The Magic of Learning¶
Hey there! Two years back, when we started our journey in Infosec, we didn’t had proper guidance. At that point of time, we decided to share the knowledge learned with the community. These blogs can be the reading materials for anyone starting in the InfoSec Community or even a one-stop-reference material for a seasoned InfoSec person. Currently, there are three series published:
- The Essentials
- Infrastructure Pentest
- Capture the flag
The Essentials Series¶
Series covers the essential concepts/ skills required to be in the field of Cyber-Security.
- Overview of CyberSecurity in an Enterprise : IT Technical challenges and solutions required to protect the organization faced during the transformation from two people staring a new company and scaling it to Micro, Small, Medium-sized, larger.
- Linux Basics : Essential linux commands and concepts required in Infosec field.
Infrastructure Pentest Series¶
Series cover all the phases of Infrastructure Pentest as described in Pentest-Standard.org
- Intelligence Gathering : Technical steps to perform information gathering phase of an organization and figuring out the attack-surface area.
- Vulnerability Analysis : Exploring different services running on different ports of a machine by utilizing metasploit-fu and nmap or other tools.
- Exploitation : Enumeration methods after compromising domain user credentials and Remote code execution methods after compromising administrative credentials.
- Post Exploitation : Different methods to gather credentials after getting a administrative remote shell. Also, performing post-exploitation to leave high-impact to C-Level executives.
- Reporting : Open-source ways to automate report writing after the Pentest.
Capture the flag Series¶
Series covers the learning obtained by solving the Capture the flag ( CTF ) challenges