(Part 2) Best products from r/hacking

• Desktop (i5-8GB RAM, GTX 660 < lol also gotta agree) Just general use I guess? I don't do anything special on it apart from hashcat sometimes, it's also my vmware server that hosts all my test/exploitable vms, runs xubuntu (noh8m8 it's got ez driver support cbf dealing with arch/gentoo driver installs, tried it once, it failed so hard, runs awesome window manager as well))
  
  
• Macbook Air (2012 11") fucking love this thing, i can take it anywhere, decent battery life, runs xubuntu again for the AWESOME driver support, runs awesome wm, use it for general terminal stuff, I normally live in a full screen tmux session.
  
  
• Wifi Pineapple (It was a gift :c) I actually use this as a torified router and as a fake AP, pretty cool I guess, dont use it enough, I laughed so hard at the Hackers Quote from the hack though, it was a pretty stupid vuln, hey let's execute code BEFORE AUTH, THIS CAN ONLY GO WELL, ugh whatever I digress, decent I guess, don't really use it that much
  
  
• Raspberry Pi (lollovethis) running gentoo, just a mess about box, totally torified, sometimes i use tmux/weechat/ssh but mostly it just sits looking badass in its case. (gentoo arm is weird)
  
  
• Bunch of SDR Stuff, two USB rubber duckies (lolbadusb) saw these fuckers and knew they had stupidly large potential, this was before the badusb release, actually well done hak5, this was a solid product, I don't really use it enough, was thinking of buying one for a friend for christmas but idk.
  
  
• About 10 - 20 USBs in various sizes (dont even know what i keep on them, i normally just rm -rf them and use them to transfer data between macbook and desktop, sometimes it's for backups though)
  
  
• 2TB USB Portable Hard-drive (not currently in my possession, yay parents) awesome though, drop proof, USB3, it's just love and it's just life (http://www.amazon.com/Transcend-USB-External-Hard-Drive/dp/B005MNGQ6C)
  
  Probably going to make my own router sometime this month, been wanting to play about with PFsense.
  
  uh that's about it, not just hacking stuff just general useful stuff I use quite often/think is cool.

Wow, it's really encouraging to see people new to hacking actually following the right path. Far too many people disassociate hacking with what it truly is, but you're not one of them; I see that you've got your answer already, but l feel it's necessary to keep pushing you in the right direction. Good luck in your endeavours :)


Some neat resources for someone interested in Binary Exploitation:

Smash The Stack


And a few books:

Hacking: The Art of Exploitation

The Shellcoders Handbook


I've got both of these books and a few on ASM, so I can vouch for them (as can their reviews and ratings).

Happy Hacking

I wrote a book a little over a year ago to answer exactly these types of questions...
https://www.amazon.com/Hacker-Ethos-Beginners-Ethical-Penetration/dp/1523764368
There is a free preview with 100 pages from one of my early drafts if you want a sneak peek at what you'd be reading...
https://drive.google.com/file/d/0B8JvWS_y2CHqZ2EwWG9pcENjazQ/view

Reading the subreddits is certainly helpful as well. I would definitely recommend building your own lab of vulnerable machines to practice. You can get plenty of these from Vulnhub.com

Of course, you'll need some tutorials, chiefly of which I recommend www.cybrary.it, an excellent site for tutorials on all things security and infosec, including pentesting.
Other books I highly recommend...

• Mastering Metasploit
  
• Mastering Kali Linux for Advanced Penetration Testing
  
• The Web Application Hacker's Handbook
  
• The Hacker's Playbook
  
• The Shellcoder's Handbook
  
• Hacking: The Art of Exploitation
  
  Good luck, OP hat-tip
  

In all honesty mate, my best advice would be to learn about the techniques used in social engineering. This can span from NLP, building rapport, covert hypnosis and micro expressions and much, much more.

I started on this book ages ago and it was a great introduction to this whole world.

After you have an understanding of how body language and words effect peoples behaviour, then you can move on to more advanced techniques.

This guy has a great YouTube channel with so many videos about NLP and hypnosis. If you browse a few of them just to get a real, physical idea of how people use language, and what words can be emphasised for a specific purpose.

In terms of other books, Kevin Mitnick has a few good ones about his life (google him if you don't know who he is). And also a guy called Kevin Dutton wrote a book called Flipnosis - The art of split second persuasion

The other thing I would say, and I can't really stress this enough, is try to observe your own and others behaviour and understand why and how people say what they say and do what they do. I like to do this by sitting in a relatively busy cafe and simply observing what goes on and how people interact.

Hope this helps.

Let me start by telling you that InfoSec jobs are in-demand now more than ever and that's not likely to change as more and more of the world are starting to use computers, computers continue advancing, etc. So, barring any sort of impending dark ages and assuming you're putting enough effort into your education and continuing education, you should be able to work your way up without too much trouble. Focus on getting your foot in the door and be professional.

 

Now then, I'm currently an Information Security Analyst in the US, so this information may be completely irrelevant to you out there in NZ. I initially only graduated with an Associate's (2-year) in Information Security & Computer Forensics. I managed to get my job before I had even graduated as I worked hard in school (a stressful amount, really) and knew how to conduct myself in a professional manner. They actually paid for my certifications, and a lot of companies out there will as well. Here's the tiered structure we followed - all InfoSec related certifications:

 

Within the first 6 months, we are sent to training to obtain our CompTIA Security+ certification. This is roughly a 1-hour, multiple choice test and you need at least an 80% to pass. I would recommend any of these three books to study from:

This is the book that my company had provided me to study from

This is the book my friend had given me. Both her and I studied from this and passed successfully

This is the book we are currently learning from in my Bachelor's program

Take your pick, they'll all achieve the same essentials, mostly. I am awful at studying and mainly just crammed the few topics I wasn't sure about in the night/morning before my test and passed with an 86%.

 

Next, we're sent to get our GSEC, which is the GIAC Security Essentials Certification. The Security+ focuses on several main topics and gets in-depth with the information, whereas GSEC covers a wide span of topics but doesn't get very in-depth. This test takes about 5 hours to complete also, compared to the 45 minutes that it took to take the Security+. It's important to note that the GSEC, while 5 hours long, is open-book. My company sent me to a training class that provided 6 different books to cover any topic on the GSEC, however you also need an index. The books themselves don't have a table-of-contents, so you need to make an index yourself that covers just about every topic on every page. In my case, a coworker sent me his that he had used, and it turns out it was out of date so not a single page was correct. Much to my own surprise, I passed with an 82% (the minimum passing score is 74%) so while the index/books are important - they're not completely necessary as long as you paid attention in your classes. It should also be noted that I did not actually study for this. Most of it was just common-sense stuff like "Which of the following does an Intrusion Prevention Device do?" and knowledge that I had obtained from school/work.

 

After GSEC is the GCIH, or, GIAC Certified Incident Handler. I haven't taken this yet, nor the next one, so I can't speak to their difficulty or process, but I've been told by other analysts it's roughly the same as GSEC, just different information and more hands-on like capture the flag runs.

 

Finally, after GCIH, we are sent to get our GCIA, or, GIAC Certified Intrusion Analyst. Same with GCIH, I have not been sent to obtain this cert just yet, but I can only imagine it's somewhat similar to the last 2 as they follow GIAC's tiered structure.

 

So TLDR - as a current InfoSec Analyst - the recommended certs are Security+, GSEC, GCIH, and GCIA. There are many more certs out there, though, these are just the ones my company values currently.

 

Good luck!

I second Python as a great beginner language.

Here you go /u/moonknightspidey - http://learnpythonthehardway.org/

You don't have to buy the book, it's available through the web site for free. If you prefer a physical book: https://www.amazon.com/Learn-Python-Hard-Way-Introduction/dp/0321884914

The person I'm replying to also recommended Ruby. Zed Shaw also wrote a ruby book.

Online (free): http://learnrubythehardway.org/book/

Print: https://www.amazon.com/Learn-Ruby-Hard-Way-Computational/dp/032188499X

And if you're feeling crazy then you can learn you a haskell (don't do this).

Bookmark these for when you get into C later:
http://c.learncodethehardway.org/book/ Same guy who wrote Learn Python the Hard Way. The online (free) copy of Learn C etc is incomplete, but is now available in print in full: https://www.amazon.com/Learn-Hard-Way-Practical-Computational/dp/0321884922

Then there's beej: http://beej.us/guide/

And the obligatory TCP/IP book: https://www.nostarch.com/tcpip.htm

If anyone's wondering about why I just spammed the shit out of Zed Shaw's books, it's because his writing style is very easy to get into and keeps your attention. It's anything but dry, and focuses on making you write code, break it, and figure out why it broke.

There are other good Python books as well, like this one: https://www.nostarch.com/automatestuff

And here's another No Starch book on Ruby (I like No Starch - Absolute OpenBSD is a great reference) - https://www.nostarch.com/ruby

Security onion is amazing, I use it myself as a VM in a home esxi server with a cheap 5 port smart switch.

A few quick notes:

• The Practice of Network Security Monitoring by Richard Bejtlich is a great resource for this sort of thing.
  
  
• You will need something with more power than a rasberryPi for this, unless you make the pi just a sensor and you have a server running the snort analytics.
  
  
• Keep in mind that if you have this behind your router, and your router is also your WiFi access point, you will not pick up any WiFi traffic. If you put it in front of your router, you will get all traffic, but it will all show the same IP (your public IP).
  
  My suggestion is to get a cheap switch with port mirror capabilities, like the Mikrotik Routerboard 260gs. Get a wireless AP (or an old router which has AP only mode), and plug this into your switch. Plug your actual router (the one doing the NAT) into the switch, and mirror these to a port that is connected to the security onion box.
  
  That way will get you both ethernet and WiFi traffic. If you have any questions about running security onion in a home setting, feel free to send me a PM.

I'm the manager of application security and research at a mid-level software vendor with over 400 developers and testers and I want to recommend you ignore all of the more generic advice currently in this thread. As someone with coding experience and interest, you have a unique path to infosec that so many companies want, but find it extremely difficult to hire for.

Any company that ships software has to consider the security of their application - full stop. Most rely on scanners or annual third-party vulnerability assessments for this, but obviously that falls short. They need people who can build security in from an architectural standpoint. Someone who can actually implement the fixes suggested by the above methods, and ideally, someone who can help implement security as an integral part of the SDLC instead of as a bolt-on premise.

My recommendation is to make your way through 24 Deadly Sins of Software Security and The Web Application Hacker's Handbook. If you can understand the bulk of concepts in these two books, you'll be leagues ahead of almost any developer you find yourself up against in a hiring scenario. For the coup de gras, learn about threat modeling. It's a great way to teach other developers and testers security and to build security into any system during design instead of post-release. Check out this book which is actually probably a little too comprehensive, use this card game from Microsoft (it seems silly, but I promise you it works), and watch this talk one of the guys on my team gave at BSides Cincinnati.

If you have any questions, PM me.

>CHARGING your smartphone by plugging it into a computer or public charging station is enough to get your hacked, security experts have claimed.

This article is refering to what i was saying about charging stations where sometimes the USB ports in those stations can be used to install or break into your device IF you are using a one of those ports directly but if you use the power adapters you are perfectly fine given that i have never seen a power outlet that transfers data. As for the computer side of things well its a given that: One, Public WiFi is a venerability in it of itself, Two where if you connect to your machine your device would be as secure as the machine itself (IE firewalls, antivirus, ETC). If you really want to be secure use a power adapter OR a power only usb cable Like this

Make friends with someone local and technically competent, or get familiar with simple hardware and software work. You'll need a Windows install disk, a new hard drive, an USB to hard drive connector and a screwdriver set to do this.

• From a 'safe' PC, change all your email/social networking/other sites passwords and challenge questions. Don't reuse old ones, don't use ones he can guess. If you need suggestions, go here
  
  
• Have your new friend replace the hard drive in your laptop and install the operating system of your choice on the new hard drive. This means that your PC is now clean of any previous RATs, as well as your personal files. You may want to invest in up to date antivirus and anti malware packages.
  
  
• With that now known good system, do a backup and factory reset on your iPhone. You're going to want to copy over photos, contacts and email, but any apps should be reinstalled via the Apple Store.
  
  
• Connect your old hard drive via the USB connector. Run your antimalware scan on that drive until it comes up clean. Copy over your personal files (photos, documents and the like) until you're sure you have everything.
  
  
• I think it's unlikely that he's rooted your WiFi router, but just in case, you can update the firmware to ensure that it's unmodified. Change the WPA key and the login password while you're at it.
  
  Good luck. Recognize that if he's a douchebag, he'll threaten you with exposure of anything he's already obtained. You'll have to accept that or he'll have power over you.

The guy that wrote that blog post has a good book called Spam Nation that talks about his deep dive investigation into Russian cybercrime gangs. It's incredibly good, and he's one of the best reporters on the cyber underground.

I'd also look for the coverage of Stuxnet. There's a really good documentary about it called zer0days, and since you specifically asked about books you could do Countdown to Zero though I haven't read it so I don't know how good it is. If you haven't heard about Stuxnet it's a fascinating story about just how advanced US cyber warfare capability is.

Everyone seems to be pretty on point with their responses so I'll just throw some ideas out there that you can look into to maybe find a more exciting vector:

• Track down a botnet command and control infrastructure
  
• Reverse engineer programs with known 0 days to see if you can find said zero day
  
• Look into memory forensics (http://www.amazon.com/The-Art-Memory-Forensics-Detecting/dp/1118825098)
  
• Look into Red Teaming: There are positions out there that not only require you to "hack" an organization, but you have to be able to break into it physically as well
  
• Write some malware that gets past VirusTotal (https://www.virustotal.com/)
  
• If you are into puzzles check out the Defcon badge challenge
  
  Good luck!
  

You might be interested in reading Practical C Programming. This book is about C (obviously) but it has really helped me understand what good code is supposed to look like. It looks very much like yours! I recommended it to all.

Find an FM transmitter for the car like this one: https://www.amazon.com/Transmitter-Adapter-adapter-Built-Players/dp/B076X3GSMH and set it to 98.1FM and hide it somewhere as close to the antenna of the radio as possible. Depending on the strength of the FM transmitter it will cause a lot of static and interference and force your manager to use another station. Connect to an ipod and play grindcore/deathmetal on repeat for an even more annoying effect.

Have you read Blue Team Handbook? It could be a good place to start and I'm guessing your company can swing you $15

Hey all, sorry I didn't post specs I was asleep

This is my general purpose tech kit. I used to do security research for the gov so I've collected some stuff over the years.

Keyboard is Rii Mini i8

Various adapters for HDMI, USB-C, Mini/Micro USB, and a USB-to-TTL Serial (Blue Cord)

RPI 3 with a bunch of microSD cards. This has many purposes such as wardriving, rogue hotspot, and general purpose linux.

Alfa USB Wireless Adapter

Ethernet Cables

Power Extender

USB Power Bank

And a static free bag

The USBs have since been replaced by a single YUMI USB I keep on my person but contain:

Spinrite, Kali, Tails, Hirens Boot CD, Rubber Duck, Windows Recovery, Mac Recover, and random tool installers

Expanded View https://i.imgur.com/mXPSR1s.jpg

USB-to-TTL Serial https://www.amazon.com/gp/product/B00QT7LQ88/ref=ppx_yo_dt_b_asin_title_o05__o00_s00?ie=UTF8&psc=1

Edit: This isn't actually really the "good" stuff because that's all in my notebook. I guess I could post a few pages from that?

This is one of my security starter trifecta:

Hacking: The Art of Exploitation

Rtfm: Red Team Field Manual

Blue Team Handbook: Incident Response Edition

Books:
1.amazon.com/Rootkit-Arsenal-Escape-Evasion-Corners/dp/144962636X
2.amazon.com/Art-Memory-Forensics-Detecting-Malware/dp/1118825098
3.nostarch.com/rootkits
Blogs/Forums:
1.0x00sec.org/
2./r/rootkit
3.rootkitanalytics.com/
4.turbochaos.blogspot.co.uk/?m=1
5./r/malware
6./r/reverseengineering
7.r00tkit.me/