can dedicate my time for it.

Thanks for your valuable input.
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Sun Jan 16, 2011 11:52 am

Re: A little bit of guidance..

What prior skills do you have? How much is your experience in programming (What languages too)? Linux experience? Networking knowledge? etc.. Without having a proper idea of your present skills it'll be difficult to suggest a route to you.
If you can't decide on a open source project to contribute then I would suggest reading Building Open Source Network Security Tools
( http://www.amazon.com/Building-Source-N ... 325&sr=8-1 ) It'll surely take your programming skills to the next level and will help you understand how various other open-source tools work.

Also, I see some university course books in your list. Be sure to study them with programming projects from various universities. Again, in addition to improving your programming skills, these projects help you in getting a better picture of the subject. For eg. the below page goes with the first book in your list.
http://www.scs.stanford.edu/11wi-cs140/
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Sun Jan 16, 2011 12:53 pm

Re: A little bit of guidance..

Looking over your list...

I'd get the following:

Hacking for Dummies. Don't let the name fool you. Broad overview of the things hackers can do.

Security+ Get Certified Get a Head. It also covers a lot of stuff, but gives you an idea of what best practices should be too.

Dive into Python or Dive into Python3.

Grey Hat python

and a book on wireshark. Wireshark Network Analysis maybe.

I'd put the books in this order:
Operating System Concepts
Hacking for Dummies
Security+ Get Certified Get a Head
(read python at the same time as the above 3 books)
Professional Penetration Testing Creating And Operating A Formal Hacking Lab (at least the part on setting up the lab).
counter hack reloaded

I'm actually reading Learning Perl, Counter Hack Reloaded, Professional Pentesting, and Hacking Exposed: Wireless, right now at the same time. Read 1 chapter, switch books. getting about a chapter to a chapter and a half a day. (Reading them like I was back in college).
OSWP, Sec+
<<

mayjune

Post Sun Jan 16, 2011 10:41 pm

Re: A little bit of guidance..

Thanks a Lot guys.

I'll tell a bit more about myself. I am student in BE IT.

I *Luckily* flunked my Maths Exam last sem, gave exam last month again and now I have to wait 6 months to join for the 7th Semester.

I say luckily coz now I have full time to learn the basics of hacking. I have done my CCNA.

I have basic knowledge of networking, C and C++. But that I studied for the college. So To improve my basic knowledge I included the books above.

Thanks for the idea of doing project. I found a list of following links that should be helpful to create my own small OS to learn from

http://en.tldp.org/HOWTO/Unix-and-Inter ... atomy.html

http://www.osdever.net/tutorials/view/b ... t-tutorial

http://www.scs.stanford.edu/11wi-cs140/

http://mikeos.berlios.de/write-your-own ... #gofurther

http://wiki.osdev.org/Main_Page

http://wiki.osdev.org/Tutorials

I don't know Linux but I am going through the first book mentioned above - A Practical Guide to Linux® Commands, Editors, and Shell Programming. I am using Backtrack 4 R2 on VMWare (installed).

Making my own OS looks really fascinating to me. What other small projects Can I do? Any other suggestions you would recommend to me. I Think as a noob what really overwhelms us is where to start from since everything is so connected that to understand one thing you need to know something else....

Pen Testing, Rev Engg, Forensics - they really fascinate me. Now three problems are there

First - Am I right that all three are *Quite* Different from each other?

Second - How do I trace back from what I wanna be, Lets say a Pen
Tester to what I am, So I can make a mental image of how to go by..?

Third - I am unable to decide which way to choose (if they are quite different), and thus how to study for it.

Thanks a lot for your valuable inputs. I really appreciate it.
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Mon Jan 17, 2011 12:30 am

Re: A little bit of guidance..

Edit:
Oh sorry, miss understood what you meant, I thought you meant to change tracks from one spot to another.

You're list above is a decent road map to get you to the pentester. You'll need some hands on. Which the books I recommended will help you on.

I left the original post below, because while not relevant to this I thought still had good info in it.

-------------------------------------------------------------------
Why backtrace? Why not just dive into all of it?

http://www.sans.org/cyber-guardian/

You'll notice the core skills, and then the specialized skills.

I'm a blue (defensive) person myself, but if you look at my certs at the bottom, you'll notice that one of them is a red (offensive) cert.

Learn both. Your bigger problem is to focus. Get your math up. Degrees help get you past the gate keepers.
Last edited by rattis on Mon Jan 17, 2011 12:33 am, edited 1 time in total.
OSWP, Sec+
<<

mayjune

Post Tue Jan 18, 2011 1:54 pm

Re: A little bit of guidance..

Thanks a lot! :)

Ill work on Linux, Networking and Operating System Concepts. Will get back to you when I need more help.

Cheers.

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software