Cyber security/Hacking materials - Security & Cryptography
Users browsing this thread:
|
|||
I rwcently stumbled upon https://www.hackthebox.eu, a hacker's community with challenges and vulnerable hosts for the members to compete/learn/discuss about cyber security. This seem cool, but I have no freaking idea how to hack my way into the website (please don't spoil me!).
As I'm leaning more and more toward security in my career, I though it would be interesting to learn about these practices and get a bit into it to improve my security skills. I know about all those "metasploit", "jack the ripper", ... things. But they look like pre-packed stuff you fire once, let run for 2 hours and then you get a reverse shell withou knowing why. I would like to get my hands dirty, and know what's under the hood. Is anyone here knowledgeable on the topic? Do you know about resources for complete newbies? Share your experience! |
|||
|
|||
-- <mort> choosing a terrible license just to be spiteful towards others is possibly the most tux0r thing I've ever seen |
|||
|
|||
Thanks for your help.
|
|||
|
|||
The best website I know is wechall, it regroups all of the other websites together in one place.
|
|||
|
|||
for ctf's specifically:
https://vulnhub.com https://www.root-me.org/en/Capture-The-Flag/ https://ctftime.org https://github.com/apsdehal/awesome-ctf more generalized info: https://github.com/jekil/awesome-hacking https://github.com/jivoi/awesome-osint infosec is a wide blanket field. you should pick a specialization you like and focus on that. e.g. web apps, networking, wifi, crypto, intel, etc. |
|||
|
|||
so what is also more challenge based is
ring0team: https://ringzer0ctf.com/ if you are interested in binary exploitation, there is: https://overthewire.org/wargames/ if you want to checkout some nice videos on differnt topics including hardware security, checkout lifeoverflows channel: https://www.youtube.com/channel/UClcE-kV...cjYwcpfj9w regarding Hackthebox: when i started HTB, my first box was a metasploit one but got me really hooked and was my entry to pentesting. Never used metasploit too much. in the early days it was sometimes a question of the right wordlist but it is not the case anymore and sometimes you have realy fancy privesc's to do :) . To get some good methodology on approaching a target, there is a youtube channel from a user called "ippsec" who makes walkthroughs on retired boxes. |
|||