So you want to Infosec?

The question arises time and time again “How can I get started in infosec?”. The vast amount of information out there it can to say the least make it overwhelming. I just wanted to write up a small jump start guide that can help you dive in and become a part of the fun. These are just my opinions so feel free to disagree or contact me with any others suggestions.

#1 Get a Twitter account

Twitter can be used as a very effective news feed if you follow the correct people. This will allow you to keep up to date on trending topics and ideas floating around the security world. Like most social media sites this can also turn into a big source of distraction so be careful.

#2 IRC

Many popular tools and groups have an irc channel that can help you immerse yourself daily in security related topics. Even simply observing the conversations that are happening can be infinitely educational. Get on IRC and don’t be scared to ask questions.

A few channels I like on Freenode irc:

#metasploit
#armitage
#veil
#psempire
#kali-linux
#infoseclabs
##security
#bugcrowd
#hackerone
#corelan
#vulnhub
#offsec
#python
##C
##asm

#3 Read, Read, Read

This should actually be number one but read like it’s going out of style. Anything you can get your hands on. Find books that are up to date and make a reading plan so that you can absorb the large chunks of info that are required to have a general oversight of the infosec realm. Find articles online to read, blog posts, white papers, academic papers, or any other material you may find interesting.

#4 Listen to Podcasts

This can be a great wealth of knowledge on a consistent basis if you pick the correct podcast. Best thing is you can listen to them while driving so you can squeeze infosec into every second of your day. Many experienced and respected infosec professionals have podcast that can be downloaded weekly or daily.

Here is a list of some of my favorites:

  • Paul’s Security Weekly
  • Risky Business Podcast
  • ISCStormcast
  • Exotic Liability
  • Social-Engineer Podcast
  • SpiderLabs Radio
  • Securabit
  • Defensive Security Podcast
  • Southern Fried Security Podcast
  • Brakeing Security
  • TrustedSec Security Podcast
  • Hackers on Fire

#5 Videos

Conference videos, youtube, and Securitytube combined can be a wealth of information. Securitytube offers a centralized location for everything infosec related and the creator Vivek has many megaprimers that are free and very in depth about many topics such as Wireless security, Meteasploit, and Assembly language. These mega primers will start from the basics and go deep into detail. I feel these mega primers can be a true jump start for anybody jumping on the security train. Conference videos if watched in a timely manner can give you up to date information on current research, techniques, and findings in the infosec realm. They can also be useful for years to come. Binge watching videos and trying the techniques can help you rapidly grow.

#6 Home Lab

Hands on is a must. Get in there and get you hands dirty.  Don’t be afraid to fail as those are the times you will learn the most. Setup scenarios and test every software and OS you can get your hands on. Without hands on experience you are going to waste tons of time when you actually try to do things you thought you had down because you understood the concepts. No amount of reading can suffice for real hands on experience.

These are just a few ideas that can help you start on a learning track.

Part 2: So you still want to infosec?

 

Jumping into exploit development

I have done a little bit of exploit development over the years starting with stack overflows, reading Hacking The Art of Exploitation, The Shellcoders Handbook Second Edition, and some CTF related stuff but I really had let my skills fall stale in the last few years. I went seeking out resources to freshen up my knowledge and found that it was spread out all over the place. So I figured why not put them all together for anybody looking to refresh their memory or just get started learning. I feel that at least a fundamental understanding of exploit development at the very least enough to make modification to public exploits is necessary for anybody seeking a career in penetration testing. Also it’s just downright fun to play around in a debugger.

Books

A couple of books that I referenced above that got me started  and can give you a great foundation

Hacking the Art of ExploitationThe Shellcoders Handbook 2nd Edition

Shellcode

You going to need to learn some assembly to understand what you are seeing in the debugger and also for writing your own custom shellcode:

A great place to start is with securitytube.net that offers a great class on assembly language

Securitytube Windows assembly language megaprimer can be found here 

Securitytube Linux assembly language megaprimer can be found here

You can then follow this up with the Securitytube buffer overflow for Linux megaprimer here

The Shellcoders handbook serves as a great resource which you can buy from Amazon

Shellcoding for Linux and Windows tutorials be found here

The project shellcode tutorials can be found here

Windows exploitation

Of course first and foremost @corelancod3r has some excellent material you can find here

fuzzsecurity has some great stuff as well here

Opensecurity training @opensectraining offers a great wealth of information on the topic here

Opensecurity training also has a video series to accompany some of the topics that I found very useful here

A wiki on metasploit that has some great info can be found here

A great @metasploit post about stack overflows that is very detailed can be found here

The grey corner posts some detailed material

  • Stack based overflows here
  • SEH stack based overflows here

Linux exploitation

Fuzzysecurity also offers material on Linux exploit development here

Corelan coder does the same with his Linux exploit material here

Exploit databases

Exploit databases can be a great place to see already working and public exploit code. Taking a look at code and understanding it can be a big step towards writing your own successful exploit code.

Some sites to find exploit code:

@exploitdb run by Offensive Security(@offsectraininghere

@Rapid7 provides some good information including available modules for metasploit here

There are probably many more good resources out there so feel free to tweet me. I love to post resources to help people find good material that has helped me so you will probably see a lot of that on this blog. I hope this list grows as people give me suggestions.