SlideShare a Scribd company logo

How To Start Your InfoSec Career

Download as PPTX, PDF
Andrew McNicol
Andrew McNicol

This document provides tips and guidance for starting an information security career. It discusses the importance of continuous learning and hands-on skills development. Some key recommendations include building a home lab, participating in capture-the-flag exercises, learning programming languages like Python and Linux, finding a mentor, considering certifications, and networking within the security community through conferences, Twitter, blogs and open source projects. The document uses examples from penetration testing and security analysis to illustrate real-world scenarios.

Technology
1 of 33
How to Start Your InfoSec Career
Build | Protect | Learn Agenda 2 • ~$ whoami • Overview • Platforms for Information • Tips For Skill Development • Find a Mentor • Education • Certifications • DoD 8570 Requirements • DoD vs. Commercial • Professional Networking • Networking, Linux, and Python • Life of a Pentester (Offense) + Example • Life of a Security Analyst (Defense) + Example • Practice • Recap • Useful Links
Build | Protect | Learn ~$ whoami • Founded in 2015 to deliver effective and sustainable cyber solutions • Currently provides technical services to the Federal Government and commercial sectors • Prides itself on leveraging technology advancements to solve our clients’ most critical cyber challenges General Major Service Areas • We embrace a “Geeky” company culture. • Engage with security community (Blog, Twitter, Exploit-db, Github, Conferences, etc.). • Large focus put on learning and sharing knowledge. • Company CTFs and other technical challenges to improve skills. Company Culture • Cybersecurity Assessments • Defensive Cyber Operations • Research and Development • Cybersecurity Training 3
Build | Protect | Learn Overview 4 • Let's get you started! • The goal of this presentation is to share our teams knowledge and lessons learned while working in the industry. • The keys to success in infosec can link to a continuous effort of knowing your environment and improving knowledge/skills. • Our industry requires not only knowledge of terms and topics, but also hands on the keyboard skills to succeed. • Ultimately being able to keep yourself up to date is a key component to being an InfoSec Professional.
Build | Protect | Learn Platforms for Information • One of the best resources for keeping yourself current is Twitter. • Often people will report news via a tweet before it’s even blogged. • Build Your Network! Follow various infosec professionals, vendors and companies. Twitter Blogs RSS Feeds • Learning from blogs can lead to lessons learned and discovery of new topics. • Blogs are a great way to share ideas and thoughts among the community. • Bookmark some of your favorite blogs and podcasts to check regularly for new interesting content. • If you want a combination of twitter and blogs consider an RSS reader (i.e. digg, feedly, etc) • A RSS Feed can help keep track of blogs and news items 5
Build | Protect | Learn 6 Tips for Skill Development • Technical skills require hands-on practice. • Labs can be simple: Your computer + VirtualBox or VMware + VMs Build a Lab Capture-the-Flag Exercises • If you want to acquire and/or maintain technical skills then you should participate in a CTF • Many online CTFs available: vulnhub.com • Good resource for learning how to excel in CPT events: https://trailofbits.github.io/ctf/vulnerabilities/source.html Free Training and Online Resources • You can also find most conference talks online: (Irongeek YouTube) • Loads of free training resources: Cybray, OffSec, etc.
Build | Protect | Learn 7 Find a Mentor
Build | Protect | Learn 8 Education • If in doubt go Computer Science. Programming skills are always in high demand. Learning to write your own scripts and tools will separate you from the pack. You do not need a CS degree to be able to write code. • Some jobs require it, others do not it is really a mixed bag. • Can be a good way to show you are worth investing in. • Can help you potentially skip lower-level IT roles (Help Desk and System Administrator) roles. You still need hands-on skills with the technology. • College is really what you make of it, challenge yourself to learn things beyond the scope of the class requirements.
Build | Protect | Learn 9 Certifications • Offers many entry-level certifications (Security+, Linux+, etc.). • Multiple-choice exam usually a couple hundred questions. CompTIA Offensive Security • Offers hands-on technical certifications (OSWP, OSCP, OSCE, etc.). • Skills-based exam (24 hours to break into 5 VMs and provide detailed penetration test report). SANS/GIAC • Offers a wide variety of technical and policy focused certifications (GSEC, GPEN, GCIA, GCIH, etc.) • Multiple-choice exam usually 75-150 questions and vary with passing percentage minimum. ISC2 and Others • Many other certifications that can help your career: CISSP, SSCP, Microsoft, Cisco, etc. • Depends highly on your specific career goals.
Build | Protect | Learn 10 DoD 8570
Build | Protect | Learn 11 DoD vs. Commercial • Mixture of Government (CIV) and Contractors employees working together • A lot of policy in place and separation of information (Unclassified/Classified) • Often requires a clearance or public trust • Compliance is a huge focus • Has Infrastructure that is on the Internet and on separate Govt Networks (NIPR, DODIN, etc) • Most contractor work will have to be bid upon before the government awards it. DoD/Govt. Commercial • Hired to work as an employee under a company or organization • Has regulations of compliance enforced (PCI, HIPPA, FISMA, etc) • Potential work with big businesses and small businesses • Has less policy enforcement (depends more upon the company's enforcement) • Often times will not require any clearance but may have company policy in place to protect information.
Build | Protect | Learn 12 Professional Networking • Helps build online professional profile “Google your Name” LinkedIn Twitter • Most active in the security community are on twitter. Personal Blog • Great way to share knowledge, showcase skills, and research. Opensource Projects (Github, Sourceforge, etc.) • Contributing or creating an open source project is a great way to get noticed by companies. LinkedIn Conferences • Expand your TTP's and knowledge in person.
Build | Protect | Learn Understand Basic Networking 13
Build | Protect | Learn Linux - Use It! 14
Build | Protect | Learn Python - Learn It! 15
Build | Protect | Learn Life of a Pentester (Offense) 16 • Lots of failure: Pentesting is all about failing over and over again. • Lots of research: Facing a new type of technology will force you to do a lot of research on the fly. • Lots of skill development: I find I have to spend a lot of time to sharpen skills. Staying up to date on vulnerabilities and attacks. • Consistently thinking like an attacker: Thinking how to misuse technology in creative ways? • Scripting: Normally this required for senior roles • Tools: Metasploit, Burp Suite, Nmap, Masscan, Recon-ng, Linux/Windows, Nessus, Acunetix, WebInspect, Mimikatz, Python, and many other tools in Kali Linux.
Build | Protect | Learn The World Needs Bad Men…. 17
Build | Protect | Learn Offensive Example: debug.php 18 • Step 1: Started out with a company name -> enumerate domains, and CIDRs.
Build | Protect | Learn Offensive Example: debug.php 19 • Step 2: Leverage Python/Shodan API to quickly enumerate external footprint
Build | Protect | Learn Offensive Example: debug.php 20 • Step 3: Systems/Ports/Systems are validated from Shodan results using Masscan and Nmap. Then web technology footprint enumerated with whatweb. * Linux utilities were used to build input files/parse output files (sed, grep, awk, egrep, sort, uniq)
Build | Protect | Learn Offensive Example: debug.php 21 • Step 4: Enumerate an unlinked resource "debug.php" that gives an HTTP 200 OK and blank screen. This is where automated tools stop.
Build | Protect | Learn Offensive Example: debug.php 22 • Step 5: Parameters are fuzzed in an attempt to enumerate inputs "page=" gives back a different response "Failed opening 'test' for inclusion".
Build | Protect | Learn Offensive Example: debug.php 23 • Step 6: Attempt to point the page parameter to local and remote resources and attempt to execute code on the server.
Build | Protect | Learn Offensive Example: debug.php 24 • Step 7: PHP was running as SYSTEM on the vulnerable application. An attacker could dump password hashes and pivot throughout the organization with admin privileges.
Build | Protect | Learn Life of a Security Analyst (Defense) 25 • Attention to Detail: Digging through logs, pcap, alerts, etc. requires a lot of attention to detail. • Hunting: Often going through large amounts of “normal” data to find what is “odd”. • Desire to Improve: Most Defensive jobs are what you make it, you can sit on facebook and check the box, or you can dig and go beyond alerts. • Scripting: Normally required for senior technical roles. • Lots of Research: It can often be hard to explain a network event using only pcap as a resource. Staying up to date on the latest attacks and vulnerabilities is important. • Tools: Tcpdump, Wireshark, Bro, Snort, SIEM Tools, Python, Windows/Linux, etc.
Build | Protect | Learn Hunt for the needle in the haystack... 26
Build | Protect | Learn When you first look at pcap... 27
Build | Protect | Learn Defensive Example: PCAP 28 • You leverage some tcpdump/bash Kung Fu to quickly summarize DNS. • You notice a domain that looks legit, but is misspelled! Can you see it?
Build | Protect | Learn Defensive Example: PCAP 29 • You investigate this further and notice some odd parameters in the corresponding HTTP traffic. What is interesting about the HTTP GET request below?
Build | Protect | Learn Practice ● We’ve created a CTF VM + Question and Answer guide to help expose you to various hands-on security challenges. 30
Build | Protect | Learn Recap ● Stay up to date with latest news and trends (Twitter, RSS Feeds, Blogs, etc.) ● Build a lab ● Learn Python! ● Use Linux ● Research and participate in Capture the Flag (CTF) events / Vulnerable VMs ● Be aware of the free online resources for technical training ● Find a mentor ● Learn about job requirements for target job (skills, certifications, education, etc.) ● Develop a professional/InfoSec network (Twitter, LinkedIn, etc.) ● Start a personal blog ● Consider contributing to or starting an open source project ● Attend conferences or watch conference talks on YouTube Find your passion...you’ll always go further if you really love the subject matter. Some really enjoy hunting through pcap, others by getting shells. Figure out what you like and sharpen those skills. 31
Build | Protect | Learn Useful Links 32 • Cybrary.it • OWASP • Pentesting Execution Standard (PTES) • SANS ISC • Vulnhub • Pentester Lab • Metasploit Unleashed • IronGeek YouTube channel • SecurityTube • Jason Haddix How to Shot Web Talk • How to be an InfoSec Geek Talk • Pcap Resources: http://www.netresec.com/?page=PcapFiles http://contagiodump.blogspot.com/2013/08/deepend-research-list-of-malware-pcaps.html • Malwr.com • Dump of common InfoSec interview questions (isdpodcast)
Build | Protect | Learn Connect with Us www.breakpoint-labs.com info@breakpoint-labs.com @0xcc_labs 33

Recommended

Pentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingPentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated Testing
Andrew McNicol
 
Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016
Andrew McNicol
 
BSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated TestingBSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated Testing
Andrew McNicol
 
BSidesJXN 2016: Finding a Company's BreakPoint
BSidesJXN 2016: Finding a Company's BreakPointBSidesJXN 2016: Finding a Company's BreakPoint
BSidesJXN 2016: Finding a Company's BreakPoint
Andrew McNicol
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
Andrew McNicol
 
BSides Philly Finding a Company's BreakPoint
BSides Philly Finding a Company's BreakPointBSides Philly Finding a Company's BreakPoint
BSides Philly Finding a Company's BreakPoint
Andrew McNicol
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration Testing
Andrew McNicol
 
BSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability ManagementBSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability Management
Andrew McNicol
 

Recommended

Pentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated TestingPentesting Tips: Beyond Automated Testing
Pentesting Tips: Beyond Automated Testing
Andrew McNicol
 
Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016Beyond Automated Testing - RVAsec 2016
Beyond Automated Testing - RVAsec 2016
Andrew McNicol
 
BSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated TestingBSidesDC 2016 Beyond Automated Testing
BSidesDC 2016 Beyond Automated Testing
Andrew McNicol
 
BSidesJXN 2016: Finding a Company's BreakPoint
BSidesJXN 2016: Finding a Company's BreakPointBSidesJXN 2016: Finding a Company's BreakPoint
BSidesJXN 2016: Finding a Company's BreakPoint
Andrew McNicol
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
Andrew McNicol
 
BSides Philly Finding a Company's BreakPoint
BSides Philly Finding a Company's BreakPointBSides Philly Finding a Company's BreakPoint
BSides Philly Finding a Company's BreakPoint
Andrew McNicol
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration Testing
Andrew McNicol
 
BSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability ManagementBSidesJXN 2017 - Improving Vulnerability Management
BSidesJXN 2017 - Improving Vulnerability Management
Andrew McNicol
 
Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
Andrew McNicol
 
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
Chris Gates
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
Christian Martorella
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X Way
Stephan Borosh
 
Offensive Python for Pentesting
Offensive Python for PentestingOffensive Python for Pentesting
Offensive Python for Pentesting
Mike Felch
 
Is code review the solution?
Is code review the solution?Is code review the solution?
Is code review the solution?
Tiago Mendo
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
Chris Gates
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
CODE BLUE
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
Sunny Neo
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesDefconRussia
 
TeelTech - Advancing Mobile Device Forensics (online version)
TeelTech - Advancing Mobile Device Forensics (online version)TeelTech - Advancing Mobile Device Forensics (online version)
TeelTech - Advancing Mobile Device Forensics (online version)Mike Felch
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchain
jasonhaddix
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016
Daniel Bohannon
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
NotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersNotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersRob Fuller
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
marcioalma
 
Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018
Niranjanaa Ragupathy
 
Lares from LOW to PWNED
Lares from LOW to PWNEDLares from LOW to PWNED
Lares from LOW to PWNED
Chris Gates
 
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad GuysBSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad Guys
Joff Thyer
 
Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017
Adrian Sanabria
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Sean Whalen
 

More Related Content

What's hot

Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
Andrew McNicol
 
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
Chris Gates
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
Christian Martorella
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X Way
Stephan Borosh
 
Offensive Python for Pentesting
Offensive Python for PentestingOffensive Python for Pentesting
Offensive Python for Pentesting
Mike Felch
 
Is code review the solution?
Is code review the solution?Is code review the solution?
Is code review the solution?
Tiago Mendo
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
Chris Gates
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
CODE BLUE
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
Sunny Neo
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesDefconRussia
 
TeelTech - Advancing Mobile Device Forensics (online version)
TeelTech - Advancing Mobile Device Forensics (online version)TeelTech - Advancing Mobile Device Forensics (online version)
TeelTech - Advancing Mobile Device Forensics (online version)Mike Felch
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchain
jasonhaddix
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016
Daniel Bohannon
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
NotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersNotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersRob Fuller
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
marcioalma
 
Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018
Niranjanaa Ragupathy
 
Lares from LOW to PWNED
Lares from LOW to PWNEDLares from LOW to PWNED
Lares from LOW to PWNED
Chris Gates
 
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad GuysBSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad Guys
Joff Thyer
 

What's hot (20)

Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
 
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
hackcon2013-Dirty Little Secrets They Didn't Teach You In Pentesting Class v2
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X Way
 
Offensive Python for Pentesting
Offensive Python for PentestingOffensive Python for Pentesting
Offensive Python for Pentesting
 
Is code review the solution?
Is code review the solution?Is code review the solution?
Is code review the solution?
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
 
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilitiesVorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
 
TeelTech - Advancing Mobile Device Forensics (online version)
TeelTech - Advancing Mobile Device Forensics (online version)TeelTech - Advancing Mobile Device Forensics (online version)
TeelTech - Advancing Mobile Device Forensics (online version)
 
The Web Application Hackers Toolchain
The Web Application Hackers ToolchainThe Web Application Hackers Toolchain
The Web Application Hackers Toolchain
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
NotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for PentestersNotaCon 2011 - Networking for Pentesters
NotaCon 2011 - Networking for Pentesters
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
 
Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018Introduction to Web Application Security - Blackhoodie US 2018
Introduction to Web Application Security - Blackhoodie US 2018
 
Lares from LOW to PWNED
Lares from LOW to PWNEDLares from LOW to PWNED
Lares from LOW to PWNED
 
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad GuysBSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad Guys
 

Similar to How To Start Your InfoSec Career

Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017
Adrian Sanabria
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Sean Whalen
 
Supply Chain Security for Developers.pdf
Supply Chain Security for Developers.pdfSupply Chain Security for Developers.pdf
Supply Chain Security for Developers.pdf
ssuserc5b30e
 
Web Hacking With Burp Suite 101
Web Hacking With Burp Suite 101Web Hacking With Burp Suite 101
Web Hacking With Burp Suite 101
Zack Meyers
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Aaron Hnatiw
 
Transferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTransferring Software Testing Tools to Practice
Transferring Software Testing Tools to Practice
Tao Xie
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
Joseph Holbrook, Chief Learning Officer (CLO)
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Teemu Tiainen
 
Dev Ops for systems of record - Talk at Agile Australia 2015
Dev Ops for systems of record - Talk at Agile Australia 2015Dev Ops for systems of record - Talk at Agile Australia 2015
Dev Ops for systems of record - Talk at Agile Australia 2015
Mirco Hering
 
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24
 
(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects
(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects
(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects
Amazon Web Services
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
Sean Whalen
 
Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongbryns
 
DEVASC_Module_1.pdf
DEVASC_Module_1.pdfDEVASC_Module_1.pdf
DEVASC_Module_1.pdf
MorooCoffee
 
Why defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillWhy defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skill
Ollie Whitehouse
 
The_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdfThe_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdf
gcara4
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinDev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Matt Tesauro
 
Keeping up with PHP
Keeping up with PHPKeeping up with PHP
Keeping up with PHP
Zend by Rogue Wave Software
 
Case study
Case studyCase study
Case study
karan saini
 

Similar to How To Start Your InfoSec Career (20)

Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
 
Supply Chain Security for Developers.pdf
Supply Chain Security for Developers.pdfSupply Chain Security for Developers.pdf
Supply Chain Security for Developers.pdf
 
Web Hacking With Burp Suite 101
Web Hacking With Burp Suite 101Web Hacking With Burp Suite 101
Web Hacking With Burp Suite 101
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
 
Transferring Software Testing Tools to Practice
Transferring Software Testing Tools to PracticeTransferring Software Testing Tools to Practice
Transferring Software Testing Tools to Practice
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
 
Dev Ops for systems of record - Talk at Agile Australia 2015
Dev Ops for systems of record - Talk at Agile Australia 2015Dev Ops for systems of record - Talk at Agile Australia 2015
Dev Ops for systems of record - Talk at Agile Australia 2015
 
Outpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24 webinar: Turning DevOps and security into DevSecOps
Outpost24 webinar: Turning DevOps and security into DevSecOps
 
(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects
(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects
(SPOT205) 5 Lessons for Managing Massive IT Transformation Projects
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrong
 
DEVASC_Module_1.pdf
DEVASC_Module_1.pdfDEVASC_Module_1.pdf
DEVASC_Module_1.pdf
 
Why defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillWhy defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skill
 
The_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdfThe_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdf
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinDev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
 
Keeping up with PHP
Keeping up with PHPKeeping up with PHP
Keeping up with PHP
 
Case study
Case studyCase study
Case study
 
1 - Introduction.ppt
1 - Introduction.ppt1 - Introduction.ppt
1 - Introduction.ppt
 

Recently uploaded

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 

Recently uploaded (20)

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 

How To Start Your InfoSec Career

  • 1. How to Start Your InfoSec Career
  • 2. Build | Protect | Learn Agenda 2 • ~$ whoami • Overview • Platforms for Information • Tips For Skill Development • Find a Mentor • Education • Certifications • DoD 8570 Requirements • DoD vs. Commercial • Professional Networking • Networking, Linux, and Python • Life of a Pentester (Offense) + Example • Life of a Security Analyst (Defense) + Example • Practice • Recap • Useful Links
  • 3. Build | Protect | Learn ~$ whoami • Founded in 2015 to deliver effective and sustainable cyber solutions • Currently provides technical services to the Federal Government and commercial sectors • Prides itself on leveraging technology advancements to solve our clients’ most critical cyber challenges General Major Service Areas • We embrace a “Geeky” company culture. • Engage with security community (Blog, Twitter, Exploit-db, Github, Conferences, etc.). • Large focus put on learning and sharing knowledge. • Company CTFs and other technical challenges to improve skills. Company Culture • Cybersecurity Assessments • Defensive Cyber Operations • Research and Development • Cybersecurity Training 3
  • 4. Build | Protect | Learn Overview 4 • Let's get you started! • The goal of this presentation is to share our teams knowledge and lessons learned while working in the industry. • The keys to success in infosec can link to a continuous effort of knowing your environment and improving knowledge/skills. • Our industry requires not only knowledge of terms and topics, but also hands on the keyboard skills to succeed. • Ultimately being able to keep yourself up to date is a key component to being an InfoSec Professional.
  • 5. Build | Protect | Learn Platforms for Information • One of the best resources for keeping yourself current is Twitter. • Often people will report news via a tweet before it’s even blogged. • Build Your Network! Follow various infosec professionals, vendors and companies. Twitter Blogs RSS Feeds • Learning from blogs can lead to lessons learned and discovery of new topics. • Blogs are a great way to share ideas and thoughts among the community. • Bookmark some of your favorite blogs and podcasts to check regularly for new interesting content. • If you want a combination of twitter and blogs consider an RSS reader (i.e. digg, feedly, etc) • A RSS Feed can help keep track of blogs and news items 5
  • 6. Build | Protect | Learn 6 Tips for Skill Development • Technical skills require hands-on practice. • Labs can be simple: Your computer + VirtualBox or VMware + VMs Build a Lab Capture-the-Flag Exercises • If you want to acquire and/or maintain technical skills then you should participate in a CTF • Many online CTFs available: vulnhub.com • Good resource for learning how to excel in CPT events: https://trailofbits.github.io/ctf/vulnerabilities/source.html Free Training and Online Resources • You can also find most conference talks online: (Irongeek YouTube) • Loads of free training resources: Cybray, OffSec, etc.
  • 7. Build | Protect | Learn 7 Find a Mentor
  • 8. Build | Protect | Learn 8 Education • If in doubt go Computer Science. Programming skills are always in high demand. Learning to write your own scripts and tools will separate you from the pack. You do not need a CS degree to be able to write code. • Some jobs require it, others do not it is really a mixed bag. • Can be a good way to show you are worth investing in. • Can help you potentially skip lower-level IT roles (Help Desk and System Administrator) roles. You still need hands-on skills with the technology. • College is really what you make of it, challenge yourself to learn things beyond the scope of the class requirements.
  • 9. Build | Protect | Learn 9 Certifications • Offers many entry-level certifications (Security+, Linux+, etc.). • Multiple-choice exam usually a couple hundred questions. CompTIA Offensive Security • Offers hands-on technical certifications (OSWP, OSCP, OSCE, etc.). • Skills-based exam (24 hours to break into 5 VMs and provide detailed penetration test report). SANS/GIAC • Offers a wide variety of technical and policy focused certifications (GSEC, GPEN, GCIA, GCIH, etc.) • Multiple-choice exam usually 75-150 questions and vary with passing percentage minimum. ISC2 and Others • Many other certifications that can help your career: CISSP, SSCP, Microsoft, Cisco, etc. • Depends highly on your specific career goals.
  • 10. Build | Protect | Learn 10 DoD 8570
  • 11. Build | Protect | Learn 11 DoD vs. Commercial • Mixture of Government (CIV) and Contractors employees working together • A lot of policy in place and separation of information (Unclassified/Classified) • Often requires a clearance or public trust • Compliance is a huge focus • Has Infrastructure that is on the Internet and on separate Govt Networks (NIPR, DODIN, etc) • Most contractor work will have to be bid upon before the government awards it. DoD/Govt. Commercial • Hired to work as an employee under a company or organization • Has regulations of compliance enforced (PCI, HIPPA, FISMA, etc) • Potential work with big businesses and small businesses • Has less policy enforcement (depends more upon the company's enforcement) • Often times will not require any clearance but may have company policy in place to protect information.
  • 12. Build | Protect | Learn 12 Professional Networking • Helps build online professional profile “Google your Name” LinkedIn Twitter • Most active in the security community are on twitter. Personal Blog • Great way to share knowledge, showcase skills, and research. Opensource Projects (Github, Sourceforge, etc.) • Contributing or creating an open source project is a great way to get noticed by companies. LinkedIn Conferences • Expand your TTP's and knowledge in person.
  • 13. Build | Protect | Learn Understand Basic Networking 13
  • 14. Build | Protect | Learn Linux - Use It! 14
  • 15. Build | Protect | Learn Python - Learn It! 15
  • 16. Build | Protect | Learn Life of a Pentester (Offense) 16 • Lots of failure: Pentesting is all about failing over and over again. • Lots of research: Facing a new type of technology will force you to do a lot of research on the fly. • Lots of skill development: I find I have to spend a lot of time to sharpen skills. Staying up to date on vulnerabilities and attacks. • Consistently thinking like an attacker: Thinking how to misuse technology in creative ways? • Scripting: Normally this required for senior roles • Tools: Metasploit, Burp Suite, Nmap, Masscan, Recon-ng, Linux/Windows, Nessus, Acunetix, WebInspect, Mimikatz, Python, and many other tools in Kali Linux.
  • 17. Build | Protect | Learn The World Needs Bad Men…. 17
  • 18. Build | Protect | Learn Offensive Example: debug.php 18 • Step 1: Started out with a company name -> enumerate domains, and CIDRs.
  • 19. Build | Protect | Learn Offensive Example: debug.php 19 • Step 2: Leverage Python/Shodan API to quickly enumerate external footprint
  • 20. Build | Protect | Learn Offensive Example: debug.php 20 • Step 3: Systems/Ports/Systems are validated from Shodan results using Masscan and Nmap. Then web technology footprint enumerated with whatweb. * Linux utilities were used to build input files/parse output files (sed, grep, awk, egrep, sort, uniq)
  • 21. Build | Protect | Learn Offensive Example: debug.php 21 • Step 4: Enumerate an unlinked resource "debug.php" that gives an HTTP 200 OK and blank screen. This is where automated tools stop.
  • 22. Build | Protect | Learn Offensive Example: debug.php 22 • Step 5: Parameters are fuzzed in an attempt to enumerate inputs "page=" gives back a different response "Failed opening 'test' for inclusion".
  • 23. Build | Protect | Learn Offensive Example: debug.php 23 • Step 6: Attempt to point the page parameter to local and remote resources and attempt to execute code on the server.
  • 24. Build | Protect | Learn Offensive Example: debug.php 24 • Step 7: PHP was running as SYSTEM on the vulnerable application. An attacker could dump password hashes and pivot throughout the organization with admin privileges.
  • 25. Build | Protect | Learn Life of a Security Analyst (Defense) 25 • Attention to Detail: Digging through logs, pcap, alerts, etc. requires a lot of attention to detail. • Hunting: Often going through large amounts of “normal” data to find what is “odd”. • Desire to Improve: Most Defensive jobs are what you make it, you can sit on facebook and check the box, or you can dig and go beyond alerts. • Scripting: Normally required for senior technical roles. • Lots of Research: It can often be hard to explain a network event using only pcap as a resource. Staying up to date on the latest attacks and vulnerabilities is important. • Tools: Tcpdump, Wireshark, Bro, Snort, SIEM Tools, Python, Windows/Linux, etc.
  • 26. Build | Protect | Learn Hunt for the needle in the haystack... 26
  • 27. Build | Protect | Learn When you first look at pcap... 27
  • 28. Build | Protect | Learn Defensive Example: PCAP 28 • You leverage some tcpdump/bash Kung Fu to quickly summarize DNS. • You notice a domain that looks legit, but is misspelled! Can you see it?
  • 29. Build | Protect | Learn Defensive Example: PCAP 29 • You investigate this further and notice some odd parameters in the corresponding HTTP traffic. What is interesting about the HTTP GET request below?
  • 30. Build | Protect | Learn Practice ● We’ve created a CTF VM + Question and Answer guide to help expose you to various hands-on security challenges. 30
  • 31. Build | Protect | Learn Recap ● Stay up to date with latest news and trends (Twitter, RSS Feeds, Blogs, etc.) ● Build a lab ● Learn Python! ● Use Linux ● Research and participate in Capture the Flag (CTF) events / Vulnerable VMs ● Be aware of the free online resources for technical training ● Find a mentor ● Learn about job requirements for target job (skills, certifications, education, etc.) ● Develop a professional/InfoSec network (Twitter, LinkedIn, etc.) ● Start a personal blog ● Consider contributing to or starting an open source project ● Attend conferences or watch conference talks on YouTube Find your passion...you’ll always go further if you really love the subject matter. Some really enjoy hunting through pcap, others by getting shells. Figure out what you like and sharpen those skills. 31
  • 32. Build | Protect | Learn Useful Links 32 • Cybrary.it • OWASP • Pentesting Execution Standard (PTES) • SANS ISC • Vulnhub • Pentester Lab • Metasploit Unleashed • IronGeek YouTube channel • SecurityTube • Jason Haddix How to Shot Web Talk • How to be an InfoSec Geek Talk • Pcap Resources: http://www.netresec.com/?page=PcapFiles http://contagiodump.blogspot.com/2013/08/deepend-research-list-of-malware-pcaps.html • Malwr.com • Dump of common InfoSec interview questions (isdpodcast)
  • 33. Build | Protect | Learn Connect with Us www.breakpoint-labs.com info@breakpoint-labs.com @0xcc_labs 33