The Magic of Learning¶
Hey there! Three years back, when we started our journey in Infosec, we didn’t had proper guidance. At that point of time, we decided to share our knowledge gathered during this journey with the community. The blog entries below can be seen as reading material for anyone starting in the InfoSec Community or even a one-stop-reference for a seasoned InfoSec person.
Currently, four series have been published:
- The Essentials
- Infrastructure Pentest
- Capture the flag
- Critical Infrastructure
Want to provide us some feedback? Write it down at Feedback page!
The Essentials Series¶
The Essentials Series covers the essential concepts/ skills for somebody who wants to enter the field of CyberSecurity.
Infrastructure Pentest Series¶
The Infrastructure Pentest Series cover all the phases of Infrastructure Pentest as described by The Penetration Testing Execution Standard.
- Intelligence Gathering : Technical steps to perform during the information gathering phase of an organization and figuring out the attack-surface area.
- Vulnerability Analysis : Exploring different services running on different ports of a machine by utilizing metasploit-fu, nmap or other tools.
- Exploitation : Enumeration methods that can be used after compromising a domain user credentials and Remote code execution methods after compromising administrative credentials.
- Post Exploitation : Different methods to gather credentials after getting an administrative remote shell. Also, performing post-exploitation to leave high-impact to C-Level executives is also covered in this section.
- Reporting : Open-source ways to automate report writing after a successfull Pentest.
- Configuration Review : Methods to perform configuration review for the switches, routers, firewall and endpoint devices.
Capture the flag Series¶
The Capture the flag series covers what we have learned by solving Capture the flag (CTF) challenges
- Vulnerable Machines : Knowledge gained by solving/ reading write-ups of vulnerable machines provided by VulnHub, Hack the Box and others.
- Binary Exploitation : Knowledge gained by solving/ reading write-ups of binary exploitation challenges.
- Forensics : Knowledge gained by solving/ reading write-ups of Forensics challenges.
Critical Infrastructure Series¶
- Electrical Grid : Pentesting or Securing a Electrical Grid? Probably, the concepts you need to know before starting!
Contributors, Blog Archive and About Me¶
This is an open source effort by the community for the community. If you have found any error, want to add extra information or contribute in another way. You are a free and encouraged to do so, you can send a pull request on GitHub.
This blog is purely intended for educational purposes. We do not want anyone to use this information (or any information on this blog) to hack into computers where they do not have permission for or do other illegal things. Therefore we don’t want to be held responsible for the acts of other people who took parts of this document and used it for illegal purposes. If you don’t agree, we kindly ask you to leave this website.