Your SlideShare is downloading. ×

So You Want to be a Hacker?

5,031

Published on

This talk by Chris Grayson contains lots of information about how to enter the so-called "hackerspace." From mental approaches to books, movies, and other media to online courses and knowledge …

This talk by Chris Grayson contains lots of information about how to enter the so-called "hackerspace." From mental approaches to books, movies, and other media to online courses and knowledge repositories, this presentation is intended to be the one-stop-shop for anyone trying to become a penetration tester.

Published in: Engineering, Education
2 Comments
75 Likes
Statistics
Notes
No Downloads
Views
Total Views
5,031
On Slideshare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
433
Comments
2
Likes
75
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • TODO: We may need to look into how to get a version of the logo that not only looks good but also prints to PDF cleanly.

    This is an example of what a lead slide could look like.

    Design Guide

    Font throughout: Proximo Nova Main Body Text: 24 pt Bullet Point Text: 20 pt
    Sub bullet Point Text: 16 pt

    Make sure you turn on gridlines, so you can see how everything is lining up.
  • Transcript

    • 1. So You Want to be a Hacker? THEN LET’S GET STARTED October 16, 2014
    • 2. A BRIEF INTRODUCTION GOTTA START SOMEWHERE
    • 3. 3 The Talk’s Agenda 1. Introduction 2. The necessary prerequisites 3. Immersing yourself 4. Educating yourself 5. Places to practice responsibly 6. Common tools 7. Making it count THE ROAD TO BRIGHTER PASTURES?
    • 4. 4 Who Am I? DOWN IN FRONT Christopher Grayson • cgrayson@bishopfox.com • @_lavalamp Senior Security Analyst at Bishop Fox (Pen-Testing FTW) MSCS, BSCM from GT Former Research Scientist from GT Former president, GT hacking club
    • 5. 5 I currently have my dream job I’ve never had to choose between education and safety I had the good fortune of attending SkyDogCon in 2012 But the story continues… Why am I Here Today? LITTLE BIT OF LUCK, LITTLE BIT OF SKILL
    • 6. 6 Many Reasons THE PLOT THICKENS… 3 teams at SkyDogCon Duplicity CTF, got 2nd, 3rd and 4th place • …out of 4 teams Received tickets to Shmoocon 2013, Offensive Security training Competed in TOOOL Master Keying competition Received ticket to Shmoocon 2014
    • 7. 7 We work in the coolest industry. Period. We need more talented individuals. We need safe places to hone our skills. Why are YOU Here? HOPEFULLY NOT BY ACCIDENT
    • 8. 8 The Term “Hacker” NOT TO START A DEBATE… Lots of debate around the term Commonly used by the media to refer to malicious people with technical skills Used in the community to show reverence towards another’s capabilities
    • 9. 9 What a Hacker Certainly Isn’t THREE CHEERS FOR THE MEDIA
    • 10. THE APPROACH COMFORT ZONES TO THE WIND
    • 11. 11 What Does it Take to Break? KEEPING IT ZEN Patience Enthusiasm Perseverance Interest
    • 12. 12 You will get frustrated. You will not learn everything overnight. You will get ridiculed. Be Wary… NOTHING WORTH DOING WAS EVER EASY
    • 13. 13 Takeaways STILL INTERESTED? Becoming a “hacker” is not so much a profession as it is a way of life. It requires mental fortitude and patience above all else. Expertise comes slowly. It’s entirely worth the journey.
    • 14. THE ENVIRONMENT IN OVER Y(OUR) HEAD
    • 15. 15 The Word of the Day is Immersion Expertise requires a lot of technical knowledge. This can’t be gained overnight. The first step is to listen to the lingo. CARE TO GO FOR A SWIM?
    • 16. 16 Reddit EVER HEARD OF IT BEFORE? Powerful message board Lots of infosec boards • /r/hacking • /r/netsec • /r/howtohack • /r/websec • /r/sysadmin • /r/blackhat
    • 17. 17 Hang out on Freenode to talk through challenges and difficulties you have trouble with. • #metasploit – Metasploit developers • #corelan – Folks from Corelan team • #vulnhub – Folks from Vulnhub team • #offsec – Folks from Offensive Security Freenode NOT ALL THAT DISSIMILAR TO PIRATE SHIPS
    • 18. 18 Mailing Lists #SPAMSPAMSPAM Good way to keep track of the industry’s pulse Lots of mailing lists for all skill levels and areas of interest http://seclists.org/
    • 19. 19 Ghost in the Wires The Art of Intrusion The Art of Deception Kingpin The Cuckoo’s Egg Code Hacking – The Art of Exploitation Books WHAT ARE THOSE AGAIN?
    • 20. 20 Movies THE GOOD, THE BAD, AND THE UGLY Sneakers • http://www.imdb.com/title/tt 0105435/ Hackers • http://www.imdb.com/title/tt 0113243/ War Games • http://www.imdb.com/title/tt 0086567/
    • 21. 21 DEF CON • https://www.defcon.org/ Black Hat • https://www.blackhat.com/ Shmoocon • http://www.shmoocon.org/ Conferences MEET YOUR FELLOW NERDS
    • 22. 22 Disclaimer ARMOR OF THICK SKIN+3 Some of the venues listed previously are less friendly towards new-comers than others. General rule of thumb is to research any questions that you have prior to asking them. Showing that you’ve done your own work before asking for the help of others goes a long way in this community.
    • 23. LESSONS TO BE LEARNED STRAIGHT EDUMACATED
    • 24. 24 So Now we Get Into the Difficult Stuff? PERHAPS, PERHAPS, PERHAPS The hardest part is having the gumption to stick with it. Technical skills can be learned (even if learned slowly). Technical skills are required, and typically the more the better.
    • 25. 25 Harvard Introduction to CS Incredibly-thorough course on Computer Science https://www.edx.org/c ourse/harvardx/harvar dx-cs50x-introduction-computer- 1022 LEARN FROM THE BEST OF THEM
    • 26. 26 Computer Networks on Coursera ONE BYTES TWO BYTES THREE BYTES FOUR Fundamental understanding of networking is important https://www.coursera. org/course/comnetwor ks
    • 27. 27 Programming for Everybody on Coursera The ability to write code greatly helps in this field. https://www.coursera. org/course/pythonlear n FROM SCRIPT KIDDIE TO SCRIPT MASTER
    • 28. 28 OpenSecurityTraining.info HARDLY KNOWN BUT HUGELY HELPFUL OpenSecurityTraining can be found online • http://opensecuritytraining.info/ “Is dedicated to sharing training material for computer security classes, on any topic, that are at least one day long.” Has free, professional courses on all matters hacking Even has course outlines and pre-requisites!
    • 29. 29 SecurityTube can be found online • http://www.securitytube.net/ Large amounts of free videos created by the site’s founder Aggregation of conference videos and lectures Full primers on lots of different hacking areas SecurityTube.net AGGREGATE THOSE VIDEOS!
    • 30. 30 Corelan.be WRITE YOURSELF SOME EXPLOITS Corelan can be found online • https://www.corelan.be/ In-depth tutorials detailing exploit-writing and binary exploitation Tons of other educational resources, primarily focused on binary and RE topics
    • 31. 31 Offensive Security can be found online • http://www.offensive-security. com/ The group that created Backtrack and Kali Linux distributions Training is not free, but the training you get from their courses is top-notch and well-managed. Has an IRC channel that you can hang out in! Offensive Security THE AUTHORS OF KALI, BACKTRACK
    • 32. 32 SANS Institute GETTING CERTIFIED Has a number of certifications for security training Not free, must pay to maintain certifications http://www.sans.org/
    • 33. 33 Cisco has a number of certifications in the security space. Not free, must pay to maintain certifications https://learningnetwork. cisco.com/community/c ertifications/security Cisco Certifications MOAR CERTIFICATIONS?!
    • 34. GO TO WORK GETTING YOUR HANDS NOT-SO-DIRTY
    • 35. 35 VulnHub can be found online: • http://vulnhub.com/ A large repository of software images that are created solely to be vulnerable Great place to get software packages to hack on Has an IRC channel you can hang out in! Vulnerable Images STAND UP YOUR OWN LAB
    • 36. 36 DVWA EMPHASIS ON THE D Web application that is built specifically to have lots of vulnerabilities Great starting place for beginning to hack Web applications http://www.dvwa.co.uk/
    • 37. 37 Ongoing Competitions CTF365 can be found online: • http://ctf365.com/ Touts a massive online, persistent CTF CTFTime can be found online: • https://ctftime.org/ Keeps track of CTF competitions worldwide, maintains scores for teams across different CTFs BRUTAL TRAINING GROUNDS
    • 38. 38 Stand-Alone Challenges SHORT, SWEET, AND TO THE POINT We Chall can be found online: • https://www.wechall.net/ Is an aggregation site for individual challenges Advertises a total of 133 challenges available
    • 39. 39 Managed service provider that consolidates bug bounty programs Go and hack things in real life and get $$$ https://bugcrowd.com/ Bugcrowd INDUSTRY EXPERIENCE
    • 40. TOOLS OF THE TRADE AN AWFULLY FULL BAG OF TRICKS
    • 41. 41 Wireshark NETWORKS ARE CHATTIER THAN YOU MAY THINK Used for monitoring local network traffic Great way to learn more about network protocols https://www.wireshark .org/
    • 42. 42 An HTTP proxy with lots of hacky bells and whistles Used universally across the professional security industry http://portswigger.net/bu rp/ Burp Suite WEB APP HACKER’S SWISS ARMY KNIFE
    • 43. 43 Browser Developer Tools REPURPOSING TOOLS FOR FUN AND PROFIT! Packaged in with all modern browsers Used mostly by developers for testing functionality during the development process
    • 44. 44 LavaPasswordFactory Good tool for generating password lists Made by yours truly  https://github.com/lav alamp- /LavaPasswordFactor y A GOOD PASSWORD LIST IS NICE TO HAVE
    • 45. 45 John the Ripper CRACK GOES THE PASSWORD Where LavaPasswordFactory generates password lists, John the Ripper cracks them! http://www.openwall.c om/john/
    • 46. 46 The de facto standard penetration testing Linux distribution Comes with all of the bells and whistles at installation http://www.kali.org/ Kali Linux BELLS AND WHISTLES GALORE
    • 47. 47 VMWare Fusion / Workstation VIRTUALIZATION IS YOUR FRIEND Great platform for virtualization If you don’t know what virtualization, check it out! http://www.vmware.co m/
    • 48. MAKING IT COUNT WHAT NEXT?
    • 49. 49 Penetration testing Security analyst Security engineer All the technical things! Positions in the Field HACKING FOR GOOD
    • 50. 50 Don’t Let it go to Waste WE’VE ALREADY GOT ENOUGH BAD GUYS Doing this stuff maliciously is a bad idea Far too many opportunities to help others and the community Don’t let it go to waste
    • 51. REFERENCES A CENTRALIZED STORY
    • 52. 52 References TAKE ONE The Electronic Frontier Foundation on the Computer Fraud and Abuse Act • https://ilt.eff.org/index.php/Computer_Fraud_and_Abuse_Act_(CFAA) Wikipedia on Aaron Swartz • http://en.wikipedia.org/wiki/Aaron_Swartz H3 at Georgia Tech Research Institute • http://h3.gatech.edu/ The UCSB iCTF • http://ictf.cs.ucsb.edu/ SECCDC • http://www.seccdc.org/
    • 53. 53 References TAKE TWO VulnHub – Vulnerable by Design • http://vulnhub.com/ CTF365 • http://ctf365.com/ CTF Time! • https://ctftime.org/ WeChall – A Challenge Aggregation Site • http://www.wechall.net/
    • 54. 54 References TAKE THREE Atlanta OWASP • https://www.owasp.org/index.php/Atlanta_Georgia Security Mailing Lists • http://seclists.org/ Sneakers movie on IMDB • http://www.imdb.com/title/tt0105435/ Hackers movie on IMDB • http://www.imdb.com/title/tt0113243/
    • 55. 55 References TAKE FOUR War Games movie on IMDB • http://www.imdb.com/title/tt0086567/ Hacking movies list on IMDB • http://www.imdb.com/list/ls055167700/ DEF CON • https://www.defcon.org/ Black Hat • https://www.blackhat.com/
    • 56. 56 References TAKE FIVE Shmoocon • http://www.shmoocon.org/ Harvard Introduction to Computer Science • https://www.edx.org/course/harvardx/harvardx-cs50x-introduction- computer-1022 Computer Networks on Coursera • https://www.coursera.org/course/comnetworks Programming for Everybody on Coursera • https://www.coursera.org/course/pythonlearn
    • 57. 57 References TAKE SIX OpenSecurityTraining • http://opensecuritytraining.info/ Security Tube • http://www.securitytube.net/ Corelan.be • http://corelan.be/ Offensive Security • http://www.offensive-security.com/
    • 58. 58 References TAKE SEVEN SANS Security Training • http://www.sans.org/ Cisco Security Training • https://learningnetwork.cisco.com/community/certifications/ security DVWA • http://www.dvwa.co.uk/ BugCrowd • https://bugcrowd.com/
    • 59. 59 References TAKE EIGHT Wireshark • https://www.wireshark.org/ Burp Suite • http://portswigger.net/burp/ Reddit • http://www.reddit.com/ Freenode IRC • http://freenode.net/
    • 60. QUESTIONS? HOPEFULLY YOU’VE GOT A FEW
    • 61. THANK YOU @_LAVALAMP

    ×