Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
How I learnt hacking in
high school
Lokesh Pidawekar
The road ahead
● Why learn this?
● Creating the lab environment
● How to learn
● Caveats
● What next, opportunity?
● Concl...
● Security Engineer at Cisco Systems, Inc.
● Mastered Science of Information
Assurance from Northeastern University,
Bosto...
Disclaimer
The tools and techniques covered in the presentation can be dangerous and
are being shown only for educational ...
Why learn this
http://www.wordstream.com/images/attention-economy-zoidberg-why.png
Penetration Testing
“Penetration testing is security testing in which assessors
mimic real world attacks to identify metho...
Why Pentest?
● Better (cost and effort) to find holes before attackers
exploit them
● Vulnerability assessment is not enou...
How did I start
● Curiosity
● Self phishing (My first endeavor)
● Reading blogs about breaking things
● Practicing techniq...
And why?
● They don’t teach how to break systems in schools
but employers expect to defend all attacks as if we
know how t...
Know thy self, know thy enemy. A thousand
battles, a thousand victories
- Sun Tzu
Let the show begins
Recipe for making a hacking lab
● Some virtualization platform
● installing required software for atta...
The infrastructure
● Raspberry Pi, old laptop
● Virtualization Software -
o VMware fusion/workstation (if the
school is gi...
Attacking OS
Dedicated OS
● Kali Linux (Formerly known as Backtrack)
● Samurai WTF
● Santoku Linux
● Backbox Linux
● Pento...
Vulnerable Platforms for practice
Operating System Metasploitable 2
Vulnerability Specific
Images
Pentesterlab, vulnhub, C...
Learning, how to:
● Hacking is not point and shoot
● Fundamental from OWASP
● Security Researchers blogs e.g. Project Zero...
Practice and Dedication
SQLi,
XSS,
Password
Cracking
etc.
Opportunities
Huge Opportunity
http://money.cnn.com/pf/best-jobs/2015/list/
Security recruitment and hacking
● Hacking the company will put you in prison
● Companies are becoming more hands-on while...
Wargames and Capture the Flag
● There are plenty of CTF games happening throughout the year (Check any
Con)
● Some CTF are...
Online challenges
The researchers, companies put online challenges for various attacks
● https://xss-game.appspot.com/
● h...
Responsible Disclosure
● Because we are white hats :)
● Builds trust between vendors
and security community
● Name and fam...
Bug Bounty
Most of the companies have started to reward
researchers as part of bug bounty program
Example - Google, Facebo...
Some guidelines to follow
● Write a concise report with proper steps to reproduce
the vulnerability
● Test security for th...
● Rapid skill development is key to success in security
● They can’t teach everything in class
● It’s not easy to gain exp...
References
1. http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf
2. https://www.pcisecuritystandards.org/pdf...
Questions
Email - lokesh[dot]pidawekar[at]gmail[dot]com
How I Learnt hacking in High School - BSidesLV - 2015
Upcoming SlideShare
Loading in …5
×

How I Learnt hacking in High School - BSidesLV - 2015

855 views

Published on

This talk was presented in Proving Ground track of BSidesLV 2015

Published in: Internet
  • Be the first to comment

How I Learnt hacking in High School - BSidesLV - 2015

  1. 1. How I learnt hacking in high school Lokesh Pidawekar
  2. 2. The road ahead ● Why learn this? ● Creating the lab environment ● How to learn ● Caveats ● What next, opportunity? ● Conclusion
  3. 3. ● Security Engineer at Cisco Systems, Inc. ● Mastered Science of Information Assurance from Northeastern University, Boston (MA) ● Occasionally blog at infosecforever.blogspot.com ● @MaverickRocky02 ● lokesh [dot] pidawekar [at] gmail [dot] com
  4. 4. Disclaimer The tools and techniques covered in the presentation can be dangerous and are being shown only for educational purposes. It is a violation of Federal and some states’ laws to attempt to gain unauthorized access to information assets or systems belonging to others, or to exceed authorized on systems for which access have not been granted. Only use these tools with/on systems you own or with written permission from the owner. Speaker does not assume any responsibility and shall not be held liable for any illegal use of these tools.
  5. 5. Why learn this http://www.wordstream.com/images/attention-economy-zoidberg-why.png
  6. 6. Penetration Testing “Penetration testing is security testing in which assessors mimic real world attacks to identify methods for circumventing the security features of an application, system or network1” http://kcdigitalarts.net/wp-content/uploads/2013/01/simulation-network-security-consultation.jpg
  7. 7. Why Pentest? ● Better (cost and effort) to find holes before attackers exploit them ● Vulnerability assessment is not enough ● Requirement from compliance standards such as PCI DSS2 ● Increases the security of the computing resources being tested
  8. 8. How did I start ● Curiosity ● Self phishing (My first endeavor) ● Reading blogs about breaking things ● Practicing techniques on old software ● Attending security meetups
  9. 9. And why? ● They don’t teach how to break systems in schools but employers expect to defend all attacks as if we know how to do it ● Cruising through the interviews and practical tests ● To develop penetration testing skill
  10. 10. Know thy self, know thy enemy. A thousand battles, a thousand victories - Sun Tzu
  11. 11. Let the show begins Recipe for making a hacking lab ● Some virtualization platform ● installing required software for attack ● installing vulnerable software ● learning key concepts
  12. 12. The infrastructure ● Raspberry Pi, old laptop ● Virtualization Software - o VMware fusion/workstation (if the school is giving free license), otherwise vmware player, Oracle Virtualbox, Qemu http://catstechnology.com/wp- content/uploads/2014/03/0FVNM9EASJX.jpg
  13. 13. Attacking OS Dedicated OS ● Kali Linux (Formerly known as Backtrack) ● Samurai WTF ● Santoku Linux ● Backbox Linux ● Pentoo ● Android Tamer (because it’s the age of mobile) Recent developments to build frameworks for pentesting is exciting for e.g. Pentestbox, Appie, Pentester’s framework etc.
  14. 14. Vulnerable Platforms for practice Operating System Metasploitable 2 Vulnerability Specific Images Pentesterlab, vulnhub, CTFs images Web Application WebGoat, BwaPP, DVWA, OWASP Bricks Mobile Applications GoatDroid, InsecureBankv2, DVIA Custom Cloud based Hack.me
  15. 15. Learning, how to: ● Hacking is not point and shoot ● Fundamental from OWASP ● Security Researchers blogs e.g. Project Zero3, etc. ● Conference talks, videos (anyone heard of @irongeek or @securitytube) ● Online courses on Coursera, udemy etc.
  16. 16. Practice and Dedication SQLi, XSS, Password Cracking etc.
  17. 17. Opportunities
  18. 18. Huge Opportunity http://money.cnn.com/pf/best-jobs/2015/list/
  19. 19. Security recruitment and hacking ● Hacking the company will put you in prison ● Companies are becoming more hands-on while recruitment ● There is no dummies guide for cracking security interviews
  20. 20. Wargames and Capture the Flag ● There are plenty of CTF games happening throughout the year (Check any Con) ● Some CTF are live round the year o http://overthewire.org/wargames/ - Challenges ranging from web app to Linux command and overflows o http://io.smashthestack.org/
  21. 21. Online challenges The researchers, companies put online challenges for various attacks ● https://xss-game.appspot.com/ ● https://github.com/yahoo/webseclab ● https://google-gruyere.appspot.com/ ● https://github.com/cure53/xss-challenge-wiki/wiki/Older-Challenges-and- Write-Ups
  22. 22. Responsible Disclosure ● Because we are white hats :) ● Builds trust between vendors and security community ● Name and fame or even some money http://web.securityinnovation.com/Portals/49125/images/Disclo sure.jpg
  23. 23. Bug Bounty Most of the companies have started to reward researchers as part of bug bounty program Example - Google, Facebook, LinkedIn etc. Responsible disclosed vulnerabilities to Sony, Prezi.com, Eventbrite etc. There are platforms such as BugCrowd, HackerOne, Synack, CrowdCurity etc. to mediate for crowdsourcing bug bounty
  24. 24. Some guidelines to follow ● Write a concise report with proper steps to reproduce the vulnerability ● Test security for the targets that are where you have permissions explicitly ● Respect the vendor, do not indulge in malpractice against them ● Do not copy paste other researcher’s report (there are hell lot of bugs yet to be found)
  25. 25. ● Rapid skill development is key to success in security ● They can’t teach everything in class ● It’s not easy to gain experience of exploiting all vulnerabilities in real world ● Defense can be designed well if we will know attacking techniques Conclusion
  26. 26. References 1. http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf 2. https://www.pcisecuritystandards.org/pdfs/infosupp_11_3_penetration_test ing.pdf 3. http://googleprojectzero.blogspot.com/ 4. http://www.zdnet.com/article/pwn2own-2015-the-year-every-browser-went- down/ 5. http://www.google.com/about/appsecurity/reward-program/ 6. https://www.facebook.com/whitehat?_rdr 7. https://community.rapid7.com/docs/DOC-1875 8. https://pentesterlab.com/
  27. 27. Questions Email - lokesh[dot]pidawekar[at]gmail[dot]com

×