MITA1 · 2019. 10. 28. · MITA1
Transcript of MITA1 · 2019. 10. 28. · MITA1
Becoming a cybersecurity ethical hackerFrom Zero to Hero
2
Geek
20 year of experience doing hacking
Authored tools / articles / books / etc
Speaker at conferences around the world
Volunteer at OWASP
Still getting the same thrill when compromising a host
CEO at SECFORCE
ME
3
IT Security Consultancy – penetration testing
Highly specialised in offensive security
Teams located in London (UK), Greece and Malta
SECFORCE
Red Team Testing Penetration Testing
Agenda0
5
Offensive security career1
Agenda – from Zero to Hero
234
Technical skills
Mindset
Resources
5 Questions and answers
Offensive Security1
Who would like to be a hacker?
8
9
10
11
Reality is quite different
13Offensive Security Career
We work in a highly professional environmentWe focus on customer satisfactionWe follow due diligenceWe work hard to do a great jobEtc.
14Offensive Security Career
So, what do we do?
16Penetration Testing
17Penetration Testing
My next move…
19
20How to become a hacker - requirements
1 – Technical Skills2 – Mindset
Technical Skills2
22Technical Skills
23Why technical skills are necessary?
You will only be able to attack technology that you understandThe better you can use something, the better you will misuse itThe stronger your technical foundation, the easier it will be to build new knowledge
24Technical pillars
Operating Systems Networking Applications Programming
Windows*nixActive DirectoryOS Security
TCP/IPISO layersNetwork layer attacks
Web/mobile technologiesApplication security
Scripting languages
25Technical security
Infrastructure and application securitySpecific attacks to technologyAttacking techniques (bruteforcing, password cracking, memory manipulation, privilege escalation, etc.)Active Directory trust and policiesVulnerability research (fuzzing, etc.)Exploit writing
Memory layoutMemory corruption bypassetc
Mindset3
27Hacker’s mindset
28Hacker’s mindset
Hacking is about using technology in unintended waysA hacker would not follow normal user rulesNatural ability to misuse software
29Hacker Mindset
30
31
Link all nine dots4 lines or lessWithout lifting the (imaginary) pen or pencilWithout tracing the same line more than once
Think outside the box
32Think outside the box
33Motivation and passion
Sky is the limit – you will never learn it allThe best hackers I know are profoundly passionate about hackingBeing a great hacker requires A LOT of work. Only possible if you truly love itEven though it may be a 9 to 5 job, it is not. It is almost a lifestyle
34Quick learner/researcher
35Quick learner/researcher
Learn how to learnYou will need to solve new puzzles every dayIt is important to identify dead ends and rabbit holesYou may need to become an expert on something overnight
36Determination
37Determination
Talent will only take you so farPersevering on a problem will take you from there onwardsOf the hackers I know, the harder they tried, the luckier they became
38In summary
Technical skillsOSNetworkApplicationCoding
MindsetOut of the box thinkingQuick learnerDetermination
Resources4
40Resources
BooksVideosWebsitesFormal education
41Books
42Books - advanced
43Videos
44Videos
45Videos
46Videos
47Websites
48Websites
49Websites
50Websites
51Websites
52Websites
53Websites
54Formal Education
55Formal Education
56Formal Education
57Formal Education
58
Questions?5