Wednesday, May 18, 2011

Education: 2011

I have been gathering, watching and reading more and more info-sec data from everywhere including great books, from Amazon of course and it has been helping a lot.  I just wanted to mention some of the things I have been using to learn, just in case you are starting out like me.  Most of the information has been leaning towards social engineering and browser exploits.  For example, if you start looking at enough YouTube clips of DefCons and presentations by the elite security researchers and pentesters, you learn that nowadays, most attacks are done on layer 7 and 8 of the OSI model. The recent Playstation PSN hack was reported to have started from a Spear Phishing attack.  It seems that a little social engineering goes a long way.  All it takes is one click.  Depending on the vulnerability, it might even be easier.  With SQLi and XSS, you can move the browser for your victim to introduce an exploit.  A user is directed to the wrong page or opens the wrong email.  It can happen and it obviously does.  Ask Sony.  Here is my list:

Dissecting the Hack: The Forb1dd3n Network (Half way done)
Python Network Programming (Just beginning)
Social Engineering: The Art of Human Hacking (Just bought)
KingPin (Just bought)
Fuzzing: Brute Force Vulnerability Discovery (Just bought)
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
(Just beginning)

Elearning Security
Malware Analysis -
Malware Analysis -

Joe McCray
PenTesting -
Advanced SQL Injection -
Advanced SQL Injection (LayerOne 2009)

Sam Kamkar
Hacking Facebook/PHP -

IronGeek (Adrian Crenshaw)
Numberous Videos -*.*-
Dakykilla, Purehate and Irongeek
Password Exploitation Class -

Numberous Videos -*.*-

Python Programming
Computer Science Class -

Member of
PenTesting Steps  -

Great Forum w/ videos,links,articles for Pentesting -

Hopefully, this helps other people in the quest for knowledge.  Good Night

1 comment:

  1. Have you tried the course? It looks like OSWP has been updated so it would be nice to know if there are some significant differences. Thanks in advance.