Path To Pentester

Path To Pentester – Anon’s QuestEDITOR NOTE: I am intending to make this a re-post due to the useful information in the original pastebin file (Link Below) many of the links go back to Amazon, so I will be uploading those to my PDF bin. There are also many mentions to Linkedin, this service, while useful to those needing to look for a job, I cannot advise it's usage. https://restoreprivacy.com/linkedin-data-leak-700-million-users/https://archive.is/XB5hlTLDR; Learn linux, learn some python (don’t need to be able to write your own programs, just to recognize code and maybe fix a couple broken lines). Get Kali Linux. Download vulnerable vms from VulnHub and attack them. When you get stuck, check walkthroughs. Join hackthebox.eu. Get a premium account. Hack every box you can, starting with low to medium rated difficulty. Do OSCP! OSCP took me 3-4 months while working 50 hours a week at a separate job. If you are a NEET, it will be easier. You can dedicate more time and focus on it more than I could. If you start to struggle with this, I put in some options for getting into lower level certs and jobs while you continue your quest. Find me on /biz or protonmail. I will help you in your quest. I’m an oldfag, you anons mean a lot to me. I want you to succeed.FULL GUIDELearn Linux: I say this, because although I do know a few guys who hack from Windows, most do not. And even if you use Windows/macOS, you still will be hacking into Linux servers! Linux is an absolute must. If you have linux experience, then learn bash scripting and python. If you have never used linux, then my recommendation (and what I did personally,) is to get a cheap or old laptop/PC , wipe it completely, and install a linux OS. Use this PC for all your basic computer needs. Force yourself to learn linux, and more importantly, force yourself to work from the command line as often as possible. Don’t know how to move a file or can’t remember where applications are installed? Don’t know how to install an application or open a weird file type? Google how to do it from the command line! You must learn linux.Learn Python: Python is the most important programming language you could learn for hacking. Over 50% of all exploits are written in python, and nearly all great hacking tools are written in python. Metaspoit (originally written in Ruby) is now supporting the importing of python modules, and I expect, in the future, all modules will be in python. Python is also great for scripting and writing your own tools. In order to learn python, I suggest two different (but similar) sources:

https://learnpythonthehardway.org/

https://www.udemy.com/learn-python-and-ethical-hacking-from-scratch/

Zaid Sabih is a fantastic instructor on udemy, and his python and ethical hacking course is one of the best Offensive Security courses I have ever taken. I believe it is still on sale for $11.99 on udemy. I highly recommend that course. He also gives a few tips on working in linux. If you prefer the college course style of learning, then “learn python the hard way” is a textbook / recorded lectures style and it is a very good course from completely learning python from scratch as well. It is $30.Get Certifications: Ok this is going to be some non-standard advice here... Most the IT industry focuses heavily on certs. If you look on Linkedin, you will see most people in IT Security just piling up certs on top of certs (A+ , Net+ , Security+, CASP, CISSP, etc...) Here is my breakdown for pentesters: IF you want to pentest for a living, then you need OSCP! OSCP is the only certification that mattered for me to get my current penetration tester job. I have other certifications, but they could not care less. The ONLY certification that currently exists, that is considered proof that I can hack, is the OSCP (Offensive Security Certified Professional). This certification is from Offensive Security (https://www.offensive-security.com/) and it is the gold standard. There’s only an estimated 5500 people worldwide who have this certification on Linkedin, so it is an instant job if you manage to get it. This is the end game. Get the OSCP and you will be a pentester. Everything else you do, and everything else I list here, should be done in an effort to get your OSCP cert, because once you have it, you are ready to hack.Now this next section is for brainlets. If you don’t know a damn thing, and you think this quest is going to take you a year or more, then you should get 1 or all of the certs below, which can help you get to the 80k+ mark while you continue questing for OSCP. Not everyone has to do this, it is a completely optional, and Longer timeframe path. I leave it here as info for those not ready, or struggling to go straight into OSCP. If you want to go right into OSCP, then skip past the certs to the “READ READ READ” title below and keep going. The other certifications I suggest are:

CompTIA Security+

A very good cert, I consider it the most broad, and most broadly applicable across the industry.

CompTIA Advanced Security Practitioner (CASP+)

If you get Security+, you may as well do this ‘advanced’ version, which I thought was easy after doing Sec+ , and if you ever work the Defensive side of security, this cert will get you a very good job.

Certified Ethical Hacker (CEH) Certification

I have mixed feelings about this cert. Lot’s of people get it, and lots of people have it, who have no idea what hacking really is or how to do it. They also couldn’t copy a file from one folder to another on a linux machine... However, it does have value, in that it forces you to learn all the hacking terms, tools, and methods, in preparation for the test. It is an overly expensive certification, and I do not think many employers outside of government really place much value in it. What I suggest is buying a CeH book, or some other study materials for the exam, such as a course on Udemy or something similar, and doing the coursework, but maybe don’t bother with the test, unless you have an extra $1100 laying around. It’s not worth it, and you can spend the same amount of money getting OSCP, which is what you really need.

READ, READ, READ: If you don’t like to read, or are not willing to do research on a regular basis, then this job is not for you. Here’s a list of books you should buy ASAP:

Hacker Methodology Handbook (NO PDF)

The Hacker’s Playbook 2

Hash Crack v2

RTFM (Red Team Field Manual)

There are many other great books on the topic. Try some out!LEARN BY DOING:The best way to learn to hack (or penetration test) is by trying to do it. Now, this doesn’t mean try to hack your school network and erase your tardies... Don’t do that. Thankfully today, there are tons of places where you can legally practice and learn, to hack. Below are my favorite environments for doing so:

HackTheBox.eu

This site is great (though a bit advanced.) You will need to hack your way in to register (if you get stuck, I’m sure there are guides online.) After that, you can download a vpn package and have access to over 20 servers built by the community for the purpose of hacking challenges and learning. The forums are great for getting hints and tips, and the people there are generally very helpful by direct message.

Vulnhub.com

Like Hackthebox, but offline. People build Virtual Machines for hacking into and learning, and post them here for everyone to have for free. Download a few, spin them up in virtualization software, and try them out. The great thing about vulnhub, is that people post walkthroughs and how-to for these machines. A quick google search for “vulnhub Raven walkthrough” will produce great walkthroughs for that machine name. Great tool.

OSCP Lab

The OSCP certification I mentioned before is setup like the hackthebox.eu lab. If you do everything else, then when you are ready and you tackle the OSCP for the first time, you willspend months hacking over 40 servers in their state of the art private network. Doing Vulnhub and hackthebox.eu will prepare you for this final test.

Virtual Machines

Spin up your own! You can install Virtualbox from Oracle for free! You can also get free Windows 7, 10, 2012 R2, 2016 Server virtual machines for free from Microsoft: https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/. Build some Virtual Machines and start testing against them! See what you can break! Of course, you will also need your attacker (hacking) machine... There are two main hacking Operating Systems, which you can also get for free, but I prefer Kali Linux: https://www.kali.org/downloads/. ou can also try out Parrot, though it is not my preference, it may be a better one to start with, since it has a bit more flair in the GUI: https://www.parrotsec.org/download.php Try them out and pick the one you like!

So I feel like that’s a great start for the technical side of things... In terms of getting into the industry, there are a couple good steps to take as well. As I said, getting OSCP will solidify your path for a pentesting career. However for brainlets or those who struggle right away, there are other steps you can take to start earning good money, and to get your foot in the door, in the industry, right away. (This is another section for those who the quest will take longer. If you are going straight to OSCP, you can skip the other certs!)Once you get the CompTIA Security+ certification, you can get a job on the defensive side of the house. If you want to start working in the industry, this is the fastest way to get there. Armed with Sec+ , I would start looking for junior analyst positions in your area. In my experience, these jobs are mostly centered around schools (maybe check with your college!) or large cities. If you get CASP, you can get a very well paid Defensive job, while you work on OSCP and transition to offense. With CASP, I would look for mid-level cyber security analyst jobs (check Linkedin!) If you choose to go this route, and acquire certs while earning, then hit me back up once you have CASP and I can get you a job. I know way too many people looking for analysts. Anyway, you can make 80k-100k. Again, this is OPTIONAL! If you struggle at first, then do this. If you have the aptitude to do OSCP right away, I ADVISE THAT INSTEAD.Write your resume in a way that leverages your Programming knowledge if you have it. If you write any scripts or tools with taking the courses I mentioned, or during OSCP, put them all onyour own public Github, and list that on your resume. Employers think having a repo and sharing with the community is great in new hires.Go to conferences, if you have the money and time. Defcon, Derbycon, THOTCon, Grrcon, etc... There’s a ton of conferences out there. If you have the money to get out to a few Cyber Conferences, do it. They are fun and you will learn a lot in a short time span. You will also meet people in the industry, who are always looking for new talent. If you are currently working in IT, you can probably get your employer to pay for you to go to conferences.Participate in CTF (Capture the Flag) challenges. These can be in person or online. Well that should get you started. And honestly, I guarantee, if you do all these things, you will be a penetration tester starting out at no less than 120k. My FIRST penetration testing job was remote for $150k.ANYONE WHO RECEIVED THIS DOCUMENT AND GETS OSCP, I WILL PERSONALLY HELP YOU LAND YOUR FIRST PENETRATION TESTING JOB. YOU KNOW WHERE TO FIND ME ANONS. Now, since this path is not easy, and can actually be very difficult, and at times tiresome, here are some more fun resources to keep you going when things get tough:

Mr. Robot – Great TV show. Check it out.

Ghost in the Wires – Book by Kevin Mitnick. Great hacking book, true story.

War Games – 1980s movie about hacking. Cheesy, still cool. The old hacking tech is awesome.

Hacker Wars – Documentary about Anonymous