Up next in 10
This is probably the longest video I have done so far. We will talk about the Getting Started in Cyber Security Guide that I have published on the website two weeks ago.
I will go through the Guide with you and explain to you how it's intended to be used.
Enjoy the video!
The guide: https://www.ceos3c.com/hacking/getting-started-cyber-security-complete-guide/
⮘-=[Subscribe]=-⮚
↬ https://www.youtube.com/c/ceos3ctutorials?sub_confirmation=1
⮘-=[Support Me]=-⮚
↬ Patreon: https://www.patreon.com/ceos3c
↬ Hacking Apparel: https://www.teespring.com/stores/ceos3c-hacker-store
↬ Paypal: https://www.paypal.me/ceos3c
↬ My Amazon Store: https://www.amazon.com/shop/ceos3ctutorials
↬ pfSense Starter Guide: https://amzn.to/2RbRem2
⮘-=[Social]=-⮚
Show More Show Less View Video Transcript
0:00
What's up guys, welcome back to a new video. Today is going to be a little bit different
0:05
It's not going to be a tutorial video per se, but it's going to be an introduction to the
0:11
Getting Started in Cybersecurity article that I've recently put together on the website
0:16
This article took me more weeks or several weeks to complete. I wanted to create a guide for you
0:22
guys because you always ask me how do I get started in cybersecurity, what do I need to do
0:28
what did you do so i thought i put together a whole article or a you can call it a curriculum
0:34
on getting started in cyber security and i already put it out there a couple of weeks ago and shared
0:42
it on instagram and i got really positive feedback on it and i just wanted to go over the article
0:49
with you together and explain to you what what the contents of the article are and that you can use
0:56
it as a guide and you can come back to it because i will continuously update this article with new
1:01
tutorials that's what i wrote i really highly recommend you read it just go to seosec.com
1:07
and go to the it's under featured articles getting started in cyber security in 2019
1:13
of course i will put the link in the description as well so you can directly access that but let
1:18
us quickly go over the article together so i can explain to you how it's put together and what is
1:24
behind it. All right so first I have a short introduction to why I created this article and
1:32
here is written that I will create tutorial series revolving around this topic and link them in this
1:39
article and that's what I will do. As we speak I'm working on the nmap tutorial series which will all
1:45
be linked in this article. So what you should do is you should open this article and just add it to
1:50
your favorites right there and then go back to it regularly and see if content was added but even
1:57
with the article as it is now you can start learning how to get started or getting started
2:03
in cyber security already because the resources are there i already linked a lot of stuff
2:09
and everything in this article except it's specifically marked as not free is free if i
2:16
add some i think there is no paid stuff in there the only stuff i would add that would be paid
2:22
would be basically like if i find a really good udemy course or a certificate that i find worth
2:27
doing but in general the whole thing is the whole point of it is that you can learn cyber security
2:35
for free on your own terms basically okay so let's go through the article real quick
2:42
important stuff is printed in fed of course make sure to read all this and one of the most important
2:52
things in cyber security is learn how to google or in it really that's basically a no-brainer
2:58
and also if you like this article please do me the big favor and whitelist me on your ad blocker
3:07
because that's my only stream of revenue that I have. And I don't want to bombard you with intrusive ads
3:13
So please consider whitelisting me on your ad blog. It would really, really help me out
3:19
And of course, visit my donations page if this actually helps you getting started in cybersecurity
3:24
It will be great. I would highly appreciate it. Okay, let's go. More down
3:29
Why getting started in cybersecurity? Here I put together what is the reason
3:33
of why would you actually start or want to start? a career in cybersecurity and a few key points are the high demand for security professionals
3:42
everywhere that is at the moment very present and a very hot topic then of course it's fun
3:48
it's a fun field to work in and you can hack things without getting in jail basically if you
3:55
work in the right sector which is penetration testing would be one example or white hat hacking
4:00
ethical hacking whatever you want to call it and you can feed your technology technological
4:06
curiosity with bleeding edge technology that's obviously two that's a given two then you can
4:14
solve problems if you like solving problems if you like puzzles working in cyber security that's
4:18
pretty much what you do the whole day you're solving problems solving puzzles basically you
4:23
try to break into systems you try to crack passwords you try to crack passphrases whatever
4:29
stuff like this then the satisfaction you get by breaking into a system successfully
4:36
that's a big one for me personally i really enjoy if i manage to outsmart somebody and
4:42
basically get access to a system somebody thought he would have secured properly but obviously he
4:48
did not that's really nice and of course the competitive salary now let me only go over the
4:54
bullet points here i highly recommend as i said read the article yourself i will not read you all
4:58
of this stuff here um let's continue on and when you should not get started in cyber security is
5:05
the next point and this should be taken into consideration for each and every one of you
5:09
really think of this if you don't like failing if you can't deal with stress you don't like
5:14
learning new stuff or you are scared of breaking things cyber security or working in cyber security
5:20
or offensive security is not for you because you will fail all the time you need to learn
5:25
every single day. You will be confronted with new technologies that you will need to try to understand
5:32
so you can break it. And to actually break things, obviously you really need to understand them
5:38
on a high level. So you really need to do learning all the time
5:43
So if those things are, if this is you, don't even consider getting started
5:49
because you will not get very far. How did I get started in cybersecurity
5:53
This is another very popular question that people ask me all the time and now let me put one thing straight I'm by no stretch of the
6:01
word an expert in the field there are much more experienced people out there than me but I can
6:06
tell you I everything I know came for me through self-learning and just grinding grinding grinding
6:13
grinding I have a hard time learning stuff and concentrating myself so all I learned so far
6:19
came with a lot of effort and it is a lot of effort and here i just put together a few things
6:26
it's basically my uh you can my curriculum vitae or whatever you want to call it basically my work
6:33
history how i started at a young age with fiddling with computers gaming stuff like this
6:38
and working in first level support i had a long break in there i self-study certificates i did
6:46
self-study for certificates to get my game up to speed later on then i started ceo seccom and i
6:53
started working as a system administrator then i started to work as a cto and stuff like this
6:58
i got pfc certified just read through it if you're interested in that and there is more on how i get
7:04
how i got started and how i got more interested just read it if you want to then comes the
7:10
curriculum or what I recommend to learn and this is a tough one because it's a
7:16
little bit different for every one of you every one of you has basically
7:21
different background you have different knowledge that you already have some people already know Linux some don some know Windows server some don You get the idea It depends on where you come from and how deep you need to go
7:35
But obviously the first thing you need to learn are basic computer skills
7:41
What I mean with basic computer skills is simply learn what parts a computer consists of, how they work together
7:49
Learn what is BIOS. Learn what UEFI is. Learn how to create a bootable USB drive
7:55
And here you can already see all those links usually lead to tutorials that either I or somebody else has created already for you to directly dive in and start learning how to do things
8:08
So learn how to create a bootable USB drive essential for stuff like installing operating systems or even booting live Linux distributions like Kali Portable or something like this
8:20
learn how to boot from a usb drive that's also what is the next part of this basically learn how
8:27
to install windows 10 you should be very very comfortable with formatting your computer with
8:33
installing different os's on it it's not that important anymore now where we have virtualization
8:39
which is the next point we will talk of but you should know you should not be scared of breaking
8:44
things and oh my god my windows is my windows is broken and i cannot get it to boot anymore
8:50
if you have struggled with this learn it you will break things you will need to reinstall you will
8:57
need to reinstall reinstall you should get to a point where you are not scared of reinstalling
9:02
windows anymore for me i don't care if my windows dies i have everything backed up i will just swipe
9:07
it clean and install it from the beginning again so i have a fast and performant computer again
9:13
so make sure you learn this stuff next virtualization and this is a very big one because
9:19
this is what you will be working with all the time you need to learn about virtual box you need
9:24
to learn how to install linux on virtual box and you need to learn what snapshots snapshots are and
9:31
how to use them so in all of my tutorials i use virtual box so get familiar with it
9:40
read through all of this and make sure you understand what virtualization is read this
9:46
article get a basic concept of it virtual box is really easy to use don't be scared of it i have
9:53
tutorials up there to install any pen testing distribution on virtual box step by step beginner
9:59
friendly just look up my youtube channel look up the website there are articles just search for
10:04
install kali on virtual box install parrot sack on virtual box stuff like this i have it all there
10:10
next is linux every single cyber security or hacking distribution is based on linux
10:16
that's simply how it is you won't be doing any penetration testing using windows
10:20
you won't work in cyber security at least not seriously using windows you need to get
10:26
very comfortable with linux start with running linux on virtual box that's the obvious thing
10:35
start to outsource tasks that you do in windows like managing documents or whatever start to do
10:42
them on linux start to do everything what you can on linux understand how the file system works
10:48
follow my instagram account uh i'll just open that up real quick and show you what that is
10:54
that's daily.linux.tips it's a very uh i have 200 posts already and all it is is either hacking tips
11:04
in small portions let me get down to linux you see there is a lot and i'll continually update that
11:11
for example this just scroll all the way down to the bottom where it starts with come on let's
11:19
let's quickly let's quickly do it you can see i have a lot of posts there this is a fun side project of mine but look at this how to list folders in linux every day you
11:29
will get a tip like this later on it will be more advanced stuff like hacking tips but you get
11:36
every day a little a little primer on linux commands and i recommend you trying them out
11:42
yourself okay enough self-promotion on that part uh let's go back up where do we are where we are
11:48
and you can see it's instagram.com forward slash daily.linux.tips subscribe or just simply
11:57
follow me here and you will get the new posts every every other day i don't post daily anymore
12:04
but every other day so back to linux um learn what linux is learn how to install linux on virtual
12:11
box like i mentioned previously learn basic linux syntax go to this instagram account it's linked
12:16
here in the article as you can see as well uh use either ubuntu or linux mint to start playing with
12:22
linux i really like linux mint because for my in my opinion it's the closest uh operating system to
12:30
windows and i even use it for system administration on a daily basis it's a really nice os and you
12:37
should definitely check that out as a first i prefer it over ubuntu for sure it's also based
12:42
on debian so if you ask there is then the question should i learn debian based systems first or should
12:49
Arch based systems as a beginner don't learn Arch go with Debian based systems which are Linux Mint
12:55
and Ubuntu because I don't want to say the majority of systems are Debian based but a lot of them are
13:02
and all the or the most popular pen testing distributions are also based on Debian so Kali
13:09
is based on Debian and Parrot OS is based on Debian so you need to know Debian learn how to
13:16
find out your IP address obviously, learn about the Linux file system, learn how to create a user
13:21
account, learn about root, learn about sudo, learn about the apt package manager and then I also have
13:27
some book recommendations here which are obviously affiliate links on Amazon. If you want to order
13:34
those books, this book is really good. It's really nice and this one is also nice but it's a behemoth
13:39
of a book. It's really big. If you want to order those books, please use my affiliate links. I
13:45
would appreciate it i get a small commission on it and let's continue networking point four so
13:51
knowing how networks work is an essential skill in cyber security i should print that big because
13:57
that's very important uh obviously networking you need to know how to navigate around networks what
14:03
switches are what routers are what hubs are what components are usually on the network how they
14:09
communicate with each other the tcp ip model the oc model whatever as i say here learn about the
14:15
most used network protocols that's a big one because you will scan for those protocols when
14:21
you do offensive security learn about the oc model just learn basically what the oc model is
14:27
and what the different layers are what they do and what protocols are used on them
14:32
learn what a switch is learn what a router is learn what a firewall is important that's the
14:38
Next point also here, learn about TCP and UDP, learn about VLANs, learn about IP addresses
14:44
and finally, but very importantly, learn subnetting. Subnetting is a big one
14:50
You need to know. You should know what subnetting is first of all how subnetting works Next is firewalls Knowing how a firewall works is extremely important and beneficial if you are serious about getting started in cyber security period It important
15:08
You need to know what a firewall is, how it works. What is the easiest way on learning how a firewall
15:13
works is, simply put, run a firewall in your own network. What is the best firewall to run in your
15:21
own network you know that probably if you follow me for a while pf sense is in my opinion the best
15:26
and easiest okay let's put the best aside i don't want to start a war it's the in my opinion it's
15:32
the easiest um the easiest firewall to get started with i started with it a couple of years ago where
15:38
i had no clue how a firewall works and now i'm pf sense certified i wrote the book on pf sense
15:44
because i love it it's a great firewall and i have a lot of tutorials on my pf sense playlist on
15:50
youtube if you don't know how to get started with pf sense i have like idiot proof beginner
15:56
tutorials on how to install pf sense on virtual box how to install pf sense on a physical device
16:01
with video with step by step everything just check it out you eventually get the hang of it
16:06
in the beginning it's a little bit tough to wrap your head around all the concepts of ports net
16:11
port forwarding whatever but if you work with it on a daily basis and you figure stuff out and
16:17
and you play with it basically you get the hang of it eventually
16:22
don't be scared by it don't be intimidated by it as I said
16:26
literally this book which is also here in the sidebar is a starter guide on pfcent
16:33
you can just click on that it leads to Amazon it takes you step by step
16:37
through each and every step if you really cannot afford the book write me an email on info at seos.com
16:43
and I will send it to you eventually if I read the email I get so many emails
16:47
I do what I can, but if you really cannot afford the $7 and it's even in Kindle Unlimited
16:54
I think it's for free on Kindle Unlimited. But of course I would appreciate if you buy it and support me
17:02
Okay, so PFSense. Learn about firewall rules. Learn about routing. Learn about blocking and allowing traffic
17:09
Learn about VLANs. Learn how to control data or data in your own network
17:14
learn how to block certain devices from going out to the internet that's a good exercise especially
17:21
if you use iot devices you should definitely block those things from going out to the internet learn
17:28
how to do that learn about a little bit intrusion detection that's a little bit more advanced topic
17:33
there proxy servers the same learn about network interfaces and of course the book recommendation
17:39
my own book i didn't read any other book in on pf sense so i cannot really uh recommend your
17:46
stuff there i can recommend you of course after my own youtube channel mark fourneyox or something's
17:52
youtube channel he has a really good uh series on pf sense also explaining in detail those things
18:00
like DNS and how PFSense works. Okay, next thing, Windows Server and Domain
18:08
Now, this is a tough one because, yeah, Windows Servers, you need to know what a Windows Server is, what a Windows Domain is
18:17
Let's look at the bullet points, where is the most important stuff. Learn what a domain is, learn how domain authentication works
18:23
what a domain controller is, what LDAP is, what the linux equivalent to a microsoft windows domain is different windows account rules like
18:33
administrator domain administrator forest administrator whatever that being said learn what a forest is learn how windows domains are structured and learn about windows server best
18:44
practices which are always neglected by lazy sys admins and are a good spot for you to put your
18:51
exploits or put your scans to the book recommendations the book i recommend here is
18:56
the practice of system and network administration by thomas a limoncelli and a couple of other people
19:01
really good really really really detailed book it always gets recommended by reddit
19:06
please do order it over my website too it's an amazon affiliate link would highly appreciate it
19:11
and um yeah let's continue next installing your first linux or security linux distribution
19:20
you have a couple of choices there the obvious choice what probably all of you know and love
19:25
is Kali Linux the second choice is Parrot Sec OS both of them are based on Debian and the third
19:32
one is Blackarch at least what I know of there are probably hundreds of more but those are the most
19:37
the most popular ones Blackarch is based as it says in the word on Arch Linux so I don't recommend
19:45
it for beginners i do recommend for beginners the parrot security os because it is the i would say
19:54
out of the box the most secure pen testing os it comes with a low privileged user kali comes with
20:00
a root user if you don't know what that means even and you just you just want to install some
20:04
penetration testing os but you have no idea what it actually is use parrot it's more secure for you
20:10
If you really want to use Kali Linux, make sure to check out my article
20:17
There's also a YouTube video. I will link everything in the description below for you guys
20:22
Top things to do after installing Kali Linux and Parade Security OS
20:27
These steps are basically the same for both OSs. If you install Kali, make sure you do the top things to do after installing Kali Linux
20:34
because one of the things we do there is creating a low privileged user account to make your system
20:40
more secure. As you can see I have tutorials linked here how to install Kylinux on VirtualBox
20:46
how to install ParateSec OS on VirtualBox and yeah okay that's that. So obviously make a good choice
20:56
and choose either one of those two systems, whatever your preference is
21:02
Next step, over the wire. So over the wire is a place where you can practice
21:07
your Linux skills, your basic Linux skills up to advanced Linux skills
21:12
I think even hacking skills. Let's put it up right there. And that's over the wire
21:19
You basically start at level zero or no, no, no. You start at the introduction
21:24
you will read all of that you start then at level 0
21:28
and the goal of this level is for you to log in to the game
21:32
using SSH and believe it or not but I get or I got countless emails
21:39
on people who don't even know how to use SSH and they cannot even establish
21:44
a connection to over the wire but that's a whole different topic
21:50
that's easy to figure out you can establish a connection with those instructions
21:57
you should and then you go through all of the levels and there is always commands
22:02
you may need to solve the level that are basically hints and if you are really stuck
22:07
I have let's go back here to the article I covered level 0-15
22:16
but you find all the levels out there you find all the solutions
22:21
to all the levels out there But if you do this use your Google skills Try to find the solution yourself Don look up the solution immediately because if you do that you will not learn You think you learned you think you have an aha moment
22:36
but that's actually not how it works. You didn't learn anything on it
22:41
Try as hard as you can yourself and if you're really, really, really stuck
22:45
your brain is smoking, then look up the solution. Not before because there's no point in doing it
22:51
You don't learn. There's a good book on that. i forget the name something with some learning science book where this is
22:58
specifically there is a whole chapter on it so okay next thing this is really good to practice so
23:06
definitely make sure to do the over the wire your own laboratory yeah so there are sites like
23:15
hack the box and stuff like this but i don't recommend And Hack the Box for beginners
23:21
Because there are some quirks to it. I just. I think. Let me pull that up real quick
23:31
I just check if it's already released. Where are we? Oh it's a video on YouTube actually
23:39
I put a video there. Go to my YouTube channel. It's not linked in here yet
23:43
How to create your own free home lab. Where I talk about
23:47
take off those headphones where I talk about VirtualBox and how to
23:54
how to use VirtualBox to create a free home lab with your own hardware
24:00
that you already own on the other hand of course you can buy switches
24:08
and stuff but nowadays I think you are fine with VirtualBox and doing
24:13
CTFs and stuff like this on VirtualBox and later on when you're a little bit more experienced on HackTheBox or some other
24:22
HackMe sites. Good VMs to start with is Metasploitable2 and damn vulnerable web applications
24:29
That's a good point to start. And yeah, that's the laboratory part. Let's go on to capture the
24:36
flags or short CTFs. So a capture the flag is an essential part of learning cyber security. At
24:43
least it is for me there is no better way to practice your skills than with a ctf or a
24:49
vulnerable machine and this is true ctfs are basically a game there is a vulnerable machine
24:55
that was created by somebody usually it's linux sometimes it's windows and there are either
25:00
outdated software versions on it outdated tool versions that are exploitable you most of the
25:07
you need to find an exploit for this machine and find a flag. Those flags are mostly hidden
25:15
and sometimes they are directly in the root folder so soon as you get access to the root account
25:23
There's also boot to roots which only goal is to get root access to the machine and then you are
25:28
done. But on some machines there are multiple flags hidden around the system. The more you find
25:33
the higher your points are and uh there are categories such as easy intermediate hard or
25:39
even exotic which are which is very hard stuff definitely start with easy there and
25:45
the website where to download those vms is listed here vuln hub is one hack the box and plenty of
25:54
more there is a whole list of hacking challenges that are listed here just make sure you read
25:59
through all of this and a good point to start is as i said it's linked here above damn it where is it
26:06
uh just the meta exploitable two then vulnerable web applications and basic pentesting one and two
26:14
those are great beginner cts with really easy to exploit uh vulnerabilities there okay
26:21
good we covered this next part essential tool so you will learn a ton of skills just doing
26:29
ctf just try to always continuously work on a ctf all the time just always have something you work on
26:36
ideally on a daily basis i think cyber security is much like guitar playing if you don't do it
26:43
or practice it regularly you will progress either very slow or you will just stagnate at some point
26:52
and so always work on a vulnerable machine or a ctf always have a project where you
26:59
train your skills, sharpen the blade, whatever you want to call it. Essential tools then is
27:05
all tools that I personally use and that I found helpful and that are somewhat beginner friendly
27:14
Let's just quickly go through it and let's see what is there. So frameworks, very popular
27:20
Metasploit, a huge penetration testing framework, essential for pen testing, especially if you start
27:25
out there are multiple books there and I have our own tutorial series created around a mini series
27:31
yet I'm still working on that's revolving around Metasploit which is always linked here so I always
27:37
linked the tools there and if I have a tutorial on it or a link to a tutorial on it it's linked
27:43
right below that so make sure to check out those tutorials next is Autosploit I didn't I used it
27:49
wants but it's a beginner friendly script script kitty tool it's a mass exploiter as it as you see
27:55
it's automated check that out if you want to i think it's very popular it got a lot of traction
28:00
in the past few months but as i said i didn't use that specifically i just thought it's good
28:06
to list it here for beginners network vulnerability scanner open vas is great it's a great open source
28:14
vulnerability scanner i use it personally very often and i also have a tutorial on that next is
28:23
web vulnerability scanner but before we get to the next point i have to do my youtube pitch guys if
28:29
you like this video if you like this content that i produce for free here make sure to subscribe to
28:35
my channel i just found out today 95 of the viewers that actually uh watch videos on my channel are not
28:41
subscribed that's only five percent subscribers uh that are subscribed obviously but please do
28:49
subscribe this is as i said this and youtube is my only stream of income so please do subscribe
28:56
to the channel hit the notification bell so you will get notified about new videos and i would
29:01
highly highly appreciate it because creating this content takes a lot of time you cannot imagine how
29:06
long this takes to put together how it the effect is on your head while you're still working a
29:13
full-time job next to this providing this free information so please do that thanks guys and
29:19
continue web vulnerability scanner nikto is a very noisy web application vulnerability scanner i use
29:25
it yeah regularly i use it sometimes depending on the scenario check it out for sure uh wp scan is
29:34
is a WordPress vulnerability scanner. I use it very often because a lot of websites run WordPress
29:42
I have tutorial on that. I think multiple maybe. Next is network tools
29:47
Sparda is a network infrastructure scanning and enumeration tool with a graphical GUI
29:52
Very nice for beginners too. Then we have the print exploit toolkit
29:59
Yeah, it's a good tool for checking printer security. Routersploit is very nice
30:06
It's similar to Metasploit and it can test routers and embedded devices for vulnerabilities
30:12
THC Hydra, of course, is a very popular online password cracking tool
30:16
and supports a lot of different protocols like HTTP, SMB, FTP and many more
30:22
Then we have network reconnaissance tools. Nmap. I'm just on creating a nice tutorial series on Nmap
30:30
Make sure to check that out. It's on the website and on YouTube
30:35
There will be a couple of tutorials around that. Then we have Zenmap, which is basically Nmap with a GUI
30:42
But most of the time, honestly, you will use the... Probably you will use the command line Nmap tool for the sake of speed
30:53
DNS Map is a passive DNS network mapper. Then we have Linux tools
30:57
This I use very often. Unix Priv Escalation Checker that checks for privilege escalation possibilities
31:05
Hard word on Unix. And next we have Ozent tools. Multigo is an open source intelligence and forensics tool
31:13
I use it rarely, though because my scenarios mostly don't need something like this
31:19
It's a very nice tool, though. Very useful. then we have showdown which is a search engine for iot devices you can use showdown within
31:28
metasploit there's a module for that that you can connect it with the api very nice small tutorial
31:35
on there very useful if you are doing osin for companies that you just got a contract to and you
31:43
want to find out as much as possible about the company then recon ng is a web reconnaissance
31:48
framework which is awesome it's i love reckon ng it's a very good tool it's also a whole framework
31:55
and very relatively easy to use if you read a tutorial or two on that i also will create a
32:01
tutorial on reckon ng tools to stay anonymous online tor obviously you should know that check
32:08
this out definitely worthy checking out and on the parrot os is automatically there is a tor
32:16
option so you can surf anonymously by the click of a button all your traffic will get routed through
32:21
a tunnel and tour. A VPN, always use a VPN of course. I have a comparison here and I personally
32:29
use NordVPN. I like it. There is an affiliate link I think in this tutorial to NordVPN. If you
32:37
consider buying NordVPN over my website you get a huge discount on the three-year deal I believe
32:42
uh click on it check it out if you like it buy it it's a good company they don't they don't have
32:48
locks they don't have server locks they have kill switch and uh it's it's a good performance
32:54
okay next protocol yzer and sniffer and i hope guys i don talk too fast but i want to keep this video as short as possible while still covering all the information that is there
33:06
Protocol yzer and Sniffer. We have Wireshark, the most popular network protocol yzer out there
33:11
I have a small tutorial on that, but we'll create maybe more if I can get to it
33:16
Wireless network tools, probably very interesting for most of you guys. AircrackNG, the most popular wireless auditing tool
33:24
reva brute forcing tool wi-fi it an automated wireless attack fluxion automated wireless
33:31
auditing tool i really like fluxion and air get on those are both automated wireless auditing tools
33:36
which are very easy to use so if you're a beginner check those two out and finally bully a wps brute
33:44
attacker next thing basically wireless network testing is a whole another topic on itself very
33:55
much very many people are interested in that so i will create a few tutorial series around this as
34:01
well then we have web exploitation the ovasp zap proxy is a very useful http interception proxy and
34:09
fuzzer for web application testing so if you do web application security you will not get around
34:14
and OWASP. And the same goes for Burpsuit, a web application security testing platform
34:21
Very, very nice tool. I really like it. Tutorial on that is here
34:26
And there is also BEEF, which is a web browser exploitation framework
34:30
where you can hook a browser and do cross-site scripting attacks. I didn't talk so much in a row very long
34:40
Yeah, check this out too, if you do web application testing. Hash cracking. John the Ripper, a fast password cracker. I really like John the Ripper. I think I have a tutorial there. I need to link it. Hashcat, fast hash cracking tool. That's all it says. Basically, you use it depending on what you work for. But for password cracking, Hashcat is very, very often used
35:05
cool is a word list generator word list is also a whole topic by itself which i will eventually
35:11
cover if i get around to it again doing all this tutorials myself takes a lot of time
35:16
and as it says here this should keep you busy for a good while which is the truth
35:23
because until you checked out all of these tools there are years passing probably but you have at
35:30
least a good list and as i said before guys this uh this this list here basically basically a whole
35:36
article make sure to really bookmark it because those tutorials they will pop up more and more
35:42
and more same like this i already created the second part of the nmap tutorial series which
35:46
will be linked right below right after this video i will link it there a very good way to stay up to
35:54
date with my content is going to reddit forward slash r forward slash seosec where i always put new articles as they are released and also videos you can see there are all the links to the articles and to the videos
36:12
and if you subscribed here then you can hit the subscribe button you need an account obviously
36:18
and then you will directly see when there is a new article just by going to reddit or of course
36:23
just check out the website there in the blog roll there as well uh the last thing we want to talk
36:30
about of course our book recommendations again the hacker's playbook if you like books so the
36:36
hacker's playbook is an awesome book i personally read the second edition um i started the third one
36:44
but i didn't finish it yet but it's equally good like the second edition it's a great book you just
36:49
should work through this whole book. It's an awesome source of information
36:55
when you get started with cybersecurity. Then RTFM is the, it's not the read team field manual
37:02
I need to change it right now. It's the read team field manual, which is a compendium of
37:09
I have it somewhere maybe. It's probably somewhere else. I usually have it next to me
37:17
when I'm on assignment because it's a collection of hacking tools and commands that you regularly use for scanning
37:25
for exploiting, Wi-Fi testing and stuff like this. Really nice book. The BTFM is the Blue Team Field Manual
37:32
which is a book basically the same like the RTFM, but more on the defensive side of things
37:38
So if you are a system administrator and you need to defend against a hacking attack
37:43
there are the most useful techniques in there. And it's also a good book
37:48
Then Metasploit, the penetration tester's guide, highly recommended by many people. And Ghost in the Wire, some..
37:55
We want to call it a biography, I don't know. But it's from Kevin Midnick, arguably one of the most famous hackers of all time
38:04
It's not a hacking book per se as I write it here. But it's an interesting insight of how hackers think and how they get drilled by breaking into systems
38:13
all of the story takes place far back in the time when telephone freaking still was a thing and stuff
38:19
like this so it's really fun to read it's that's more for your entertainment and keep you motivated
38:25
to hack because you learn why people get such a kick out of hacking systems and how hackers
38:30
actually think it's a really good book i really enjoyed reading this actually i want to read it
38:35
again i think uh conclusion yeah there is not much to say i said a lot already um
38:43
what can we do check back to the article check back to my youtube make sure you subscribe to
38:50
my youtube channel whitelist me on your ad blocker blah blah blah again and i also uh want to say a little disclaimer that uh not that this just because i read disclaimer disclaimer here that there are affiliate links in this article obviously but disclaimer
39:08
a hacking disclaimer. If you practice those skills and all of the stuff I do
39:13
is just for educational purposes only and I have that written everywhere
39:17
I have it on the disclaimer on my website and on the disclaimer on YouTube
39:22
I only produce content for educational purposes that you can learn how to defend your system better i am not a blackhead hacker so i'm not
39:33
doing illegal stuff i just want make people aware of how they can protect their own network and
39:40
defend it against hacking attacks and of course for offensive security professionals who are
39:44
whitehead hackers ethical hackers who break into systems on a paid contract to show companies what
39:52
their security flaws are so take that into consideration don't do stupid shit with this
39:57
information that you find in this guide because you eventually will either end up with a very very
40:02
high financial bill from a lawyer from a company or you will might end up in jail so take this to
40:10
heart practice only in your own laboratory environment and make sure to stay safe and
40:16
don't do shit without thinking of it thoroughly before because cyber crime is a big thing nowadays
40:24
and there are a lot of institutions that will protect companies and and even websites hosters
40:30
they have intrusion detection systems in there that will eventually trace back your ip to your
40:35
home and somebody from the police will show up on the front of your door if you do something
40:40
illegal so make sure to use your brain okay guys this is a lot of content that might be the longest
40:46
video i ever produced but i thought the need i thought there is a need to explain what this
40:53
article actually is or this guide it's not an article it's it's a guide and uh as i said i
41:00
would highly appreciate guys if you just subscribe to my youtube channel if you love this video
41:04
and I continuously produce content for you and I hope to see you back in the next video
41:11
and I really hope you can make your career change happen. It's possible, guys
41:16
If you work in a service desk or whatever, you don't have to be stuck there
41:22
Just don't be lazy. Learn things. Use every single minute of free time you have to learn
41:27
Cyber security, learn Linux, learn advanced, system administration techniques, stuff like this
41:32
You will get out of there. I believe in you and you can do it
41:37
See you back in the next video and thanks a lot for your patience. Thanks a lot for watching
41:42
See you guys
#Hacking & Cracking
#Security Products & Services
#Network Security
#Computer Education