- Room4Security has great recommendations / Room4Security a de bonnes suggestions de lecture
- Chloé Messdaghi hosts a hackers bookclub on Goodreads
- Georgia Weidman: A hands-on Introduction to hacking
- Dennis Yurichev: Reverse Engineering for beginners
- Robert Beggs: Mastering Kali Linux for advanced penetration testing
- Dafydd Stuttard and Marcus Pinto: The Web Application Hackers Handbook: Hacking and exploiting Security Flaws
When i pre-registered for the ICSS 2018 i got access to a website called Certified Secure which is an online training website. In which you can even get some certificates.
With my account, I have temporary access to everything, even premium content.
Panel of the premium content
Here is what a user profile looks like
On the left, you have all the certifications you can get.
The panel in the middle shows what to achieve to get the selected certificate (Here the Essential Security certificate).
This is mostly quizzes, CTF, games.
To know how to answer to the quizzes or get help with games and CTF, you can watch the videos or read the provided content (cheat sheet for instance). You also have a forum in dutch (but you can translate it peacefully with Deepl ) and an irc channel with a an active community that is always willing to help.
Finally, on the right, you have the extra content (not mandatory to get a certificate).
With the arrow on the top right, you can swipe between each certificate’s content.
When you succeed and get a certificate, you can download it as PDF and you’ll have something looking like this:
Certificate for Essential Security
You have a few challenges. But don’t worry if you don’t know anything about how to achieve those they provide videos to help you out.
Some of those challenges are free other are premium.
– This is a platform where you can learn things pretty quickly and get certificates for it.
– If you don’t want to pay you still can have access to many things.
– Fun, entertaining, engaging.
– Great helpful community.
– Even if some content and challenge are only in dutch you can still complete them with a good translator like Deepl
– Some challenges are only in dutch
– The community forum is only in dutch
To conclude, i would recommend it because it his helpful to learn basics. Even if some challenges are only in dutch i managed with Deepl to complete them.
Like i said this training is challenging in a fun way. The challenges are well made and the tutors in the videos are really helpful.
What is Trail of Bits?
Trail of Bits is an independent information security company that aims to build better security for organizations over the world.
You can learn more about them here
When you want to learn more about how to become an ethical hacker and how to get your hands dirty and start to practice it is quite hard to know where to start.
Of course you have plenty of information online but it’s hard to find a way to start from scratch.
The CTF Field Guide will explain everything in a very structured way and you’ll find plenty of resources (books, CTF, wargames, websites, courses,… ).
Also you’ll be able to learn the differences between CTF and Wargames and the basics you should know about those.
Besides, they explain what type of Employers you have in the field and what kind of jobs. This is a good point because I had quite a hard time to find a proper knowledge about this. I was only able to find out more when I talked to professionals and experts in the field.
Furthermore they make a good point in the chapter about certification. I let you find out about it but it made me think and reform my challenge.
When you’ll be done reading the intro you’ll have a great base to continue the practice in a well structured way with few main themes: Vulnerability discovery, Exploit Creation, Forensics, Toolkit Creation and Operational Tradecraft.
To conclude, I would totally recommend this guide if you are the kind of person who like to learn things in a structured manner. Also you’ll find a bunch of great advise.