Rtfm: Red Team Field Manual

Red Team Field Manual (edit: for offense)

If you’re want to defend against web attacks, the owasp wiki should be good to get you started.

https://www.amazon.com/dp/1494295504/ref=cm_sw_r_cp_awdb_t1_nCmxCb8D3JPH1

https://www.owasp.org

If you have to use Windows, and many of us do, do yourself a favor and learn some PowerShell. "ls" is a supported alias. In fact, a lot of Unix style commands are. It even uses the pipeline "|" only instead of piping text you are passing .Net objects.

> ps notepad | kill

You don't have to parse out the process id. It derives that from the object.

Do yourself a further favor and install Git. Then you can include all the tools under its usr/bin directory in your path and have such tools as grep, du, find, ssh, scp, etc. all complied for Windows.

The look on a Windows sysadmin's face when you ssh to a remote server from a pwsh command line makes it all worthwhile.

Edit: I mean, I even run vim with a custom vimrc file in a pwsh console on Windows 10 with my keyboard remapped to Dvorack. And GVim is my default tool for .txt files. I get a lot of weird looks from the Windows sysadmins.

Edit #2: If you want some really squirrely but very effective Win cmd style commands, check out the Red Team Field Manual. Some good shit in here for Linux too.

Alright for hacking... It's a LOTTT of stuff you'll need to learn, everything from hacking wifi, hacking websites, cracking passwords. But really all a hacker is, is someone who knows the system so well they can exploit and break it.

What kind of people are hackers/pen-testers?

Unless your job title is literately "red-teamer, or pentester" then "hackers" are usually security researchers, white hats, security analysts, hobbyists, people who tinker around. But really all hackers are, are computer nerds who love this stuff, this is what we live for. So just don't do anything stupid and don't do anything illegal.

Here is some of the big areas you'll need to learn:

Networking / Network security

Linux / Windows (https://linuxjourney.com is amazing) I learned a ton by creating my own custom Debian based Linux Disro.

Forensics

Cryptography / Stenography

Malware / Malware analysis

System hardening / system security

Privacy techniques (Being safe, Tor, Tails, what you share on social media)

Exploiting services, exploiting machines

Wireless attacks (WEP, WPA, WPA2)

Common vulnerabilities, and exploits

How to use google. (Like dorking, Shodan, using online resources)

Maybe some basic python and scripting

Basic security concepts like NIPS, NIDS, SIEMS, mitigation, security policies.

Common ports and services (You can find flashcards on Quizlet)

https://www.cybrary.it/course/intro-to-infosec

https://www.cybrary.it/course/kali-linux-fundamentals

https://www.cybrary.it/course/ethical-hacking

https://www.cybrary.it/course/comptia-aplus

https://www.cybrary.it/course/comptia-902-2018

https://www.cybrary.it/course/comptia-network-plus

https://www.cybrary.it/course/comptia-security-plus

https://www.cybrary.it/course/comptia-cysa-2018

https://www.udemy.com/pentestplus

https://www.udemy.com/ccna-on-demand-video-boot-camp

https://www.youtube.com/watch?v=wBp0Rb-ZJak (The Complete Linux Course: Beginner to Power User)

Also check out

https://www.youtube.com/user/professormesser

https://www.youtube.com/channel/UC0ZTPkdxlAKf-V33tqXwi3Q (Hackersploit)

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w (LiveOverflow)

https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd (Messer, Networking)

https://www.youtube.com/watch?v=vrh0epPAC5w (Animated full Network+ course)

www.reddit.com/r/netsec

www.reddit.com/r/netsecstudents

www.reddit.com/r/comptia

www.reddit.com/r/linux

150 dumped full courses for free

-https://pastebin.com/j0WVfDif

(my favorites)

http://www.mediafire.com/download/2kczrn29gt6fdp3/Introduction+to+Firewalls.rar

http://www.mediafire.com/download/mnulcdbw817f9q0/Metasploit+Basics.rar

http://www.mediafire.com/download/lhajdkufn9oi5ta/Cisco+CCNA+Security%3B+Firewalls+and+VPNs.rar

http://www.mediafire.com/download/yraijpmuzoa1zpn/Cisco+CCNA+Security%3B+Introduction+to+Network+Security.rar

Practice the skills you learn with CTF'S (Capture the flag)

https://www.hackthebox.eu

https://www.hackthissite.org

http://overthewire.org

https://picoctf.com

https://www.vulnhub.com

http://www.dvwa.co.uk

https://pwnable.tw

Start researching and studying for certifications, COMPTIA, CISCO, REDHAT

https://certification.comptia.org/certifications/security

https://certification.comptia.org/certifications/cybersecurity-analyst

https://certification.comptia.org/certifications/pentest

https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-routing-switching.html

The intro/easy certs are

Comptia A+ (Hardware, basic computers stuff, cables and stuff)

Comptia Network+ (Networking, network topologies, types, subnetting, vlans, dmz's)

Comptia Security+ (Malware types, threads, attacks, policies)

A bit hard and better certs

Cisco CCNA Cyber ops

Comptia CYSA+ (Security analyst stuff, the security+ but much more in depth)

Comptia Pentest+ (Pentesting tools, methodology, steps, ect.)

eLeanSecurity eJPT (junior pentesting cert)

ecouncil CEH (Good for DoD jobs, kinda outdated tho, hacking stuff)

Now it gets pretty advanced

Comptia CASP+ (advanced methods, concepts, techniques regarding security)

OCSP (Oooh the cool kinds have this one, pentesting galore < msut have)

Comptia CISSP (HR and people love this one, high level cert)

GPEN

GIAC

My recommended pathway is Security+ > Cysa+ > Pentest+ > CEH > CASP+ > OCSP > CISSP

Here is Comptia's recommended pathway .PDF

Start to learn a programming language

Python is highly recommended for people who are looking for a first language because:

It’s easy to learn.

It’s great for scripting.

It can be used for just about anything.

https://www.python.org

https://www.youtube.com/watch?v=rfscVS0vtbw (4 hour nice intro to Python course)

Depending how deep you go you might need to learn C and or Assembly, both are commonly used for malware analysis, reverse engineering, binary exploitation, and exploit development. This also will require you to learn things like GCC, GDB, IDA, Hopper, and all the fun stuff. But this can be really really hard to learn, but is incredibly rewarding.

I can always recommend the Red team Field manual.

https://www.amazon.com/dp/1494295504/ref=cm_sw_r_cp_awdb_t1_2cXvCbPQCA1NC

Some nice cheatsheets I have printed out.

https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

https://blogs.sans.org/pen-testing/files/2013/10/NmapCheatSheetv1.0.pdf

https://www.loggly.com/wp-content/uploads/2015/05/Linux-Cheat-Sheet-Sponsored-By-Loggly.pdf

yeah, it's a reference, if anything. not a practical "read" per se, but hey A+ for effort.

i get by using 4-5 commands and neovim, it's plenty for my sysadmin needs.

if you want a short 30page read that has most things, there's the red team field manual! i recommend having a copy

amazon link > Rtfm: Red Team Field Manual: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295...

it's a no frills collection of commands grouped under topic/use case. command description is left to the user to lookup using the manpages.

hmm this content seems pretty dated. If they're looking at internal network enumeration, then it's missing most of the modern tools, if it's looking at external enumeration then it's not great as most of the ports they refer to are unlikely to be exposed externally...

If you want more up to date material in this kind of field, something like the Red Team Field Manual (https://www.amazon.co.uk/Rtfm-Red-Team-Field-Manual/dp/14942...) or "Advanced penetration testing" https://www.amazon.co.uk/gp/product/B06XCKTKK8/ref=oh_aui_d_... could be worth looking at.