Author Topic: Free training. Does it exist?  (Read 3574 times)

0 Members and 1 Guest are viewing this topic.

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Free training. Does it exist?
« on: February 11, 2014, 03:16:05 am »
In light of the fact that I'm going to be building a little home lab for pentesting, I have decided I need some resources for a little guidance. Simply put, I have two requests.

The first request; Does anyone know of/have any books related to penetration testing/exploiting networks in particular that would be a good read to go along with a lab? I'm really not looking for a book that contains nothing but using various metasploit modules against a network. I'm looking for a book that is a high/professional quality resource on pentesting a network. I've searched, but all books I find pretty much involve installing Metasploitable in a VM and using metasploit(go figure).

The second request; Are there any good hands on courses that are free involving the same topic? Does that even exist? Places like edX and Coursera don't seem to have much in that regard. Something kind of like: https://www.pentesterlab.com, but instead of web pentesting it involves network pentesting. Thank you.
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline RedBullAddicted

  • Moderator
  • Sir
  • *
  • Posts: 519
  • Cookies: 189
    • View Profile
Re: Free training. Does it exist?
« Reply #1 on: February 11, 2014, 07:22:43 am »
Why not trying it from another perspective. You could read about the gear you use and what security features they provide and afterwards think about a way how to get through them :) The switch you have can't do any of them but basically switches can do: arp protection, dhcp protection, 802.1x, port security, mac lockdown, connection-rate filtering, virus throttling, ACLs.. just to name a few. The firewall you plan to setup on the other hand provides other features. There is even a snort module for it :) create some rules, see if they take affect when you perform a specific task and then try to hide what you are doing so the snort rule will not take affect. Thats the fun you can have with a lab. Be creative, in the end you do exactly know what needs to be avoided cause you created all rules on the security devices by yourself :)

Cheers,
RBA
Deep into that darkness peering, long I stood there, wondering, fearing, doubting, dreaming dreams no mortal ever dared to dream before. - Edgar Allan Poe

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: Free training. Does it exist?
« Reply #2 on: February 11, 2014, 07:28:56 am »
I just feel all scatterbrained sometimes. How do I know where a good place to start is? For example, jumping right into learning how to bypass intense firewall rules before learning the smaller stuff will probably leave me confused and frustrated. I'm trying to avoid trying to fly before learning how to walk.... so to speak.
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline Traitor4000

  • Knight
  • **
  • Posts: 191
  • Cookies: 8
    • View Profile
Re: Free training. Does it exist?
« Reply #3 on: February 11, 2014, 02:48:07 pm »
I mean i guess there is PWK I am not quite sure if what your looking for is in the course but it is expensive... *cough* piratebay *cough* of course you wont get access to their virtual labs but since your setting up your own you could probably replicate them.
« Last Edit: February 11, 2014, 02:48:31 pm by Traitor4000 »
The most vulnerable part of an impenetrable system is those who believe it to be so.

Offline LinuxSTAIN

  • NULL
  • Posts: 4
  • Cookies: 2
  • Free The Truth!
    • View Profile
Re: Free training. Does it exist?
« Reply #4 on: February 11, 2014, 06:09:48 pm »
I have about 50 books in full edition PDF format. anything and everything you could possibly buy pertaining to net sec and hacking. I have all of syngress books covering the topics as well as the latest in pen testing, 2013 and 14. As well as icluded dvds and isos. if I have the permissions necessary I will upload them all to this forum for all of us to enjoy.


Offline rasenove

  • Baron
  • ****
  • Posts: 950
  • Cookies: 53
  • ಠ_ಠ
    • View Profile
Re: Free training. Does it exist?
« Reply #6 on: February 11, 2014, 06:39:24 pm »
I have about 50 books in full edition PDF format. anything and everything you could possibly buy pertaining to net sec and hacking. I have all of syngress books covering the topics as well as the latest in pen testing, 2013 and 14. As well as icluded dvds and isos. if I have the permissions necessary I will upload them all to this forum for all of us to enjoy.

Yes please, it will be very much appreciated.
Do use the EZ upload service to upload the books and use the attachment option to upload all those videos and iso's. Post them in the ebook section. Thank you.
+1 :)
« Last Edit: February 11, 2014, 06:43:15 pm by rasenove »
My secrets have secrets...

Offline Corrupted_Fear

  • Knight
  • **
  • Posts: 336
  • Cookies: 34
  • Is dangerous to go alone! Take this! @xxxx[{:::::>
    • View Profile
Re: Free training. Does it exist?
« Reply #7 on: February 11, 2014, 07:27:50 pm »
This isn't exactly related to pentesting or hacking much at all, but Professor Messer has a great set of videos on his site (http://www.professormesser.com/free-a-plus-training/free-a-plus/) that are directed toward the A+ certification. It's all basic computer knowledge, very basic computer knowledge, but covers a pretty big range. I liked them, and have helped me, plus they're free.

by | Angel | Devil |

"Welcome to le trove that is my home. Welcome to EvilZone." -- DeepCopy

Offline vezzy

  • Royal Highness
  • ****
  • Posts: 771
  • Cookies: 172
    • View Profile
Re: Free training. Does it exist?
« Reply #8 on: February 11, 2014, 08:36:45 pm »
Several recommendations:

*Participate in wargames like SmashTheStack and CTFs like Stripe. Also try out Matasano's cryptographic challenges, they'll teach you a lot about complex cryptanalysis.

*A very good, and I cannot stress this enough, book on penetration testing and information security is The Art of Software Security Assessment: Identifying and Preventing Vulnerabilities. It's a long tome (around 1200 pages), but it's an excellent read. Highly recommended. I'm not sure if it's on EZ. If not, tell me and I'll gladly upload it.

*Download some VMs from VulnHub or the like.

*Try out some open-source vulnerable web applications like WebGoat and RailsGoat. OWASP has plenty, look them up.

*OpenSecurityTraining.info has some great courses.
Quote from: Dippy hippy
Just brushing though. I will be semi active mainly came to find a HQ botnet, like THOR or just any p2p botnet

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: Free training. Does it exist?
« Reply #9 on: February 11, 2014, 08:39:47 pm »
Awesome vezzy, thank you. I'll look for that book. Have a cookie for that site that's pretty much what I was looking for.

Thank you everyone, I guess I could have found a lot of that stuff on my own. I had a bad day yesterday and was feeling very flustered/couldn't focus. Sorry about that.

+cookies n' shit.
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python

Offline noob

  • Knight
  • **
  • Posts: 202
  • Cookies: 29
    • View Profile
Re: Free training. Does it exist?
« Reply #10 on: February 12, 2014, 12:45:04 am »
Several recommendations:

*Participate in wargames like SmashTheStack and CTFs like Stripe. Also try out Matasano's cryptographic challenges, they'll teach you a lot about complex cryptanalysis.

*A very good, and I cannot stress this enough, book on penetration testing and information security is The Art of Software Security Assessment: Identifying and Preventing Vulnerabilities. It's a long tome (around 1200 pages), but it's an excellent read. Highly recommended. I'm not sure if it's on EZ. If not, tell me and I'll gladly upload it.

*Download some VMs from VulnHub or the like.

*Try out some open-source vulnerable web applications like WebGoat and RailsGoat. OWASP has plenty, look them up.

*OpenSecurityTraining.info has some great courses.

Can you upload this book pls?

Offline vezzy

  • Royal Highness
  • ****
  • Posts: 771
  • Cookies: 172
    • View Profile
Re: Free training. Does it exist?
« Reply #11 on: February 12, 2014, 01:43:50 am »
Quote from: Dippy hippy
Just brushing though. I will be semi active mainly came to find a HQ botnet, like THOR or just any p2p botnet

Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: Free training. Does it exist?
« Reply #12 on: February 12, 2014, 01:46:25 am »
Yup I found it. It's a chm which I don't really prefer but hey, it's knowledge.
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python


Offline lucid

  • #Underground
  • Titan
  • **
  • Posts: 2683
  • Cookies: 243
  • psychonaut
    • View Profile
Re: Free training. Does it exist?
« Reply #14 on: February 14, 2014, 12:08:22 am »
Awesome thank you. +1
"Hacking is at least as much about ideas as about computers and technology. We use our skills to open doors that should never have been shut. We open these doors not only for our own benefit but for the benefit of others, too." - Brian the Hacker

Quote
15:04  @Phage : I'm bored of Python