Hey /u/Xerack! I'm the original author of the post linked here.

Appreciate the feedback! If you think I could clarify anything better, please let me know.

As far as resources for Reverse Engineering, I can provide you with a baseline that I would recommend starting with.

x86 Assembly:


If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.


A few good books would be:

• Hacking: The Art of Exploitation I am a huge advocate for this book. I learned a lot from this and have read it multiple times. It is written very well and teaches someone with no experience how to do C programming and assembly. This is mainly a book for learning exploitation/vulnerability research, but that can play hand and hand with Reverse Engineering. It will show you the assembly language break down of basic exploits and this can help you with RE.
  
  
• Practical Reverse Engineering I read through the beginning of this book and it gave me some good foundations of understanding memory and computer architecture for RE along with assembly of course
  
  
• Secrets of Reverse Engineering This book is a bit in depth, but the beginning gives another good foundation for Comp Architecture and assembly stuff.
  
  
• The IDA Pro Book Haven't personally read this book yet, but I have been told it is the defacto standard for learning IDA Pro, and it has examples you can learn from.
  
  Hands On:
  
  
  
• Legend of Random Very useful hands on with tutorials. Mainly based on cracking, but that requires reverse engineering. Highly recommend this!
  
  
• Lenas Tutorials Again, another awesome hands on tutorial, mostly based on cracking as well.
  
  
• Crackmes These are more of challenges once you start to have a little understanding down
  
  Courses:
  
  Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
  
  
  
• Basic Dynamic Analysis
  
• Real World Decompilation There are a few videos to this series and he disassembles a game, definitely nice to learn from.
  
  
  Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.

Setting up a corporation is fairly easy. It takes a few hundred dollars and away you go. You can even buy Nevada corporations via the internet with a credit card.

If you want to focus on IT and security you could get into penetration testing for web applications. There's a vast array of open source and commercial tools available. I've used "burp" (http://portswigger.net/) before and it's pretty capable and easy enough to understand (if you understand the innate nature of http/web applications and such what).

You'll need to acquire some experience with the tool and what you're actually testing for (this might be good... no idea... http://www.amazon.com/Professional-Pen-Testing-Applications-Programmer/dp/0471789666). This can be done for free on your own by picking a popular open source web application and conduct pen testing on it. You'll need to learn how best to approach the open source developers with your results (e.g. jump up and down and screaming doesn't seem to work well)... in other words how to write professional pen test reports that developers will appreciate and act on (low on attitude, high on details).

Once you're comfortable with the tools and your ability/experience then you can look at freelancing sites like odesk.com etc for work. You'll be working your ass off for little money... but you will be building a credible resume and reference-able clients (and solid real world experience).

With a set of reference-able clients you can then start pursuing direct sales/engagements... i.e. looking for local companies that need pen testing but don't wan't to deal with the wishy-washy world of places like odesk.com. With enough work your job history will be the most important thing and your past conviction will be overlooked.

Another alternative is the classic ebay business. Go to your local flea markets, yard sales, estate auctions... buy interesting items cheap... sell the items on ebay for a profit. No idea if this is doable... but you could certainly start this with under $100 and see if you can build that into $200 (or go bust). If you can figure out what sort of stuff from flea markets/yard sales/auctions can be sold for a profit on ebay you can use this to build a bit of a fund to launch another business. You could start doing this this very weekend. You could call it a hobby until you figure that you can make cash with it (i.e. PO can't complain about a hobby can he?)

Lots of small businesses can be started with a small truck and a strong back (moving, garbage removal, landscaping). If you make each client super happy with the result (cheap, fast, super polite, high quality result) you should be able to grow that to the point where you need to hire a helper... and then 2. Then another truck and more helpers.

Good luck!

Many people may disagree with me, but as a Linux user on the younger side of the spectrum, I have to say there was one thing that really worked for me to finally switch for good- books.

There's tons of wikis and forums and of course Reddit to ask questions, but it is hard to get good answers. You may end up paying for books (unless you look on the internet for books) but it doesn't beat having a hard copy in front of you. It boils down to a time vs money trade off. The only wiki I would follow is one directly from the developers that act as documentation, not a community wiki. Also worth nothing certain wikis are more tied to linux and the kernel than others, meaning some are comparable/interchangable with the distro you may be using. Still, a novice would not easily put this together.

Forums are also useless unless you have the configuration mentioned in the post or that forum curates tutorials from a specific build they showcase and you as a user decided to build your system to their specifications. There's way too many variables trying to follow online guides, some of which may be out of date.

This i've realized is very true with things like Iommu grouping and PCI Passthrough for kernel based virtual machines. At that point you start modifying in your root directory, things like your kernel booting parameters and what drivers or hardware you're gonna bind or unbind from your system. While that does boil down to having the right hardware, you have to know what you're digging into your kernel for if you dont follow a guide with the same exact parts that are being passthrough or the cpus or chipsets are different.

Books are especially handy when you have a borked system, like you're in a bash prompt or an initramfs prompt or grub and need to get into a bootable part of the system. Linux takes practice. Sometimes its easier to page through a book than to search through forums.

Another thing about being an intermediate or expert Linux user is that you don't care much about distros or what other users or communities do. It wont matter as under the hood it's all the same, spare the desktop and the package managers. Once you're out of that mentality you just care about getting whatever you want done. I'm not one of those guys that's super gung-ho FOSS and open source. I just use what gets the job done. Also from a security perspective, yes Linux is in theory MORE secure but anything can be hardened or left vulnerable. It's more configuration tied than many uses and forums or threads lead it on to be.

My workload involves talking to servers and quite a bit of programming and scripting, in a variety of capacities. That's what led me to linux over the competitors, but I'm not so prudent to never ever want to use the competitor again or have a computer with it. With understanding Linux more, I use it more as a tool than to be part of the philosophy or community, though that enthusiasm pushes for new developments in the kernel.

I'm assuming you're a novice but comfortable enough in linux to get through certain things:

In any computer related thing, always TEST a deployment or feature first- From your linux system, use KVM or Virtualbox/vmware to spin up a few linux VMs, could even be a copy of your current image. This way any tweaks or things you want to test or try out is in an environment you can start over in.

The quickest way to "intermediate-expert" Linux IMO is learning system administration.

My go to book for this is "The Unix and Linux System Administration Handbook 5th edition"

https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0134277554/ref=sr_1_1?keywords=The+Unix+and+Linux+System+Administration+Handbook+5th+edition&qid=1564448656&s=books&sr=1-1

This edition is updated recently to cover newer kernel features such as could environments and virtualization. This book also helps when learning BSD based stuff such as MacOS or FreeBSD.

Another good read for a "quick and dirty" understanding of Linux is "Linux Basics for Hackers" It does focus on a very niche distro and talks about tools that are not on all Linux systems BUT it does a good concise overview of intermediate things related to Linux (despite being called a beginners book).

https://www.amazon.com/Linux-Basics-Hackers-Networking-Scripting/dp/1593278551/ref=sr_1_3?crid=396AV036T1Y0Q&keywords=linux+basics+for+hackers&qid=1564448845&s=books&sprefix=linux+bas%2Cstripbooks%2C119&sr=1-3

There's also "How Linux works" but I cannot vouch for this book from personal use, I see it posted across various threads often. Never read this particular one myself.

https://www.amazon.com/How-Linux-Works-2nd-Superuser/dp/1593275676/ref=pd_bxgy_14_img_2/137-6604082-4373447?_encoding=UTF8&pd_rd_i=1593275676&pd_rd_r=feffef24-d3c3-400d-a807-24d8fa39cd1e&pd_rd_w=8GX0o&pd_rd_wg=3AMRB&pf_rd_p=a2006322-0bc0-4db9-a08e-d168c18ce6f0&pf_rd_r=WBQKPADCVSABMCMSRRA1&psc=1&refRID=WBQKPADCVSABMCMSRRA1

​

If you want a more programming oriented approach, if you're confortable with the C language, then you can always look at these books:

The Linux Programming Interface

https://www.amazon.com/Linux-Programming-Interface-System-Handbook/dp/1593272200/ref=zg_bs_3866_1?_encoding=UTF8&psc=1&refRID=5YN3316W22YQ4TSMM967

Unix Network Programming VOL 1.

https://www.amazon.com/Unix-Network-Programming-Sockets-Networking/dp/0131411551/ref=sr_1_1?keywords=Unix+Network+Programming+VOL+1.&qid=1564448362&s=books&sr=1-1

Advanced Programming in the Unix Environment

https://www.amazon.com/Advanced-Programming-UNIX-Environment-3rd/dp/0321637739/ref=zg_bs_3866_2?_encoding=UTF8&psc=1&refRID=5YN3316W22YQ4TSMM967

These books would take you to understanding the kernel level processes and make your own and modify your own system.

As many have mentioned, you can go into these things with "Linux from scratch" but it's also feasible to do Linux from scratch by copy/pasting commands. Unless you tinker and fail at certain things (hence do it on a vm before doing it to the main system) you won't learn properly. I think the sysadmin approach is "safer" of the two options but to each their own.

Wow, 24 hours and no replies?!

Fine, you know what? FUCK IT!

Alright, first off - While you can concentrate on physical, understanding the basics of the digital side of things will make you more valuable, and arguably more effective. I'll take this opportunity to point you at Metasploit and tell you to atleast spend an hour or so each week working to understand it. I'm not saying you have to know it backwards or inside-out, just get a basic understanding.

But you said you want to go down the physical path, so fuck all that bullshit I said before, ignore it if you want, I don't care. It's just a suggestion.

Do you pick locks? Why not? Come on over to /r/Lockpicking and read the stickied post at the top. Buy a lockpick set. You're just starting so you can go a little crazy, or be conservative. Get some locks (Don't pick locks you rely on!) at a store, and learn the basics of how to pick.

Your fingers will get sore. Time to put down the picks and start reading:

• Social Engineering - The Art of Human Hacking
  
• Practical LockPicking - A Physical Penetration Tester's Training Guide
  
• No Tech Hacking - A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
  
• Unauthorised Access - Physical Penetration Testing For IT Security Teams
  
• Ninja Hacking - Unconventional Penetration Testing Tactics and Techniques
  
• Metasploit - The Pentration Tester's Guide (OPTIONAL but suggested)
  
• The Basics of Hacking And Penetration Testing - Ethical Hacking and Penetration Testing Made Easy (OPTIONAL but suggested)
  
• Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks (OPTIONAL but suggested)
  
  That reading list right there gives you over 2000 pages to read. Read. Read More.
  
  Tired of Reading? Have you been listening to the Social-Engineer.org Podcasts? 53 quality podcasts right there. Time to catch up!
  
  Tired of listening? Take a break! And by "Take a break" I mean grab your lockpicks, a lock, and start picking while you relax with a Jayson Street video. He's fun to watch, and will hopefully distract you while you try picking a lock. Also, he highlights how you don't have to be a computer-genius to be good at PenTesting. Go watch more of his videos while you pick locks - It's entertaining at least, and informative/educational at best. Now go watch Deviant Ollam's videos if you're done with Jayson Street.
  
  Sounds like a lot? It's not. You'll spend a bit of money getting started with picks, locks, and books. It's the nature of the game, no good way around it. It's time-consuming. You may have to give up playing your favourite games for a while. But the things you learn and skills you develop will pay more than that game did. By the time you're halfway through any one of those books you'll have a much better idea of what questions you want or need to ask in order to progress further and faster every day.
  
  Go to Security Cons. DerbyCon is awesome, and happens in late September, plenty of time to start saving money and making reservations. Talk to people, ask questions, and make connections. You will learn more in those 4 days than some people learn in months or years and you'll have tons of fun.
  
  If you can swing it, attend Deviant Ollam's "Physical Security Skills for Penetration Testers" class. The things you will learn in that class will make it worth every damned penny, and you'll feel like a bad-ass at the end of it.
  
  Is this what you wanted?

Okay so there are a couple of good places to start with malware. The first is Malware Analyst's Cookbook. It is a pretty decent beginner level resource.

From there, Practical Malware Analysis is excellent and goes a lot deeper.

For free resources I've heard good things about Dr. Fu's Malware Analysis Tutorials.

You will need to have a strong understanding of reverse engineering. I like Practical Reverse Engineering or Reverse Engineering for Beginners. The latter is free.

With RE comes assembly. I learned from the free book PC Assembly Language. The RE books should have some info on assembly as well.

You should also know the systems programming API and OS internals for whatever OS you're interested in. This is most likely Windows, so I recommend Windows System Programming and Windows Internals. You can find similar books for Linux and macOS too. Having a good understanding of C and C++ is helpful for this. Also get comfortable using your assembly level debugger on your OS of choice. WinDBG, x64dbg, and OllyDBG are all good on Windows. GDB is pretty much the default on Linux, and LLDB on macOS.

I also highly recommend some scripting language, whether it's Python, Ruby, Powershell or whatever for hacking up your own tools.

Lastly, there is a list on GitHub with a ton of helpful links.

I think that's enough for now.

As far as demand it's hard to say and probably depends a lot on where you're from. It's certainly not like the demand for webdevs but there's also not nearly as many people with the skillset. I'm not a malware analyst myself, I'm more focused on security research and embedded development.

I know those skills are especially high in demand around the Washington, DC area with defense contractors and government agencies. Especially if you can get a security clearance. Most other security firms I know of are always looking for good people with strong reversing and OS internals knowledge.

Let me know if you have any questions and I will try to answer.

In my opinion; every book in this bundle is a bag of shit.

Here's a list of reputable books, again in my opinion (All links are Non-Affiliate Links):

Web Hacking:

The Web Hackers Handbook (Link)

Infrastructure:

Network Security Assessment (Link)

Please Note: The examples in the book are dated (even though it's been updated to v3), but this book is the best for learning Infrastructure Testing Methodology.

General:

Hacking: The Art of Exploitation (Link)

Grey Hat Hacking (Link)

Linux:

Hacking Exposed: Linux (I don't have a link to a specific book as there are many editions / revisions for this book. Please read the reviews for the edition you want to purchase)

Metasploit:

I recommend the online course "Metaspliot Unleashed" (Link) as opposed to buying the book (Link).

Nmap:

The man pages. The book (Link) is a great reference and looks great on the bookshelf. The reality is, using Nmap is like baking a cake. There are too many variables involved in running the perfect portscan, every environment is different and as such will require tweaking to run efficiently.

Malware Analysis:

Practical Malware Analysis (Link)

The book is old, but the methodology is rock solid.

Programming / Scripting:

Python: Automate the Boring Stuff (Link)

Hope that helps.

Don't get me wrong- BackTrack, Kali, Pentoo, etc. are all amazing tools but to recommend this to someone coming from a helpdesk role might be a bit much to grasp.
Learning how to work with the distros and the wide range of tools is great but you have to learn about the theories behind analyzing protecting the infrastructure and software.

OP, you might start with some books (these have helped me a lot in my career in security)-

CompTIA Security+ Study Guide (not a bad book and the cert is easy, provides the basics of IT security)

The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice (an easy read)

Gray Hat Hacking The Ethical Hackers Handbook (is an intro to the security world and a lot of info, more in-depth)

IT Security is an awesome field and like most IT is has many separate areas within it to learn.
Check out the links below for more info on training (there are others available these are just ones I've used and SANS has a lot of additional resoures)-

SANS Institute

InfoSec Institute

Reversing: Secrets of Reverse Engineering - Is probably the most common book recommendation. Its an older book (2005) but its about as gentle as it gets in terms of the core concepts but its missing a bit due to its age (32bit RE only). I'd liken it to something like Hacking: The Art of Exploitation for exploit developers. Its a solid book, it covers the fundamentals but it'll take a bit more work to get up to speed.

Practical Reverse Engineering - This one is a newer book (2014) while it doesn't cover as many topics as the above book, its less dated in what it does cover, and it does cast a wider net covering things you'll see today like ARM and x64 instead of just x86. I tend to recommend starting with this book, using Reversing and the next book as a reference if there is a chapter of interest.

Practical Malware Analysis - While this one has more traditional RE introduction, where it excels is in dynamic analysis and dealing with software that doesn't want to be analyzed. Now, its from 2012 and malware has changed since then, so its age certainly shows, but again fundamentals remain even if technical details change or are expanded upon.

Practical Binary Analysis - This is the newest book of the list (December 2018). It wouldn't use it alone, but after you've gone through any of the above books, consider this an add-on. Its focus is on dynamic analysis and its modern. I'll admit I haven't read the entire thing yet, but I've been pleased with what I have read.

Edit: s/.ca/.com/g

Ok - Here's a list of books I've read in the last few years

• Gray Hat Hacking - The Ethical Hacker's Handbook - Really good intro to Software Sec / Reverse Enginering / Disclosure
  
• Counter Hack Reloaded - A 'bible' of phased attacks - classic book.
  
• Guide to Network Defense and Countermeasures - Technically designed as a 'prep' book for the SCNP, it's still a great read about IPS, IDS, NetSec Policies, Proxies, firewalls, packet filtering, etc
  
• Hacking Wireless Exposed - Great intro read on 802.11 sec.
  
• CWNA/CWSP Exam Guide - Assumes 0 knowledge about RF. More intense than Hacking Wireless Exposed, but also easier to learn from. I went into this book knowing very little about RF, left it feeling confident. Well written.
  
• Snort 2.1 - Self explanatory, but a book about the IDS system Snort. Not perfect, but again, great starter book.
  
• The Web Application Hacker's Handbook - The best for last. The holy grail of web hacking. Second edition SHOULD be coming very soon, depending on the drop date may be worth it to wait.
  
  As you can tell, I'm big on the technical books, and even exam prep books. This is just a selection, but I think it's a good starter pack to some different fields.
  

Copy paste from a post I made earlier

Malware RE isn't really all that much voodoo as it seems, you take the executable and break it down into steps.

First check out the PE headers and find what strings you can, characteristics. Figure out if the malware is packed or not.

A quick and dirty way to get an idea of what it does it run it with certain tools on the system and a linux box to intercept all network communications. This is called behavioral analysis.

After that you can load it into a disassembler like IDA Pro and start looking for interesting functions or windows API calls. Things like WriteFile, VirtualAllocEx, ReadFile then figure out that they are doing.

After that you can take it into your debugger (I like OllyDbg) and set some breakpoints at interesting functions to see what the malware is doing in the stack. Like I said, its not voodoo once you look into it further.

Creating the malware is a whole different story and outside my skill set. In fact I hate programming and know only high level programming, basically I can interpret code and what it wants to do. But I have an easier time reading Assembly (lol) than something like C++. But coding malware is just like coding anything else, design it for what you want it to do and get to work. Stuff like Stuxnet had probably at a minimum 10 extremely talented coders behind it.

Here is a great list of learning sources.

Cybrary.it Malware Analysis Course - Free

Opensource Malware Analysis Course - Free

Dr. Fu's Malware Analysis Course - Free

OpenSecurityTraining.info - Free

SANS FOR610 Reverse Engineering and Malware Analysis - Expensive

Practical Malware Analysis

Practical Reverse Engineering

Malware Analyst's Cookbook

I've read a lot of these but I'm glad to see not all of them :) Adding to my reading list for sure.

Thanks!

EDIT: forgive me if these are already listed but just in case...

Bug Hunter's Diary - http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851
Gives real hands on real-life experience in a "diary" format and covers some great bugs

Gray Hat Hacking - http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071742557
Despite a bad generic "ethical" title this book goes really in-depth on a lot of subjects (almost to the point of rambling actually) including fuzzing, client-side exploits (mostly browser-based), and much more.

Hacking Windows Exposed - http://www.amazon.com/Hacking-Exposed-Windows-Microsoft-Solutions/dp/007149426X
Another generic title but this book has small good parts scattered throughout, really written more for pentesters it has some very common red team methods but also has a few hidden gems hidden within the various subjects it tries to cover.

Also for anyone looking to get TAOSSA (The Art of Software Security Assessment) it's absolutely huge and WILL split down the middle while reading...it's sitting on my bookshelf right now in its ripped state but I've read it 4 times and still don't feel like all the material has sunken in, if you're going to buy any book at all it should be that one as it will provide countless hours/days/weeks/months of reading.

You don't really need much to get started. If you have a beefy laptop or desktop you can virtualize yourself a nice lab. Download VirtualBox and get yourself a kali iso and some vulnerable machines from Vulnhub. Lots of good training is also available over at OverTheWire. I can't speak for Cybrary but I've heard good things about it. Youtube and SecurityTube have endless tutorials as well.

There are lots of good books out there too - almost too many to mention. If you're just starting, check this one out: https://www.amazon.com/Penetration-Testing-Essentials-Oriyano/dp/1119235308

EDIT: Oh, also - head over to /r/howtohack and join the IRC there. Lots of knowledgeable guys who can help point you in the right direction. You can only teach yourself so much, so find communities and bounce ideas off of other professionals' heads. Like some of the others here said, you really need to have a foundational understanding of what you're trying to hack. Most people start in tier 1/desktop support work and slowly, through time and experience, specialize in infosec. Don't every expect to just wake up and be a cyber security professional... it's going to take a long time.

Aside from SANS FOR508 (the course on which the cert is based) the following helped me:

Windows Registry Forensics

Windows Forensic Analysis Toolkit 2nd ed

Windows Forensic Analysis Toolkit 4th ed

The 2nd edition covers XP, the 4th covers 7/8

Digital Forensics with Open Source Tools

File System Forensic Analysis

This is a new book, but I imagine it'll help as well:

The Art of Memory Forensics

I read many of these in preparation for taking mine, but your best resource are the SANS class/books which is what the cert tests after. Having a good index is key.

There may be other classes out there that might help, but I have no firsthand experience with them, so I can't say what I recommend. All the above books, however, are amazing. Very much worth your time and money.

Generally speaking, "reverse engineering" implies getting an executable (like a .exe file on Windows) and trying to figure out what it does at the level of the source code. Reverse engineering is a long and tedious process that is not as simple as it sounds for several reasons.

The first thing that you have to understand is how a program goes from source code to EXE (since we're going in the opposite direction when we reverse an .exe file). When a program is written in a high level language like C or C++, it can't be run by a computer until it has been compiled, a special process performed by a compiler. Compilers take the source code, and translate it first into a middle language called an intermediate representation that represents the logical structure of the program, and then based on that middle language emit machine code. Machine code (which can be translated into a human readable form called assembly language) is the binary language that the CPU actually uses to do computation - it contains very simple instructions like "move this data to this location in memory" or "add these two numbers together". Most compilers will also make a lot of optimizations in before emitting the machine code - for example, if they see a certain piece of data being accessed and stored unnecessarily, they may move the code responsible for the redundancy to another place in the executable to avoid wasted operations. The compiler will finally output a file called an object file, which contains optimized machine code.

However, this file is generally not executable - it still has to be linked by the linker, (which sometimes automatically runs after the compiler). The linker performs several tasks, like fixing up absolute addressing to ensure that a program can be loaded anywhere in it's address space, as well as providing references to shared libraries. Usually when writing big programs, developers will use already-written code, like the C library or other vendor specific packages, by referencing it in the source code. For example, C source code can use statements like

include <stdio.h>

to indicate that the program includes references to the standard input/output library in the C library, which is used to allow user-provided data and to print data to the screen, among other things. So, it's the linker's job to ensure that these libraries are included in the final executable and that the other object files can reference them correctly. To make matters worse, the linker will build the executable program in whatever file format the operating system uses (PE on Windows, ELF on Linux, and Mach-O on OSX), and these file formats store the program data and code in separate locations. However, the linker handles this cleanly and produces a compiled, optimized, and linked program in the right format, which can then be executed. So that's how it happens normally.

So now, let's do it in reverse. Suppose you have suspicious.exe, a file that you think is malware and you want to find out what it does so that you know whether it's dangerous or not. Suspicious.exe is a compiled and linked executable, and since it was optimized, you don't necessarily have a 1-to-1 correspondence between each machine code instruction and each line of source code (and you don't have the source code anyway). Furthermore, the Intel x86 architecture that most commercial personal computers use in their CPUs uses variable length machine code instructions - some of the instructions will be longer than others, so it is very difficult to look at them in a binary and figure out what is doing what. This is where a disassembler is used - a program that takes a raw binary file and emits human readable assembly language. Because of variable length instructions, some disassemblers even emit the wrong assembly instructions sometimes! However, because the program has to be able to run consistently and reliably when given to the CPU, there is always a way to disassemble it into the correct machine code - it sometimes just takes a few hours (and a headache or two).

Now, you've disassembled the file using a tool like IDA Pro (which can cost hundreds or thousands of dollars, depending on the license), and you have human-readable assembly. So why is it still hard to figure out what the program does? Firstly, any descriptive variable names that a programmer used to make the source code more easy to read are gone because the compiler got rid of them once it generated the intermediate representation - so you don't even know what the various memory references are where data is stored. Secondly, while you can tell where functions begin and end, you can't necessarily tell what they do - they're just blobs of assembly, and sometimes not even that; if the functions were included in a shared library, they'll often be just references to the address in memory where the imported library is placed when the operating system loads the process into its address space (it depends on whether the executable is dynamically or statically linked, but that's a more in depth and tangential discussion). You also don't where important data structures - like strings or pointer tables - are because what the disassembler doesn't recognize as code, it'll just call "data" and leave it at that. Thirdly, most of the data in the program depends on the memory state while it's running, which you can't tell just by looking at the assembly. You need to actually run suspicious.exe.

So you take a look at this mess, ask yourself why you chose this job in the first place instead of being a web developer even though they get paid about the same as you, open another can of Rockstar, and you get to work. Generally, you'll start suspicious.exe in a sandbox environment like a virtual machine using a debugger, which is a special program that will allow you to halt it and examine its memory state, register states, and other activity. As the program executes, you will begin to notice behaviors that resemble C structures - how you actually do this is a huge discussion that people have written entire books about, but suffice it to say for now that it comes with experience. Furthermore, if you use IDA (or keep a notebook), you'll write down lots of notes about the program behavior, and use Microsoft's MSDN pages (or Apple's developer documents or the Linux man pages, depending on what environment your executable runs in). Eventually, whatever it is that you were aiming to find out becomes clear, or you quit out of sheer frustration (but usually and hopefully the former).

Bear in mind that most people don't aim to entirely reverse engineer every bit of machine code in an executable. A lot of it isn't related to what you're trying to discover, and so part of the game is first finding what pieces of code are actually relevant (which you do with a debugger by stopping the program's execution once it starts doing stuff relevant to your reversing purposes), then reversing those little parts of the code.

If you're a novice, as most people start out as, then I would recommend the following:

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy

Hacking For Dummies

Grey Hat Hacking

Hacking Exposed - 5th Edition - May be outdated

Network Security Bible

So now people here may disagree on the books I've suggested, and that's fine, but it definitely depends on what you're trying to learn and/or accomplish. Google is a great place to start as well without spending a fortune on books.

Some great websites:

SANS
Dark Reading

I'm sure you can find plenty more.

And always ask questions, even if you think its a stupid question. Being on Reddit and having the luxury of anonymity, you can ask away without worrying about getting personally ridiculed.

As far as hackerspaces and defcon, they were just a suggestion. If you ever are able to get to a hackerspace though, I highly recommend it.

10000 limit again. Reserving this comment for the Programming section:

PROGRAMMING
Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Beginning Python
The Python Standard Library by Example (Developer's Library)
Shell Scripting
Shell Scripting Recipes: A Problem-Solution Approach
Linux Command Line and Shell Scripting Bible, Second Edition
Wicked Cool Shell Scripts
sed & awk (2nd Edition)
The Ruby Programming Language
Beginning Ruby: From Novice to Professional
Ruby on Rails 3 Tutorial: Learn Rails by Example
Agile Web Development with Rails
Automating Microsoft Windows Server 2008 R2 with Windows PowerShell 2.0
Pragmatic Guide to Subversion
Programming Perl
C++ Primer Plus
The AWK Programming Language thanks sjhill
Modern Perl thanks three18ti
High-Order Perl thanks three18ti
The Art of Scalability thanks mr_chip
Scalability Rules thanks mr_chip
Continuous Delivery thanks mr_chip
The Varnish Book thanks mr_chip

No, this is not me but I know Frank Ahearn. Out of our "Industry", if you will, he is the most vocal about the process and has written several books over the years, including How to Disappear. It is a little old at this point but still a lot of great information along with some really great stories. The Manatee Story is one of my favorites. :-)

Not sure I will ever write a book myself, since I feel the information should be easily obtained by anyone who wants it for nothing. We will see.

best advice i can give is to start reading anything and everything you can get your hands on related to programming, operating systems, networking, security, etc......



a few books i'm reading/have read/on my list to read and all are excellent starting points:

BackTrack 4: Assuring Security by Penetration Testing (this book was just released and still relevant when using BackTrack5)

Metasploit: The Penetration Tester's Guide

Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition



plenty of links to keep you busy for awhile:
Open Penetration Testing Bookmarks Collection

There are a ton of different things you can do on the defensive side. The path here is a bit less defined because you can specialize in each of these areas with out ever really touching the other ones. But I think these are the most important skills as a defender, so I’ll break it up into three smaller chunks. For the most part, defender/Blue-team concepts draw from these skills, I’ve setup the courses in order, as some of these skills may feed into other areas.


IR:

• Computer Forensics and IR - This is the hole grail of IR. Written by the best in the business, a great start to the world of IR and Forensics
  
  
• Network Analysis. SOC-based 1-day course (Includes slides and labs)
  
  
• Hacking Techniques and Intrusion Detection - 5-6 day course
  
  
• PCAP analysis and Network Hunting - 2 day course
  
  
• Blue Team Field Manual
  
  
  Forensics:
  
  
• Network Forensics - 2 day course
  
  
• File System Forensics
  
  
• Windows 8 Forensics
  
  
• Registry Forensics
  
  
• Memory Forensics
  
  
• 13 Cubed Youtube Series
  
  
• Advanced Network Forensics - SANS ( meaning If you can get someone else to pay for it, SANS courses are expensive)
  
  
• Overall Cheatsheet/Forensics knowledge dump
  
  
• Now, you’re ready for the CHFI Certification
  
  Reverse Engineering (Dynamic and Static):
  
  
• Practical Malware Analysis
  
  
• Malware Unicorn (Awesome RE, has an awesome blog and some good intro training)
  
  
• Malware Analyst’s cookbook
  
  
• IDA Pro Book
  
  
• Intro to Reverse Engineering - 2 day course
  
  
• Malware Dynamic Analysis - 3 day course
  
  
• SANS*** GREM Certification
  
  I know there’s not a lot of certs here, and unfortunately, that’s how it is across the blue team. Certs here are usually very vendor-specific, and not applicable to defense as a whole. Those certifications exist, but I’m not listing them here.
  
  If people are interested, I can also do a similar write-up on Mobile Forensics and Cloud Forensics (which is my direct background).
  
  Lastly, here are some of my favorite news sources across the InfoSec community -
  
  News Sources
  
  
• Ars Technica
  
  
• InfoSecurity Magazine
  
  
• Security Weekly
  
  
• Iron Geek
  
  
• Krebs on Security
  
  
• reddit.com/r/netsec
  
  
• reddit.com/r/netsecstudents
  
  
• reddit.com/r/asknetsec
  
  
• reddit.com/r/computerforensics

Some thoughts:

I've had people recommend the following books:

• Malware Analyst's Cookbook
  
  
• The Art of Memory Forensics
  
  
• For the next 23 hours or so, there's a Humble Bundle about hacking that might have some pertinent stuff (you already have PMA, but there's some other things that could be useful, and it's an amazing price)
  
  Other resources:
  
  
• Lenny Zeltser's site
  
  
• Dennis Yurichev's huge book on RE, available in a "lite" version as well as Russian
  
  
• He also has a challenge page if you want to try RE yourself

Yes, abstract algebra will be useful for some parts. So will number theory.

You should definitely have some idea about algorithms and time/space complexity.

An introductory book like Katz - Lindell will be pretty self contained and it will be easy to understand having a math degree.

Everyone seems to be pretty on point with their responses so I'll just throw some ideas out there that you can look into to maybe find a more exciting vector:

• Track down a botnet command and control infrastructure
  
• Reverse engineer programs with known 0 days to see if you can find said zero day
  
• Look into memory forensics (http://www.amazon.com/The-Art-Memory-Forensics-Detecting/dp/1118825098)
  
• Look into Red Teaming: There are positions out there that not only require you to "hack" an organization, but you have to be able to break into it physically as well
  
• Write some malware that gets past VirusTotal (https://www.virustotal.com/)
  
• If you are into puzzles check out the Defcon badge challenge
  
  Good luck!
  

Ok, it doesn't matter why you did it. You did it, and that's what matters. The important thing to remember during all of this is that there's no going back. The best thing you can do to help yourself is just focus on your plan.

Now, what I'm about to tell you is very important: they already now. The NSA. You have, at a maximum, about 48 hours before the FBI kicks down your door and slaps a pair of stone cold cuffs on you.

Your first step is to erase everything: incinerate all your papers, cell phones, hard drives, everything. Anything that could possibly clue them in to where you're heading.

Second step: research. This is a great book to read up on. Obviously you don't have months to put this plan into action, but it'll still give you a good idea of what you're doing.

Now you need to pick a destination. There are two options: either go for the Walter White and hide out in a tiny house in the middle of nowhere for the rest of your life, or the "hiding in plain sight" option and settle down in a nice mansion on a tropical beach somewhere. Due to your extremely likely economic situation I think you'll have to go with Walter White unfortunately. All that's left to consider now is the country: obviously you want a poor, derelict nation, preferably hostile to the United States government - like Canada.

With careful planning, smart movement, and a little luck, you should be able to cross the border a few days. Don't both with credit cards, they'll have your face on INTERPOL within hours. Godspeed, Link_Mau5

I used Ubuntu years ago but what exactly makes it restrictive? You can change the whole desktop environment with simple sudo apt get and config file adjustment. Not to mention variois tools for gnome to do stuff.

I’d definitely start with using Ubuntu variant or Debian and learn some bash and then proceed somewhere. Hacking is pretty retarded term IMO but OP will figure it out eventually.

There is this book for people like this, that is newbies who found the term hacking and are interested. It uses Kali linux but just sandbox it and you’re good to go. At least back in the day wit back track os the tools were actually pretty annoying to find so it’s better to just install kali somewhere

What you're asking for is kind of silly.... Here's a series that's all about real theoretical attacks though. You're not going to find information on how to steal money from a bank, but you can read books from hackers who have done a lot of interesting things, like a group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines in Kevin Mitnick's book.

Specific to Cryptanalysis (in order):

1. start with this great tutorial on FEAL cryptanalysis
   
   
2. then try the matsano challenges
   
   
3. finally followed by Schneier's self study course on cryptanalysis.
   
   
   Good intermediate texts on cryptography/cryptology:
   
   
4. From a mathematical perspective: An Introduction to Mathematical Cryptography by Silverman et al.
   
   
5. From a provable security perspective (probably the most important to both academia and industry): Introduction to Modern Cryptography (new 2nd ed.) by Katz & Lindell
   
   
6. Serge Vaudenay's A Classical Introduction to Cryptography (it's an in between of the above 2 books).
   
   
7. Christoph Paar's Understanding Cryptography with a video course.
   
   
   Lastly, a really fantastic all around book on network security (including crypto) would be: Network Security 2nd Ed. by Kaufman and Perlman. It is a little old though but still relevant. Also has great analysis of real world protocols such as IPsec (IKE, ISAKMP), Kerberos, SSL/TLS, S/MIME, etc.

Choice of programming language differs among researchers but Python seems to be pretty common. I suggest you get the books Violent Python and Grey Hat Python . The former is more beginner friendly for people new to security. As for getting started with InfoSec maybe try reading the Security+ books?

Super helpful! Thanks for the response. Might be dumb but what does CEH stand for? I'll avoid it as it sounds like I should.

I bought this book and this book I'll do all the excercises in them.

What are the CTF's you mention?

Thanks again though, very helpful.

I REALLY enjoyed the "Stealing the Network" series. The final books is especially good. It's a collection of realistic hacker stories/scenarios that all revolve around one main plot. The hacking focuses on being accurate while also outlandishly awesome. here's a link to the series on amazon: www.amazon.ca/gp/aw/d/159749299X
I'm on mobile so that's the best I can do for now..

(edit, books are not for beginners and black hat has better reviews)

There are two books, not sure if they are too advanced and I think both are writen for python 2.7 but they are more or less on the subject, one is called 'Gray Hat Python' and another 'Black Hat Python'

https://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
https://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900/

You could read reviews of these two books to see if this would be a good starting point. Othervise I would search youtube for keywords like 'python network security' and similar...

If your background is webdev then obey the testing goat is a good option as well. But none of these books will help with netsec. For that you're better off with something like Learning Pen Testing

• The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System, 2nd Edition (2012)
  
  This book covers rootkit development, not analysis, on Windows 7 and x86/IA32. It's a must read, if you're interested in rootkits.
  
  
• Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats (Release date set to january 2019)
  
  While not yet released, it looks very promising. Over the years, Microsoft has continually introduced better protections against rootkits and malware in Windows. Among other things, the book will cover how some of the rootkits/bootkits seen in the wild have bypassed protections such as Secure Boot, kernel-mode signing, Patch Guard and Device Guard.
  
  I'd also recommend having a look at the following books:
  
  
• Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software (2012)
  
  
• Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation 1st Edition (2014)
  
  
• The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory 1st Edition (2014)
  
  
  Also, Windows Internals for both Windows 7 and Windows 10 is a great reference to have laying around.

Yes.

Hacking Exposed

Shellcoders Handbook

Reverse Engineering

Malware Analyst's Cookbook

Gray Hat Python

Gray Hat Hacking Second Edition

Writing Security Tools & Exploits

Sockets, Shellcode, Porting and Coding: Reverese Engineering Exploits and Tool Coding for Security Professionals

Professional Penetration Testing

These are definitely some books you could start with. Once you've gone through those, you'll know more then a lot of them out there :)

There's these reddit threads on r/netsec:
http://www.reddit.com/r/netsec/comments/d3hua/how_to_get_started_in_netsec/
http://www.reddit.com/r/netsec/comments/ekyjw/interested_in_learning_about_network_security/

http://www.reddit.com/r/netsec/comments/es4si/what_are_some_good_netsec_books_out_there/
http://www.reddit.com/r/netsec/comments/g6r71/getting_started_in_network_security_a_list_of/

There's also loads of blogs and websites around, if you go hunting or look at some of these netsec threads, you'll find loads more material.

The Stealing The Network series is pretty good for a slightly geekier crowd.

The Cuckoo's Egg is pretty old, but a fascinating captivating read even today!

Part of that "80%" can be a sales tactic to get you to sign up and take the course. Although I am not in the UK so I am not sure if that stat holds true.

As for the equipment: Both the below links are good starting points. The top one is a bit older.

Build Your Own Security Lab: A Field Guide for Network Testing

[The Network Security Test Lab: A Step-by-Step Guide] (https://www.amazon.com/Network-Security-Test-Step-Step/dp/1118987055/ref=asap_bc?ie=UTF8)

Both will give you a good idea and a starting point.

But you never really answered a key question: What is it you want to do? In CyberSecurity, there are roughly 40 different types of emphasis that you can focus on. I know it is daunting, but understand your personality and goals can weigh heavily into that decision. Not everyone is cut out to be a WhiteHat, but that does not mean a blue team member or a purple team member are not for you.

There was a really good topic discussion on Reddit (unable to find it currently) that had quite a few jobs broken down and what they do/mean to the Security Community.

It would be an... interesting team, since as I understand it reverse engineering x86 is mostly for people creating malware. And the security experts thwarting them, I suppose. Book on Amazon: Practical Reverse Engineering.

If someone was a programmer looking to expand their skillset into IT security, though...

If you're looking for practice you can use sysinternals notmyfault but you have to first configure the system to produce a complete memory dump. Another option is memoryze from Fireye (previously Mandiant) though it looks like it hasn't been updated in awhile. I also recommend picking up a copy of The Art of Memory Forensics. That should be enough to get your feet wet.

edit; I forgot to mention Lenny Zeltzer's cheat sheet's as well. While not specifically related to memory forensics there is a sheet covering just about every aspect of infosec from incident response, volatility, reverse engineering, assembly language, analysis report writing, and much much more.

Advanced Penetration Testing: Hacking the World's Most Secure Networks https://www.amazon.co.uk/dp/1119367689/ref=cm_sw_r_cp_apa_i_ewpvDbX22PY0G

Great book - actually a very enticing read.

I would recommend "The Hacker Playbook: Practical Guide To Penetration Testing" and the follow up book. I'm making my way through the second one now. They give you a good sense of the toolkits available, how to use them, and they also give you some good insight into the mindset of a pentester.

For people who want to get into network security and have have a moderately good grasp on programming, I nominate Gray Hat Hacking . Each chapter in the book is basically devoted to a certain aspect of hacking (windows exploits, xss attacks, metasploit, etc). It's a good all around introduction to pretty much all the important aspects you need to know.

next, I recommend getting familiar with metasploit as it can save you a lot of time with a lot of different types of attacks. The guys from offensive security have a website , but there is also an ebook available if you want it.

It's important to understand security from both an offensive and defensive side of things.

I'm not too sure if this is the sort of answer you're looking for because it appears that you are pretty new to all this but...

If you read these books, then you will know everything you need (ranked by reward to required effort ratio):

https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901

https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315

https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189

However, the books might be pretty difficult to understand with how much you currently know.

The first rule of "learning the basics of hacking" is that you don't ask or talk about "learning the basics of hacking". I learned this the hard way when I was about 12 years old on irc.

And there is really only one shade of hacking, and that is 'gray'. You may become a white hat, or a black hat depending on your motivation. But I personally do not look at anything in absolute contrast. The world is gray, hacking is gray, your mother is gray.

Speaking of 'gray', if I were you I would check out this book

I have not read it myself, only skimmed through it over coffee at barnes&noble. Looks like it covers a very broad spectrum of hacking and seems 'user friendly' enough. Also start reading 2600, and check out securitytube.net

This is the most comprehensive online guide I've found.
> http://billstclair.com/matrix/

Also good reads..
> How to Be Invisible by JJ Luna

> How to Disappear by Frank M. Ahearn

Ah, yes. Those aren't the same. This is the most updated, recent official exam book that includes the practice exams:

https://www.amazon.com/gp/product/1119523265/ref=ppx_yo_dt_b_asin_title_o07_s01?ie=UTF8&psc=1

The book comes with questions as well, but not very good ones in relation to the exam. It also has online flashcards. The practice exam book can be activated online, and all questions are available online. That book has everything that is covered in the test.

The other book I used was this one, but more straight to the point, but doesn't cover every single detail like the Sybex:
https://www.amazon.com/CISSP-Study-Guide-Eric-Conrad/dp/0128024372/ref=sr_1_1?keywords=cissp+study+guide+third+edition&qid=1555615018&s=gateway&sr=8-1

This pdf has some great info on systems administration

This book was a great read. Violent Python

This book goes very deep into exploit development with python in windows environments Gray Hat python

Same author as above, I have not read yet, but it is on my todo list Black Hat python

Heavily C based, but a great explanation of x86 and low level systems Rootkit Arsenal

You need to know a lot of things to be able to figure that kind of stuff out. Not just low-level programming but details about hardware, tricks the developers used to create the product...

These books might be a good start:

Reversing: Secrets of Reverse Engineering

Gray Hat Python - Since you are familiar with Python right now

Gray hat python is apparently pretty good:
http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921
(pdf - http://news.asis.io/sites/default/files/Gray-Hat-Python.pdf)

http://blog.cobaltstrike.com/2011/11/04/my-virtualbox-penetration-testing-lab/

Also

https://www.amazon.com/gp/aw/d/1118987055/ref=pd_aw_sim_14_of_11?ie=UTF8&dpID=51fSOCak78L&dpSrc=sims&preST=_SL500_SR100%2C100_&psc=1&refRID=J746RJZD39BK4A8DAPMZ

Hope these links help some!

There's a great book on this called "how to disappear". It's on amazon. http://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778

congrats !

​

can you confirm that those are the books you were using:

https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119523265/ref=sr_1_1?keywords=sybex+cissp&qid=1557068330&s=gateway&sr=8-1

​

https://www.amazon.com/CISSP-Study-Guide-Eric-Conrad/dp/0128024372/ref=sr_1_2?crid=3EHIXX8M9ICO3&keywords=11th+hour+cissp&qid=1557068417&s=gateway&sprefix=11th+ho%2Caps%2C391&sr=8-2

I disagree. I strive to not care about politics as much as possible and I am doing great. I try to live in countries/get paid in countries where there are fewer taxes, I buy duty-free whenever possible, etc. Also, foreign policy doesn't affect people with multiple citizenships as much, so try to get dual citizenship if you don't want to care.

There are some great books on the topic: here, and here (affiliate links).

It seems the book is the same as https://www.amazon.com/Learning-Penetration-Testing-Python-Christopher/dp/1785282328

So I would highly suggest you get this book! I have it at home and it's really well written and goes over Python 2.7 coding, OWASP, PTES, good read.

I did a quick search and found 2 books specifically in your current field of interest. Gray Hat Python and Violent Python

I've never read either of them, but they look interesting.

Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation https://www.amazon.com/dp/1118787315 is very good and has a huge ARM part

I know at least one university that offers IT-security, but it's in Germany and the curriculum is in German. I'd say a CS degree with a strong foundation in C and Operating Systems can be enough to get your foot into the door. Personally, I'm mostly self-taught (lena151, the books listed below, reversing applications for the sake of learning) and plan on applying for related positions next year after graduation. Most employers will probably give you some on-site training anyways since there are hundreds of tools and techniques.

Reposting myself:

In case you're talking about reverse engineering, malware analysis etc.:

• http://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593272898
  
• http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901
  
• http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
  
• http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817
  
• http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441

Social Engineering: The Art of Human Hacking
All of your security infrastructure is meaningless if I can call Suzy in Accounting and ask her for her password.


TCP/IP Illustrated, Vol. 1: The Protocols
Yes, I know this book is old. This book is the Mutha-Fecking 1969 Camaro 454SS of networking books.
It simply NEVER goes out of style.


Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework
If you don't have a basic understanding of Wireshark and Packet Analysis, you're useless to me.
You don't have to be a wizard. You don't have to look at the Matrix and see Blondes or Red Heads. But you MUST possess a clue.
I have no specific love for this book. Just pick any good looking Wireshark book writen for an InfoSec audience.

DNS and BIND (5th Edition)
The author "Cricket Liu" is THE DNS guy. He literally wrote the book on DNS.

Designing for Cisco Internetwork Solutions Foundation Learning Guide: (3rd Edition)
The Cisco CCDA track will teach you focus on technical requirements, and aligning network functionality to match those requirements. Data Networking is CRITICAL knowledge to InfoSec professionals. But you might find this an easier starting point than CCNA.

There's a pretty good, but brief, tutorial in the first chapter of Gray Hat Python. You can preview it right there on Amazon.

How to disappear:

http://www.thesmokingjacket.com/lifestyle/stuff-you-should-know-how-to-disappear

http://www.amazon.com/How-Disappear-Digital-Footprint-without/dp/1599219778

http://www.skeptictank.org/hs/vanish.htm


Good luck.

• The entirety of the The Art of Memory Forensics.
  
  
• https://www.blackhat.com/presentations/bh-dc-07/Walters/Paper/bh-dc-07-Walters-WP.pdf
  
  
• The DFRWS papers are always good references, as well. - http://www.dfrws.org/archives.shtml
  
  
• http://digital-forensics.sans.org/blog/2009/09/12/best-practices-in-digital-evidence-collection/
  
  
• Google "Order of Volatility"
  
  

An amazing book on the subject:
http://www.amazon.com/How-Disappear-Digital-Footprint-without/dp/1599219778/ref=sr_1_1?ie=UTF8&qid=1342560375&sr=8-1&keywords=how+to+disappear

The Rational Clinical Examination: Evidence-Based Clinical Diagnosis, edited by David L. Simel, MD, MHS, and Drummond Rennie, MD

https://www.amazon.com/Rational-Clinical-Examination-Evidence-Based-Diagnosis/dp/0071590307

An accessible undergraduate textbook that I have used and enjoy is Introduction to Cryptography with Coding Theory. That being said, I have not looked at many others.

A much more technical (but formally correct) textbook is Introduction to Modern Cryptography by Katz and Lindell.

On a side note, cryptography is a very mathematical field. So take as many math courses as you can. Number theory and algebra in particular.

Some dank af infosec books:

Malware Data Science: https://nostarch.com/malwaredatascience

Real World Bug Hunting: https://nostarch.com/bughunting

Penetration Testing: https://nostarch.com/pentesting

Black Hat Python: https://nostarch.com/blackhatpython

Social Engineering: The art of human hacking https://www.amazon.com/Social-Engineering-Art-Human-Hacking/dp/0470639539

Linux System Security: https://www.amazon.com/Linux-System-Security-Administrators-Source/dp/0130158070

Advanced Penetration Testing: https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689

If you want to learn more this book will be helpful!

http://www.amazon.com/The-Rational-Clinical-Examination-Evidence-Based/dp/0071590307

> and pentesting isn't an entry level job

WRONG. I know lot of companies who posts pentest positions for fresh grads, because there is a big need for these people.

Do download a kali copy and play around with it. Read books I recommend Gray Hat Hacking The Ethical Hackers Handbook

forget CISSP and CCNA (and don't even mention Ethical Hacker Cert) .. go for OSCP!

"Grey Hat Python" by Justin Seitz has a lot of really good examples.

https://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921

• Python Essential Reference (4th edition): David Beazley
  
  
• Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
  
  
• Grey Hat Python: Python Programming for Hackers and Reverse Engineers
  
  
• Python in a Nutshell, 2nd edition
  
  
• Python 3 Object Oriented Programming
  
  
• Invent Your Own Computer Games with Python, 2nd edition
  
  
• Core Python Applications Programming (3rd edition) (core series)
  
  
• Making Games with Python & PyGame
  
  
  
  
  
  
  
  
  
  
  
  
  

Swiggy is wise. Listen to Swiggy.

Also check out the book, “How to Disappear.” Don’t keep it at home. Keep it at a friend’s house.

https://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778/ref=mp_s_a_1_2?ie=UTF8&qid=1540691872&sr=8-2&pi=AC_SX236_SY340_QL65&keywords=how+to+disappear&dpPl=1&dpID=51f4Ko3VWyL&ref=plSrch

Penetration testing is a really broad term. If you want the overview i would suggest picking up a book like Gray Hat Hacking.

Metasploit is a fun tool, but learning to use it without understanding the basics will not really lead to anywhere.

You're going to have a real rough go at it;

That said; 508 is largely derived from the following two sources:

Brian Carrier's File System Forensics (This book is actually given out in the course)

&

The Art of Memory Forensics by MHL, Andrew Case, Jamie Levy, and AAron Walters

That'll get you ~75% the way there. But it's a lot of material to cover and retain without a reference source. I don't know if SANS has an official policy on what specifically you can take in with you during the test outside of your personal notes and their material.

Outside of those two books; get very familiar with The Sleuth Kit and timelining.

Honestly; this would be advice for someone taking the course just as much as it would be for someone not taking the course.

Which book is better for very begginers?
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901/

or

https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315

All he needs to run to another country is a plane ticket and this book from Amazon. It's easy really.

Only read Ch 5. Lock Picking so far. That was very informative. If the rest of the book is as good (and Amazon reviews indicate it is), I'd go for it.

Oh sorry - I thought when you wrote "The author...", it meant you bought a book about Wireshark.
Tell you what - I have extras of my book from the publisher.

PM me your address and I'll mail one out to you. No charge, as long as you promise to work through it and learn as much as you can. :)

I suppose you could just read Practical Reverse Engineering. The typical methods are explained there for reverse engineers. It's kind of an "arms race", so I doubt any one place will have a full set of up to date info. Also, companies who do this sort of thing will not usually be willing to outline exactly what they do and how they do it. Obviously, disclosing that would only help crackers.


http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?ie=UTF8&qid=1406820088&sr=8-1&keywords=practical+reverse+engineering

I believe these following resources will help you,

Learning Penetration Testing with Pyhton [https://www.amazon.com/Learning-Penetration-Testing-Python-Christopher/dp/1785282328]

https://jhalon.github.io/

https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html

https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA

If you're interested in technically accurate hacker books you can't beat this series.

If you can get this book, it will help you a bunch
https://www.amazon.com/Wireshark-Security-Professionals-Metasploit-Framework/dp/1118918215/ref=mp_s_a_1_4?ie=UTF8&qid=1549574800&sr=8-4&pi=AC_SX236_SY340_QL65&keywords=wireshark+101&dpPl=1&dpID=51kdA1YQ4tL&ref=plSrch

Some resources which will indirectly help you for GREM

https://amzn.com/1593272901

https://amzn.com/1118787315

https://amzn.com/1593272898

I’d recommend this book

Maybe if you look at the Wikipedia page which cites a Red Hat 3 manual about computer security from 12 years ago. I will leave this book in evidence as a modern definition of Gray Hat hacking; it contains a full definition.

http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071742557

Is this the right book? Wanna make sure before picking it up on Audible

Edit: Never mind, looks like its not on Audible. Full title is How to Disappear: Erase Your Digital Footprint, Leave Fake Trails, and Vanish Without a Trace I believe. Apparently it's more around physical security than digital security though.

Highly recommended reading on that topic and why you neither need that nor it would be very advisable:

https://www.amazon.de/How-Disappear-Digital-Footprint-Without/dp/1599219778/ref=pd_lpo_sbs_14_img_1?_encoding=UTF8&psc=1&refRID=W1DX4NT8NZZJZXEP5JCY

Final Step: Just disappear. Better than giving the bitch the satisfaction of whinging to her cunt buddies the rest of her life that her "chiiildren are viiictims b/c their Daddddy keeeled himself".

Best revenge is to live life to the fullest in some far-off tax shelter without an extradition treaty with your home country.

I actually already have a copy of Hacking: The Art of Exploitation. My personal library consists of around 45 books on a range of computing topics from PHP, MySQL, C++, Windows Internals, CCNA, MCSE/MCSA, Unix, Rootkits, AI, Data Structures and the list goes on.

Other relevant titles include Gray Hat Python, Reversing: Secrets of Reverse Engineering and Rootkits: Subverting the Windows Kernel.

I was going to buy the following: Assembly Language Step-by-step, SQL Injection Attacks and Defense and Metasploit: The Penetration Tester's Guide.

I agree that where one starts really depends on what they want to end up doing. "Hacking" is such a general term and SQL-Injections is completely different from finding 0-days. If I'm honest I'm not sure where to start but I'm open to suggestions.

​

Grey Hat Python is an interesting book I have on the subject. It is a little complex so I put it off for now but it might be just what you need.

https://www.amazon.com/How-Disappear-Digital-Footprint-without/dp/1599219778

Read this book (preferably get it from a public library so that you don’t have an obvious purchase record for it.) It’s written by a former skiptracer and should give you enough of an idea of what it means to disappear along with actual instructions on what to do. It’s also the book that got me interested in the topic of privacy, so there’s that...

http://www.amazon.com/Stealing-Network-Complete-Collectors-Chapter/dp/159749299X/ref=sr_1_2?ie=UTF8&qid=1290372515&sr=8-2

EDIT: maybe shop around a bit or hold out - this book was $44.95 new from amazon a year ago.

Hey, if you want to disspaear, maybe life offshore or whatever, you may want to check out this book: Here

How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace

Obvious tip: Don't order it online with your credit card

My recommendations then for self study:

• http://www.amazon.com/The-Rootkit-Arsenal-Evasion-Corners/dp/144962636Xl
  
  
• http://www.amazon.com/Windows-Forensic-Analysis-Toolkit-Edition/dp/0124171575
  
  
• http://www.amazon.com/Windows-Registry-Forensics-Advanced-Forensic/dp/1597495808
  
  
• http://www.amazon.com/Malware-Rootkits-Botnets-Beginners-McGraw/dp/0071792066
  
  
• http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
  
  
• http://www.amazon.com/Practical-Malware-Analysis-Dissecting-Malicious/dp/1593272901
  
  
• http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
  
  
• http://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593272898
  
  
• http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033
  
  Read all those and you will be in good shape ;)
  EDIT: I hate trying to get reddit to do what I want.

If you want to read a real book about hacking...

http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?s=books&ie=UTF8&qid=1405264006&sr=1-1&keywords=practical+reverse+engineering

Reversing: Reversing: Secrets of Reverse Engineering

Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation

If you're asking this question you already don't have and won't have the right mindset to make this happen. Perhaps read this book, I'm currently in the middle of it.

This is a phenomenal book that I would suggest you read before leaving. If you're going to do it, at least do it right.

You should read this book. http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921

Books:
1.amazon.com/Rootkit-Arsenal-Escape-Evasion-Corners/dp/144962636X
2.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098
3.nostarch.com/rootkits
Blogs/Forums:
1.0x00sec.org/
2./r/rootkit
3.rootkitanalytics.com/
4.turbochaos.blogspot.co.uk/?m=1
5./r/malware
6./r/reverseengineering
7.r00tkit.me/

So by buying the following :

https://www.amazon.co.uk/Certified-Information-Security-Professional-Official/dp/1119523265/ref=sr_1_1?ie=UTF8&qid=1538646513&sr=8-1&keywords=cissp

You get access to an online Sybex exam tool by registering your books. Directions are provided on the back side of the books.

Here you go...

https://www.amazon.com/Advanced-Penetration-Testing-Hacking-Networks/dp/1119367689/ref=sr_1_3?keywords=Advanced+Penetration+Testing&qid=1559063887&s=gateway&sr=8-3

​

https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759/ref=sr_1_4?crid=GHPJ1O3RQ2NI&keywords=advanced+penetrating+testing&qid=1559063962&s=gateway&sprefix=Advanced+Penetration%2Caps%2C140&sr=8-4

Grey hat Python

https://www.amazon.com/Black-Hat-Python-Programming-Pentesters/dp/1593275900/ref=sr_1_2?ie=UTF8&qid=1499051272&sr=8-2

https://www.amazon.com/Learning-Penetration-Testing-Python-Christopher/dp/1785282328/ref=sr_1_1?ie=UTF8&qid=1499051419&sr=8-1

For reverse engineering:

1. http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315/ref=sr_1_1?s=books&ie=UTF8&qid=1450459302&sr=1-1&keywords=reverse+engineering
   
   
2. http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817/ref=sr_1_2?s=books&ie=UTF8&qid=1450459302&sr=1-2&keywords=reverse+engineering
   
   
3. http://www.amazon.com/IDA-Pro-Book-Unofficial-Disassembler/dp/1593272898/ref=sr_1_7?s=books&ie=UTF8&qid=1450459302&sr=1-7&keywords=reverse+engineering
   
   For malware analysis and malware techniques
   
   
4. http://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_10?s=books&ie=UTF8&qid=1450459302&sr=1-10&keywords=reverse+engineering
   
   
5. http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033/ref=sr_1_2?s=books&ie=UTF8&qid=1450459367&sr=1-2&keywords=malware+analysis
   
   
6. http://www.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098/ref=sr_1_5?s=books&ie=UTF8&qid=1450459367&sr=1-5&keywords=malware+analysis
   
   For programming
   
   
7. Complete Reference C and Complete Reference C++
   
8. NASM Manual
   
   
9. Intel Software Developer Manual (http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html)
   
   This should be enough for you to get started.

Three books for you:

Python for Unix and Linux System Administration:
http://www.amazon.com/Python-Unix-Linux-System-Administration/dp/0596515820

Gray Hat Python: Python Programming for Hackers and Reverse Engineers:
http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921

Foundations of Python Network Programming:
http://www.amazon.com/Foundations-Python-Network-Programming-Goerzen/dp/1590593715

If you aren't going to go the Python route, then you should teach yourself Scheme.

Gray Hat Python

http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921

Also check out this book: How to disappear by Frank Ahearn.

Here is the mobile version of your link

> Do they have the right to know where their adult child lives;

If you are a legal adult, they do NOT have that right.

> is it cruel not to tell them (they are still parents & people, and would probably worry);

It is NOT cruel to deny a narcissist and her enabler information that can be used to abuse you.

And keep in mind: their 'worry' wouldn't be for you and your well-being. It would their 'worry' that they no longer have their usual punching bag around, and they would use 'worry' as an excuse for extending their control of you into your adult life.


> and would they realistically/legally have any way of finding it out?

If you don't take certain steps, they could find out, yes.

When you get your own place, you'll want to:

1. Get a UPS store address (you didn't say if you're in the US, i'm assuming you are). Give that address freely to anyone who asks for your address (i.e. don't look like you're trying to hide your address). If you're completely consistent about this, its extremely rare that anyone notices its not your real address. (Note it may be illegal in your state for your drivers license to not have your real address on it; YMMV so ask at the DMV)
   
2. Remove your home address from direct mailing lists. Call (888) 5-OPTOUT (567-8688) and request your name and address be permanently removed from their lists. This action unpublishes all instances of your home address in direct mailing lists maintained by the consumer credit reporting industry.
   
3. This Reddit post from five years ago listed the largest data brokers and how to remove your information. The poster is a lawyer with Abine — their DeleteMe service will remove your information for a fee. SafeShepherd will also remove your information. Their premium membership is cheaper than Abine, and the basic membership is free.
   
   (the reason to remove yourself from mailing lists, by the way, is because the companies that send out those mailers sell customer data to each other all the time, and it helps to ensure that your address doesn't accidentally end up online at WhitePages.com or some such)
   
   
4. If your parents don't know where you work, let your job know not to confirm that you work there to anyone, or give out your contact information to anyone, without checking with you first.
   
5. If you live in an apartment, let the management know not to confirm to anyone that you live there.
   
   If your parents escalate, check out How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace. The book is strongly recommended for victims of stalking and harassment. The author was the world's top expert in skip tracing prior to writing this book.

In the highly connected world we live in it's almost impossible to disappear without a trace. There is an excellent book called How to Disappear by Frank Ahearn. From Amazon "How to Disappear is the authoritative and comprehensive guide for people who seek to protect their privacy as well as for anyone who’s ever entertained the fantasy of disappearing—whether actually dropping out of sight or by eliminating the traceable evidence of their existence.

Written by the world’s leading experts on finding people and helping people avoid being found, How to Disappear covers everything from tools for disappearing to discovering and eliminating the nearly invisible tracks and clues we tend to leave wherever we go. Learn the three keys to disappearing, all about your electronic footprints, the dangers and opportunities of social networking sites, and how to disappear from a stalker."

https://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778

​

I have read the book a number of times and one of the worst ways to disappear is to fake your own death. The other thing is when a person suddenly disappears what happens is there is always someone in that persons circle of friends who becomes completely obsessed with the case. In Gerald Cottons case we have a situation where many highly intelligent people from around the world are on the case and becoming obsessed by it. If this is an exit scam - (which many people including myself believes it probably is)and if Cotton is still alive then it's only a matter of time before he is found and brought to justice.

​

Everything about the case is suspicious and it reeks of an exit scam. Apply the duck test: If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.

The Presentation of Self in Everyday Life
https://en.wikipedia.org/wiki/The_Presentation_of_Self_in_Everyday_Life


How to Disappear: Erase Your Digital Footprint, Leave False Trails, And Vanish Without A Trace
http://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778

Here's a short reading list I created yesterday about protecting your privacy:

Darknet: A Beginner's Guide to Staying Anonymous

How to Disappear: Erase Your Digital Footprint, Leave False Trails, And Vanish Without A Trace

Obfuscation: A User's Guide for Privacy and Protest

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

Complete Guide to Internet Privacy, Anonymity & Security

Tor and the Dark Art of Anonymity: How to Be Invisible from NSA Spying

>Examples of projects I have completed: Coded a basic Linux kernel from the ground up for x86 machines, Working on a basic IRC botnet coded in Python, I have experience in Snort rules and have written Python scripts for log parsing. I have used Wire shark for packet sniffing etc, experience in using IDA for disassembling code for CTFs.

Why on earth would you pursue Sec+ and CISSP if you have experience in those things?

Build a Malware Lab, dude. Check out Practical Malware Analysis and The Art of Memory Forensics. With your experience you could probably wreck those over the summer.

If you want an old school, but relevant (more Red Teamer), you could check out Hacking: The Art of Exploitation and The Shellcoder's Handbook.

Practical Malware Analysis

The Art of Memory Forensics

Hacking

Shellcoder's Handbook


Malware Analyst's Cookbook

If you want the quick and dirty I suggest Practical Reverse Engineering:

http://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315

I used this book back when I was learning how to use cheat engine to hack games. It teaches you basic assembly language in 3 major architectures, how to decipher ambiguous machine code, and the relationship between memory and processor. It's really a boon if you're going to dive that deep into computer science. If you can reverse engineer programs in run-time, you can do just about anything.

Not about inventing a false identity per se, but covers the topic.
http://www.amazon.com/How-Disappear-Digital-Footprint-Without/dp/1599219778/ref=sr_1_1?ie=UTF8&qid=1426552176&sr=8-1&keywords=how+to+disappear
http://en.wikipedia.org/wiki/Skiptrace

edit: something is fucked with linking on this comment.

Buy a book called "how to disappear," Then you may want to contact this guy: http://www.frankahearn.com/ : he will make it close to impossible for someone to track you online.

Then if you and your family move, you will need to move to a different state, and start doing things completely different than what you are doing now. If you're a car sales man, you'll have to find a new profession.

Move to another state and change your name, if you feel your life is in danger, you can contact a lawyer that can help you change your name and seal the records.

Changing a name and Moving states might do the job really, I'm a private investigator and even when I get all of the persons information it is still hard to find them.

If you TRULLY want to disappear, you need to stick to your guns and not say "oh, well I'm going to go back home for the holidays" changing your identity means CHANGING your entire LIFE, and that's why sometimes not even the Witness Protection Program works as intended.

What ever you do, DO NOT buy a firearm if you don't intend to use it. many people get killed with their own weapons.

TL;DR - Change your name, Move, Start a new life