This document discusses the importance of penetration testing education and provides information about cost-effective training options. It introduces the author, Jasmine Jackson, who has several security certifications and works as a penetration tester. Her blog, PassionForPentesting, was created in 2012 to showcase her skills and teach beginners about information security. The document then lists several free or low-cost training resources for penetration testing, including PentesterLab, OverTheWire, HackTheBox, Vulnerable By Design, PicoCTF, and OWASP projects. These resources provide vulnerable machines, wargames, capture the flag challenges, and other hands-on learning opportunities to help people learn penetration testing skills.

1. Importance of Penetration
Testing Education
JASMINE M JACKSON

2. Stats
 Hometown: Berkeley, CA
 Currently reside: Charlotte, NC
 Masters in Computer Science, Graduate Certificate in Information Security and
Privacy from University of North Carolina at Charlotte (UNCC)
 Assistant Organizer of OWASP Charlotte Chapter
 Have security certifications: GSEC, GWAPT, and currently studying for the OSCP
 Currently work as a penetration tester

3. PassionForPentesting
 Created the blog in 2012
 Frustrated of not being in the information security field
 Blog is an online portfolio that displays my skills in web applications security,
forensics, etc., through write-ups.
 Blog is also used to teach the absolute beginner about information security with
cost-effective training options.

4. Cost-Effective Training Courses
 PentesterLab (www.penesterlab.com)
 Have different badges – essential, android, capture the flag, etc. This is $19.99/month
 Also has a bootcamp portion - which is free
 OverTheWire (www.overthewire.org/wargames)
 Have different “wargames” in different topics – Unix (Bandit), Natas (Web-Security) –
this is free
 HackTheBox (www.hackthebox.eu)
 Have different labs that are similar to the OSCP. Need to hack the registration screen to
obtain product key. – this is free

5. Cost-Effective Training Courses cont’d
 Vulnerable By Design (www.vulnhub.com)
 Vulnerable machines with different levels of difficulty (easy, medium, and hard)
 This is free
 PicoCTF (www.picoctf.com)
 Intended for high school students, but all are welcome (I have write-ups on
PassionForPentesting.com)
 Have different categories – forensics, web security, etc.
 This is free
 OWASP (www.owasp.org)
 Have different projects (Juice Shop, Security Shepherd) that are useful for hacking
 This is free

6. QUESTIONS?