Cyber security/Hacking materials - Security & Cryptography

Users browsing this thread: 1 Guest(s)
z3bra
Grey Hair Nixers
I rwcently stumbled upon https://www.hackthebox.eu, a hacker's community with challenges and vulnerable hosts for the members to compete/learn/discuss about cyber security. This seem cool, but I have no freaking idea how to hack my way into the website (please don't spoil me!).

As I'm leaning more and more toward security in my career, I though it would be interesting to learn about these practices and get a bit into it to improve my security skills.

I know about all those "metasploit", "jack the ripper", ... things. But they look like pre-packed stuff you fire once, let run for 2 hours and then you get a reverse shell withou knowing why.

I would like to get my hands dirty, and know what's under the hood. Is anyone here knowledgeable on the topic?
Do you know about resources for complete newbies?

Share your experience!
BANGARANG, MOTHERFUCKER
jkl
Long time nixers
(28-11-2019, 04:58 PM)z3bra Wrote: hacker's community

(28-11-2019, 04:58 PM)z3bra Wrote: vulnerable hosts for the members

ROFL.
z3bra
Grey Hair Nixers
Thanks for your help.
venam
Administrators
The best website I know is wechall, it regroups all of the other websites together in one place.
xero
Long time nixers
for ctf's specifically:

https://vulnhub.com
https://www.root-me.org/en/Capture-The-Flag/
https://ctftime.org
https://github.com/apsdehal/awesome-ctf

more generalized info:

https://github.com/jekil/awesome-hacking
https://github.com/jivoi/awesome-osint

infosec is a wide blanket field. you should pick a specialization you like and focus on that. e.g. web apps, networking, wifi, crypto, intel, etc.
jvarg
Members
so what is also more challenge based is
ring0team:
https://ringzer0ctf.com/

if you are interested in binary exploitation, there is:
https://overthewire.org/wargames/

if you want to checkout some nice videos on differnt topics including hardware security, checkout lifeoverflows channel:
https://www.youtube.com/channel/UClcE-kV...cjYwcpfj9w

regarding Hackthebox:

when i started HTB, my first box was a metasploit one but got me really hooked and was my entry to pentesting.
Never used metasploit too much. in the early days it was sometimes a question of the right wordlist
but it is not the case anymore and sometimes you have realy fancy privesc's to do :) .
To get some good methodology on approaching a target, there is a youtube channel from a user called "ippsec" who makes walkthroughs on retired boxes.