A list of resources for anyone interested in becoming a Hacker/Pentester/Security person.
Based on my gist available on github.
I’ve just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)
HypnZA’s commonly shared list (in the correct order):
- https://www.hacksplaining.com
- https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
- Watch Ippsec’s HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos) https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/videos?sort=da&view=0&flow=grid https://www.hackthebox.eu/
From my own list, I reccommend:
- LiveOverflows stuff on YouTube https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
- Azeria Labs - https://azeria-labs.com/
- Hardware Security Resources - Great list of mostly hardware related info http://www.sp3ctr3.me/hardware-security-resources/
Shadowrizla suggested this awesome document filled with tons of resources. https://docs.google.com/spreadsheets/d/12bT8APhWsL-P8mBtWCYu4MLftwG1cPmIL25AEBtXDno/edit?usp=sharing
If you run out of stuff the Awesome Hacking list has tons of Awesome lists you can go look at
https://github.com/Hack-with-Github/Awesome-Hacking
The Pentesting certification to have at the moment is an OSCP
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
You can read a nice writeup on what its like to get by HypnZA
https://www.hypn.za.net/blog/2018/05/27/thoughts-on-offensive-securitys-oscp-certification-in-2018-pre-exam/
https://www.hypn.za.net/blog/2018/06/06/thoughts-on-oscp-certification-and-the-exam/
Conferences:
In South Africa there are currently only two community Security Conferences (That I know about)
http://www.0xcon.co.za/ in JHB
http://www.bsidescapetown.co.za in Cape Town
Local Meetups:
DC2744 (Gardenroute) - http://www.dc2744.org/
DC2711 (Johannesburg) - https://twitter.com/defcon2711
DC2751 (Bloemfontein) - https://twitter.com/dc2751g
0xc0ffee (Cape Town) - https://0xc0ffee-cpt.co.za/
0xc0ffee (Johannesburg) - https://twitter.com/0xc0ffee_jhb
OWASP Cape Town - https://www.meetup.com/OWASP-Cape-Town-Chapter-Meetup/
Additional Resources:
Awesome Firmware Security & Other Helpful Documents - https://github.com/PreOS-Security/awesome-firmware-security