The post Basic PenTesting 1 Walkthrough first appeared on Alpha Cyber Security.

Over the course of the last couple years, we have heard about attacks on T-Mobile (a few times), Instagram, random celebrities, and people losing thousands of dollars’ worth of cryptocurrency. When you hear about it on the news, they usually describe it as a “sophisticated attack”. Which usually means they really aren’t sure what happened. But they aren’t completely wrong.

Although the attack is somewhat sophisticated, it is also somewhat simple at the same time. The craziest part of all, is that it involves a malicious attacker stealing your phone without stealing the physical phone!

It’s a popular attack known as SIM swapping. The attack consists of attackers using information they gathered on their victims to fool cellular phone providers and gain unauthorized access to their mobile accounts. Next, the attacker gains access to the victim’s “phone” and steals their information.

Confused on how this is possible? Don’t worry, we are going to break it all down in detail shortly. But first, let’s explain two of the key elements of the attack.

SIM Card

The subscriber identity module, or SIM is a small, removable card with a unique chip used in mobile phones. The SIM card holds important information like your mobile number and account information and links that information to your mobile device. Since the SIM card is removable, you can remove it from your phone and insert it in another one. As a result, your phone number and account information will link to the new device once connected.

“If the SIM card is in my phone and the card is unique, how do attackers steal it?” The short answer, YOU!

The Victim

The second part of the attack involves the victim’s information. This can be information shared on the internet, social media sites, or provided by the victim themselves! Attackers utilize different techniques and resources to gather the information needed to perform the attack.

How SIM Swapping Attacks Work

1. Social Engineering

First, typical SIM swapping attacks start with an attacker gathering information of target via internet and social media searches, and targeted social engineering engagements. These attacks likely include phishing attacks, where attackers send fake email or SMS messages designed to trick victims into sharing personal information like passwords, pin numbers, account information and more.

2. Fooling Customer Service

Next, the attacker contacts the victim’s mobile phone provider equipped with the victim’s information. The attacker uses this information to convince the customer service representative they are the victim and requests the old SIM card information be ported over to their “new SIM card”. Once the account information is assigned to the attacker’s SIM card, their device is activated with YOUR account! If you think that is bad, wait until you hear the next part of the attack.

3. Locking You Out

With your mobile number and information active on their device (and with your device disabled), the attacker now sets their focus on all your connected accounts. First, they target your email accounts, changing account passwords and security questions. As a result, the victim is now locked out of their email account and the attacker can send and receive messages uninterrupted.

If your account has security settings like SMS multi-factor authentication enabled. “CONGRATULATIONS! You successfully thwarted the evil-doer’s diabolical plan!!!”…….is what I would say if you had access to your phone. But you don’t have access to your phone, the attacker does. Therefore, when the SMS message is sent for verification, the attacker receives the message and use that information to gain access to your account and take it over. I know this sounds bad, but….

4. Stealing Your Goods / Humiliation

Finally, with your mobile number and email account (or accounts), the attacker essentially has the keys to the castle! Think about all your accounts that are connected to your email accounts, phone number, or both. Banking, social media, file sharing, trading and investment apps, Amazon, and other shopping accounts, etc… Through SIM swapping attacks, attackers have been able to steal or spend hundreds of thousands to millions of dollars on shopping or cryptocurrency almost instantly.

In addition to financial loss, loss of reputation and/or humiliation of victims also happen because of this attack. When attackers gain access, they tend to leak private messages, photos, videos or take over their social media accounts. For example, Twitter founder, Jack Dorsey had racial slurs and other offensive content posted from his Twitter profile when attackers gained access to his mobile account. Or, attackers just delete EVERYTHING like in the case of CNET contributor, Matthew Miller.

What’s worst of all, is that most companies avoid helping customers once they have been attacked. They either avoid taking any responsibility or try to place the blame somewhere else. For example, when an attacker essentially cleaned out Tanja Vidovic’s Coinbase account of nearly $168,000, Coinbase refused to help her. Instead, they blamed a third-party, her cell phone provider. Although the provider is responsible for getting phished, it is my opinion that Coinbase should have done their due diligence when executing the transaction to empty the account. Furthermore, they need to have better customer service to address these issues much faster.

How to Prevent SIM Swapping Attacks

Unfortunately, with the right amount of information and assuming they are convincing enough, an attacker will almost likely port the SIM and gain the initial access by tricking the customer service rep. (Humans are always the weakest link). However, there are some steps you can take to protect yourself.

• Note – Although these may not fully stop attackers from gaining access, these steps may slow them down and buy you some time to regain control of your accounts and device.

• Create a second email account for banking, social media, cryptocurrency, investment, and other accounts. Do not use it for anything else and DO NOT connect it to your mobile account.

• Create a STRONG passcode or complex PIN number. DO NOT USE PERSONAL INFORMATION! Stay away from using things like birthdays or last 4 digits of Social Security Numbers
  • Use a Password Manager to create the passcode

• Contact your mobile provider and request to enable security measures like T-Mobile’s Account Takeover Protection or Verizon’s Port Freezing and Enhanced Authentication
  • If you aren’t sure what security measures your provider has, call them, and ask!

• Use a Multi-Factor Authentication app like Google Authentication or Authy or a physical device like YubiKey
  • Use this MFA account and add MFA to ALL YOUR ACCOUNTS.
  • Have backup codes handy

AVOID OVERSHARING ON THE INTERNET/Protect Your Data

• Avoid posting personal information like address/location, mobile number, birthdays/anniversaries
• Do not have any personal or financial information in your Google Drive, Dropbox, etc…
• Avoid participating in “trends” or “challenges” that ask personal questions like mother’s maiden name
• Set other account information to private
• Avoid responding to emails or SMS messages asking for personal information.
•  If you’re unsure about the validity of the email, contact the sender directly via phone. However, DO NOT call any number in the email. Get the number from Google or their site.
• Periodically check to see if your information was a part of any data breaches

How to Tell if You’ve Been SIM Swapped

• Your phone is randomly deactivated
• You lose access to social media, email and other accounts
• You start receiving strange emails and messages about changes to your accounts

If You Are a Victim of SIM Swapping

• Grab another phone and contact your mobile provider IMMEDIATELY after you realize your phone has no service. Let them know that YOU did not authorize any changes to your account
• Contact the authorities and file a police report. Also, contact the Federal Trade Commission and all three credit bureaus
• Contact your banks and credit cards and put a freeze on them
• Start trying to regain access to your accounts from a computer or another device

Conclusion

In closing, attackers are always looking to find new ways to take advantage of people and steal from them. It is up to US to make it impossible for them to make victims out of us and our loved ones!

Check out my other article to learn other ways attackers gain access and steal data from their victims.

Also, check out these articles to learn how to protect yourself and your data online:

• Using strong passwords
• Anti-virus and VPNs
• Social Media Protection and Browser History
• Multi-Factor Authentication and Online Awareness
• Securing your Wi-Fi
• Backing up your data

Please remember to like, comment, share and follow me:

• Twitch
• YouTube
• Twitter
• Instagram

Also, if you want to hear about the experiences of other Cyber Security professionals, check out my show “InfoSec Unplugged“! Live every Thursdays on YouTube.

Furthermore, If you like my work, you can buy me a coffee and share your thoughts!

I truly appreciate the kind words and support!

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post SIM Swapping Attacks: How It Works & How to Protect Yourself first appeared on Alpha Cyber Security.

It’s that time of the year again!

Years ago, when parents prepared for their children’s upcoming school year, they went to the store and bought supplies like notebooks, pens, pencils, rulers, and calculators. These days, parents are buying most of those things, but they are also buying things like laptops, tablets and USB memory sticks or cloud storage,

The reason for this is because if your children’s schools are like mine, then they recommend your child bring their own technology devices to school so they can use them in class. Although this is convenient, it also comes with risks to the overall security of your child’s device. It should also be noted that you need to make sure your child’s device is secure because the school’s network might not be.

(*Please note that Alpha CyberSecurity LLC is a NordVPN, WebRoot, Amazon and LastPass affiliate. When an item is purchased using one of the links provided, Alpha Cyber Security receives a small commission. However, I personally own every one of the books listed and I will NEVER sell or recommend a product that I have not used personally or have no personal knowledge of. For more information, please see the Terms and Conditions page. )

Why you Should Not Trust the School’s Security

Attackers are targeting school networks more frequently. For an example of this, look no further than Louisiana. Recently, three school districts were hit with ransomware and the governor declared a state of emergency. However, it was not here that I learned the need for cyber security in the education system.

Early in my tech career, I didn’t think schools and students were big targets for cyber security attacks. Then I worked for a school district in Connecticut and realized how wrong I was. It was there where I learned most of what I know in cyber security. My first (and second) experience with ransomware was in a school system. I was introduced to computer forensics after an incident at a school. Finally, I decided I wanted to get into penetration testing after looking into a vulnerability found on a school server. However, I learned of other non-technical factors that prevent updating and securing networks and devices.

Every year, budget constraints, politics and personal grudges prevent the appropriate measures from taking place. We did the best we could with what we had (which wasn’t much). When they wanted to introduce a Bring your Own Device (BYOD) program, it made security even more complicated.

Things like using unencrypted Wi-Fi that transmits your network data in plain-text. Or clicking malicious links and getting infected with malware or ransomware. Malicious attackers gaining unauthorized access to things like files or even cameras and microphones. These are all possible and common attacks people face every day. However, recent reports have shown that attacks like these are some of the biggest threats school systems and our children who go to these schools face.

After my own personal experiences working in a school system, I will be the first one to say that you can not trust that the schools’ networks. Several school district’s networks are not properly equipped to protect your children’s data. I am not bashing the technology teams at these schools. More than likely, it is not their fault. Like I said earlier, there are LOTS of things that can keep them from doing things properly that they have no control over. So, to them I say keep fighting the good fight! But the fact of the matter is that as parents we must protect our children. We protect their physical bodies, we protect their well being and mental state and, in a time where tech is king, we must protect their data and privacy.

With that being said, I have created a small list of things you can do to get your kids’ technology devices ready for the upcoming school year as well as some things you can do throughout the year to keep them as secure as possible.

Keep Your Devices Up to Date

One of the biggest ways malicious attackers gain unauthorized access to a device is out of date software or misconfigurations. Things like ignoring those annoying Windows updates or deciding to wait until later and eventually forgetting to update Adobe Reader or Java or other software installed on your machine. As annoying as those update alerts may be, they need to be addressed as soon as you get them. These updates contain fixes for the operating system or software as well as patches that may address security vulnerabilities that were discovered.

So just download and install the updates and reboot the machine at least 1 – 2 times a week. Or don’t install the updates and make yourself vulnerable to cyber attacks.

Use Anti-Virus and Scan Regularly

Anti-virus is a must have for any computer that has access to the internet. It is equally if not more important to keep your anti-virus updated with the latest virus definitions. Attacks like viruses and ransomware sometimes get sent as file attachments are becoming more popular and more sophisticated. Not having proper and up to date anti-virus to help minimizes the risk to your computer and data is extremely risky and irresponsible.

Malware, adware, spyware, ransomware, trojans that add your PC to a botnet for other attacks like Distributed Denial of Service (DDoS) and more are all examples of what can happen to an infected computer over the internet. Having bad or no anti-virus protection increase the chances of you becoming a victim.

In addition to having anti-virus installed, it is imperative that you use the anti-virus. Update and run scans multiple times a week. Also, if you receive an email with attachments, scan the attached file before opening or running them

So, which anti-virus software should you get? PCMag.com lists the top anti-virus software out along with their pros and cons. One that I strongly recommend is Webroot. I personally use Norton and Webroot, but I prefer Webroot and have installed it on all of my family member’s computers and mobile devices. In addition, Webroot also updates and scans your machine automatically so that is an added convenience that you don’t have to worry about. You can buy Webroot anti-virus online here.

Use and Protect Strong Passwords

Using strong and unique passwords is your first line of defense between your personal information and a malicious attacker looking to steal it. An example of a strong and unique password includes each of the following:

• Long – at least 12-15 characters
• Mixed – Combination of uppercase and lowercase letters as well as numbers and special characters. Also use spaces if possible
• Never Repeated – Never use a password more than once. If one account gets compromised, then every account that uses the same password is at risk
• Memorable to You – Make sure the password is something you can remember. Use something like a passphrase.

Another suggestion is to use Password Managers. These applications generate strong, unguessable passwords for you and stores them in their vault. When you access the site or program with a stored password, the password manager auto-populates the fields for you. However, you must come up with a strong, memorable master password to use the password manager. Do not lose or use a weak master password. You lose the master password, you lose all your passwords. You use a weak password and someone cracks it, they have all your passwords.

Password managers you can use are listed below:

• LastPass
• Dashlane
• Keeper

Your student may get passwords from school that can’t change. Make sure to tell your kids to NEVER share their passwords with anyone.

Cover Webcams

This one is pretty self-explanatory. When malicious attackers gain access to technology devices, they gain control over several components and features on the targeted device. One popular component they access is the built-in webcam. There have been several cases of attackers watching and listening to their victims without the victim even knowing.

A simple answer to this possible attack vector is to get a camera cover or even a piece of tape to cover the camera lens. This way, if someone gains access to your webcam, they won’t be able to see anything.

Use a VPN on Open Wi-Fi Networks

Anytime you connect to the internet wirelessly, especially one you don’t know or one that is “free” or “open”. You should never trust it! This also applies to school networks. Always think of open wireless networks as insecure and unencrypted. In other words, there is a strong possibility that your information is being transmitted in plain-text. As a result of network data being transmitted in plain-text, someone on the same network with a simple application can see what is being passed on the network. This includes usernames and passwords. I repeat, NEVER TRUST THE OPEN WIRELESS INTERNET!

If you are going to use public Wi-Fi, then use a virtual private network or VPN. VPNs will hide your IP address and above all, it secures your internet traffic and data by encrypting it and passing it through a tunnel. Not even your internet service provider will be able to see your network traffic while connected to the tunnel, making it difficult to intercept and read your data.

There are several highly recommended VPN services. Personally, I recommend NordVPN’s service. The subscriptions are affordable and have sales like a 2 year license. Also, the VPN is easy to use and secure. In addition to that, Nord claims to not log any personal identifiable information and have backed up their words with a recent audit.

You can read more about why I recommend using a VPN here.

Be Careful of What You Open and Click Online or from Emails

Attackers make malicious links files, videos or website and send emails or messages via text or social media to unsuspecting user tricking them to click the link or provide their username and password. The user clicks the link and unknowingly gives the attacker access to their device. This is a common attack is known as phishing.

For example, a man from Georgia was sentenced to three years in prison for pretending to be an Apple representative. He tricked several athletes, celebrities and musicians to give up their passwords and answers to their security questions. The man then used that information to access the accounts, lock the victims out and steal their credit card information to purchase several things like airline tickets, rental cars and eating out a restaurants.

Here are a few tips to help you avoid becoming a victim of phishing:

• Open messages from trusted sources only and always be careful of links
• If you do see a link that is questionable, try hovering over the link to see the address. However, in some cases hovering over the link can still trigger the exploit. You can also use a link scanner to test if the link is malicious
• Pay attention to the actual email address or source of the message. It may look like a real and trusted email address. But there might be some subtle differences in the domain name or misspellings and grammatical errors that you may miss at first glance
• Most banks and organizations will not call or send you messages asking for your credentials or to change your password

For more information on phishing and tips on how you can protect yourself, read this article here.

Back Up Your Data Regularly

You’re a victim of a ransomware attack. Will you pay the ransom?
What if you get a virus and you have to reinstall the operating system? Or, your computer crashes and you’re forced to buy a new computer. What happens to all of your files, documents, pictures, music and other data?

If you don’t have your data backed up, you lose it for good. If you haven’t backed up your data recently, then you stand to lose a good portion of your data. Therefore, I recommend you back up your data on a regular basis!

If you’re hit with ransomware or your device crashes, simply remove your computer from the internet, reinstall your operating system or revert your computer to the last image you made. Next, move over your data from your most recent backup.

In addition, I recommend using an external drive to back up your data. This allows you to back up your data to an external source that you can keep in a secure location.

Here are some external hard drives I recommend:

• WD 8TB My Book External Desktop Hard Drive – USB 3.0
• Seagate Portable 2TB External Hard Drive Portable HDD
• WD 2TB Elements Portable External Hard Drive – USB 3.0

Another option is to buy cloud storage space from providers like Dropbox and Microsoft OneDrive. You can then back up your files and assignments to Dropbox or OneDrive and access it from any device anywhere as long as you have an internet connection.

Here is another blog post I wrote on why you should back up your computers on a regular basis!

Check out my four-part ” Keep Yourself Safe Online” series of articles. I explain some of these tips in more detail as well as provide more information on what you can do to protect your devices and data. I listed them below

• Passwords
• Anti-Virus and VPNs
• 2 Factor Authentication and Online Awareness
• Social Media, Browser History and Backups

Please remember to like, comment, share and follow me:

• Twitter
• Instagram
• Facebook
• Pinterest
• Twitch
• Mixer
• YouTube

Also, if you want to hear about the experiences of other Cyber Security professionals, check out my show “InfoSec Unplugged“! Live every Thursdays on my YouTube channel and Twitter.

Furthermore, If you like my work, you can buy me a coffee and share your thoughts!

I truly appreciate the kind words and support!

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post Cyber Security Back to School List first appeared on Alpha Cyber Security.

Everyone knows that in order to succeed at anything, lots of hard work and training is required. However, training can be expensive at times. As a result, people started making their own courses and selling them online at prices way lower than the other training sites. In addition to this, they also have sales on their training courses making the price even lower!

Popular training websites like Udemy are always having sales on several of their courses. Sometimes, prices are as low as $9.99 on courses that are normally $200 and up! These sales are great opportunities to buy several courses and learn and grow.

For example, you can take advantage of great deals and learn Python programming, AWS Cloud and Penetration Testing. Not only will you learn skills to get you started, these courses also prepare you for certification exams like the Pentest+ and AWS CCP! Furthermore, you can also learn the advanced skills to help you gain more certifications or even how to land a job as a Solutions Architect, Penetration Tester or Python programmer. You can buy some Udemy courses and teach yourself a new skill. Or, you can build on a skill you already have and get a raise and/or promotion!

I have listed several courses in this article that I have taken and recommend to anyone looking to learn Python or Penetration Testing or both!

Notice

(*Please note that Alpha CyberSecurity LLC is an Amazon and Udemy affiliate. When an item is purchased using one of the links provided, Alpha Cyber Security receives a small commission. However, I personally own every one of the books listed and I will NEVER sell or recommend a product that I have not used personally or have no personal knowledge of. For more information, please see the Terms and Conditions page. )

AWS Certified Cloud Practitioner – Complete NEW Course 2021 & AWS Certified Solutions Architect Associate – 2021 [SAA-C02] – by Neal Davis

With the cloud becoming more popular, the AWS Certified Solutions Architect certification is quickly becoming a MUST have for technology professionals! These Udemy courses covers what you need to know to prepare for and pass the AWS Certified Cloud Practitioner and AWS Solutions Architect Associate exams! Two great courses for people new to the world of AWS and Cloud Computing.

Ethical Hacking and CompTIA Pentest+ with 2 Practice Tests – by Mike Myers

I like this Udemy training course because it covers the basics and helps prepare you for these two exams that you will need to get into this field professionally. Although it is not too hands-on, Mike Myers goes very in-depth with demos and explaining each tool and method used in Penetration Testing.

In addition, this course also provides several downloadable resources for you to read and study along with the course. I recommend taking this course, as well as getting these books to help you pass the EC-Council Certified Ethical Hacker and CompTIA Pentest+ certification exams:

• CompTIA PenTest+ Certification Bundle (Exam PT0-001) on Amazon
• CEH Certified Ethical Hacker Bundle, Fourth Edition on Amazon

Intro to Bug Bounty Hunting and Web Application Hacking – by Ben Sadeghipour A.K.A. @NahamSec

Ben Sadeghipour is a bug bounty hunter, content creator, and head of Hacker Education at HackerOne. He has identified and exploited hundreds of vulnerabilities across several applications including Google and the Department of Defense. So, when he decided to create a course sharing some of his techniques to get started in bug hunting, it was a no brainer to pick this up!

The course is fast paced with several labs to practice each vulnerability and get hands-on experience. However, it is my opinion that this course is not recommended for beginners.

Practical Ethical Hacking – The Complete Course – by The Cyber Mentor

I have taken several ethical hacking and penetration testing courses on Udemy and other platforms. But is the BEST course I have taken. The Cyber Mentor is someone who I follow on social media and YouTube and always creates great cyber security and penetration testing content. As a result, I was highly anticipating the launch of his course. And it does not disappoint. The course is filled with nearly 25 hours of material covering topics ranging from basic networking and subnetting, to python to career advice and of course, hacking methodologies. The course also has a capstone to help you take what you have learned and apply it against 10 vulnerable machines ranging in difficulty.

In addition to this, The Cyber Mentor also teaches rarely covered real-world topics like exploit development and Active Directory hacking. I strongly recommend this course for anyone interested in penetration testing or who have been in the field for some time. Pick up this Udemy training course as soon as possible! Whether you get the course for the full price or on sale, you will be getting your money’s worth!

Windows Privilege Escalation for Beginners – by The Cyber Mentor

The Cyber Mentor is back with another great course picking up where he left off from his previous course! However, this course is dedicated to tackling Windows Privilege Escalation techniques! This is a MUST have for Penetration Testers looking to upgrade their rooting skills! Especially if you have the OSCP certification in your sights.

Linux Privilege Escalation for Beginners – by The Cyber Mentor

Heath also created a similar course for Linux Privilege Escalation techniques as well! Between these courses from him and Tib3rius’ courses, you should DEFINITELY become stronger at privilege escalation!

Learn Ethical Hacking from Scratch – by Zaid Sabih

This is one of three Udemy training courses I bought from Zaid Sabih. I consider this one to be a beginner’s course to learn some of the basic tools and techniques used in both network and web application penetration testing from a hands-on approach.

Zaid makes the course informative yet easy to follow. As a bonus, he updates the course regularly to increase the replay value if this training.

Windows Privilege Escalation for OSCP & Beyond! – by Tib3rius

Tib3rius followed up his previous Udemy course with a new Privilege Escalation training course for Windows! Tib3rius also provides a full set of slides, and a script to create a vulnerable Windows 10 configuration for students to practice the skills learned in this course!

Linux Privilege Escalation for OSCP & Beyond! – by Tib3rius

I personally LOVE this Udemy course. The reason being is that most training courses I have taken don’t go far enough to explain privilege escalation. And if you are preparing for an exam like the OSCP, privilege escalation is very important. Tib3rius saw the need for this and created a course dedicated to Linux privilege escalation techniques which some people say is harder than Windows privilege escalation. However, I think both of them can be equally frustrating and think that there should be a course on Windows techniques as well.

Also, because this course is strictly focused on privilege escalation, I recommend completing the other Udemy courses first.

P.S. – Check out Tib3rius’ AutoRecon script! It’s a great tool for CtFs and Penetration Testers

Hands-on Penetration Testing Labs 1.0/2.0/3.0/4.0 – by Jesse Kurrus

Okay, now its time to put all your training to use. These are three separate training courses. However, I recommend getting all of them. First, version 1.0 walks you through the techniques on actual vulnerable machines. As you progress, the machines get harder. But Jesse is there to guide you through wherever you may be struggling from enumeration to exploitation.

Then, Version 2.0 follows the same blueprint with even more difficult machines. Finally, you take the knowledge you gained from the previous two training courses and take on the new version 3.0 course This trio of Udemy courses is great for those running through their list of vulnerable machines to prepare for Hack the Box or the OSCP exam.

Jesse recently launched version 4.0 course on Udemy which includes more challenging boxes like Troll 3, Symfonos and Torment! These are more great practice machines to help sharpen your hacking skills!

The RedTeam Blueprint – A Unique Guide To Ethical Hacking – by Brandon Dennis

I bought this course in May and I still haven’t completed it! You definitely get your money’s worth with this one. Brandon Dennis packed this course with over 30 hours of videos and over 100 downloadable resources to help guide you.

But what truly sets this course apart from the other ones on this list is that it covers more than the technical stuff. In addition to the “fun” hacking stuff, this course covers other important topics like the difference between the Red, Blue and Purple teams, how to write detailed reports or to work with clients to identify the scope. In addition to these topics, Brandon even helps you with the tools needed to land a job. From resume writing to the interview process, it is covered here. I highly recommend getting this course. However, I would also recommend taking some of the previous courses first.

Learn Website Hacking / Penetration Testing from Scratch – by Zaid Sabih

This is the second Zaid Sabih led training on this list. However, unlike his previous course, this one is dedicated to learning the basics of web application penetration testing.

Zaid covers some of the most popular (or notorious) vulnerabilities found in web applications today. SQL Injection, Cross Site Scripting, Local and Remote File Inclusion and more are all covered in this Udemy training course.

Hacking REST APIs – A Beginner’s Guide – by CloudSec Training

API testing is becoming more popular. Especially with the rise of bug bounties and bug hunters looking to be the next million-dollar hacker. As a result, CloudSec Training created a beginner’s training course on testing APIs for vulnerabilities like SQL Injection.

For those looking to code their own apps, scripts and exploits or for our aspiring Python programmers, I have listed a couple great courses for you as well.

Hacking and Securing JSON Web Tokens (JWT) – by CloudSec Training

In addition to their API testing course, CloudSec Training also created a beginner’s course on testing and exploiting JSON Web Tokens (JWT) that are used in APIs and mobile applications. This course gives you a basic understanding of JWT concepts and how to use various attacks to exploit weakness in them!

I recommend grabbing BOTH of the CloudSec Training courses to get started with API hacking! After that, I recommend checking out their courses on Android and iOS application hacking!

Automate the Boring Stuff with Python Programming – by Al Sweigart

Automate the Boring Stuff with Python Programming is a Python training course based off the book also written by Sweigart with the same name. This course teaches students how to automate tasks like parsing Excel spreadsheets and sending emails. The great thing is that although it sounds difficult, he breaks it down so it’s easy to follow along! The creator also updated this course recently so the topics are up to date.

Python for Absolute Beginners – by Green Chameleon Learning

I bought this Udemy course three years ago and I still love it. This covers the fundamentals of Python programming and has several video lectures and quizzes to help you retain the topics covered.

This course is great for those who have little to no experience with Python or for those looking to refresh on some topics. Furthermore, Green Chameleon do a great job of keeping the material current. At the time of this writing, the course was updated a few weeks ago.

Complete Python Bootcamp: Go from Zero to Hero in Python 3 – by Jose Portilla

This is another great Python course. This Udemy training course covers everything from your first “hello world” script to creating your own application. Furthermore, this training covers the differences between Python 2 and Python 3, which will be the standard in 2020. However, don’t be surprised if several applications out here still run Python 2. Therefore, it is definitely a good idea to learn and know both versions.

Conclusion

In closing, this is just an example of what you can do to learn skills and better yourself. And it is significantly cheaper than the price of buying a online course or bootcamp elsewhere! Udemy offers several training courses from knitting to marketing.

In addition to the wide selection, Udemy constantly has sales or promotions going. As a result, you have several opportunities to upgrade your life and career for an affordable price! So grab a few courses and increase your value!

Also, take a look at my previous article and learn how you can get these training courses for even cheaper!

For a list of books you can read along with these training courses, check out my article “Books to Start Your Penetration Testing Journey”.

For more books and equipment I recommend, check out the recommendations page

Are you interested in learning more about hacking and penetration testing? Then check out my previous article about the different types of hackers. Next, check out this article on ten common tools you will use in your hacking career.

Also, read my five tips to help you land your first cyber security job.

Also, if you want to hear about the experiences of other Cyber Security professionals, check out my show “InfoSec Unplugged“! Live every Thursdays on my YouTube channel and Twitter.

Furthermore, If you like my work, you can buy me a coffee and share your thoughts!

I truly appreciate the kind words and support!

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

Don’t forget to like, comment, share and follow me:

• Twitter
• Instagram
• Facebook
• Pinterest
• Twitch
• Mixer
• YouTube

The post Grab Great Udemy Courses on Sale! (2021 Edition) first appeared on Alpha Cyber Security.

There are several penetration testing books I could recommend. However, if I were to list all of them, it would be a book in itself. So instead, I have listed several of my favorite books below. Click the titles for the links to the book’s store page.

(*Please note that Alpha CyberSecurity LLC is an Amazon affiliate. When an item is purchased using one of the links provided, Alpha Cyber Security receives a small commission. However, I personally own every one of the books listed and I will NEVER sell or recommend a product that I have not used personally or have no personal knowledge of . For more information, please see the Terms and Conditions page. )

1. “The Pentester Blueprint” by Phillip J. Wylie and Kim Crawley

Like I mentioned in a previous article, “The Pentester Blueprint” is the PERFECT title for this book! Phillip and Kim create a career blueprint to begin your journey into penetration testing and cybersecurity. They do this by covering topics like what penetration testing is, the phases of a penetration test, terms you will encounter in this field and technical topics like building out a testing lab. Also, they cover certifications and training one should obtain to gain the foundational knowledge. In addition, they also reach out to several other professionals to share their knowledge and experience, similar to the “Tribe of Hackers” series of books.

Furthermore, they explain how different skills from other fields and experiences can transfer over to cybersecurity and using those experiences to help you land your first job!

2. “Penetration Testing – A Hands on Introduction to Hacking” by Georgia Weidman

Before you start with the comments and questions, let’s get this out of the way. Yes, I know it’s 2021! Yes, I know the book is somewhat dated! And finally, YES! I STILL think this is one of the top books you must read if you are new to penetration testing! For those who have issue with a book that was written in 2014 being in this list. Not only is the book still relevant to the community, new courses are being created that center around this book. Including a new one taught by Georgia herself! And although Georgia is currently working on a new version, this book is still a must have in any hacker’s collection.

3. “Linux Basics for Hackers” by OccupyTheWeb

This book is a great guide for those who are not familiar with Linux as well as those who are proficient. “Linux Basics for Hackers” explains the details of how to install Kali Linux and what different services are installed and what they are used for. In addition, this book also explains how to navigate and manage a Linux file system and even how to create some automated scripts in BASH and Python to do tasks like a port scan or password cracker.

4. “Penetration Testing For Dummies” by Robert Shimonski

“Penetration Testing For Dummies” is another great book to have starting out! First it provides readers with the basic knowledge of pen testing. However, this book goes further in explaining the whole assessment from pre-engagement to the completion of the test. It also covers topics like threat modeling, best practices for analyzing and testing vulnerabilities, reporting, and more.

5.  “The Hacker PlayBook 2” and “The Hacker PlayBook 3” by Peter Kim

Although these are two separate books, I group them two together.  First, “The Hacker Playbook 2” is more of an updated version of the previous book. Part 2 goes over setting up your attack and victim machines and several scripts and tools used in penetration testing. Then Peter Kim breaks down how to use these tools and methods to exploit your victim machines to gain access.

“The Hacker Playbook 3” in my opinion, is more of a continuation of part 2. Part 3 covers newer, more advanced attack vectors like Active Directory as well as explain how to further exploit a victim to elevate privileges.

Both books are great to have in your collection.

6. “Hands On Hacking” by Matthew Hickey and Jennifer Arcuri

“Hands On Hacking” is considered to be an introductory book for new pentesters. However, I consider this book to be more advanced than some of the other books in this list. With that said, Matthew and Jennifer do a great job of giving the reader the “full picture” of an attack. They explain the phases of penetration testing in this book and mix it with hands on exercises to give the reader the ability to see what is going on as they carry out each of these techniques. Definitely a good book to have in your collection

7. “Gray Hat Hacking 5th Edition”

Similar to “Hands On Hacking“, I would consider this book to be more advanced than any of the other books I have listed for those new to penetration testing. This book goes more in-depth on some exploits and techniques like Buffer Overflow attacks, ransomware and hacking Internet of Things (IoT) networks. In addition “Gray Hat Hacking” touches on other topics like bug bounties, purple teams and even what you need to go into business yourself.

8.  “Black Hat Python” by Justin Seitz

One of the things people in the hacking and penetration testing field want to avoid is being called a “script kiddie”. A script kiddie is an individual who solely rely on using tools and scripts created by others and use them blindly with no true understanding or knowledge of scripting or coding. “Black Hat Python” aims to help with that. This book breaks down how to create powerful tools using Python like network sniffers or keyloggers. This book even goes over how to escalate privileges in Windows. However, although this book says it’s for beginners, I would recommend having a basic understanding of the Python language before starting this book.

9. “The Web Application Hacker’s Handbook” by Dafydd Stuttard and Marcus Pinto

Like many others in the field, I refer to this book as the Web Hacker’s bible. This book is one of the best books out there when it comes to web application hacking and penetration testing. Furthermore, the book was written by the creators of the popular Burp Suite tool that is used by most web app penetration tester and bug hunters. However, like a few books on this list, this book has not been updated in quite some time.

Although this is disappointing, I still highly recommend owning this book. Furthermore, the team at PortSwigger addressed this by creating a free training resource known as the Web Security Academy. Use the book to follow along with the training.

10. “AWS Penetration Testing” by Jonathan Helmus

As we move into the future of technology and cyber security, one thing is abundantly clear. The cloud is THE WAY! However, the cloud provides many challenges to professionals. Mainly, how to secure and test the security of cloud environments. Jon Helmus does a great job of “demystifying the cloud” by breaking down several topics from building your AWS environment and learning how to use tools and techniques to performing an assessment on several AWS resources.

11. “Operator Handbook” by Netmux, “Red Team Field Manual” by Ben Clark and “Hacker Methodology Handbook” by Thomas Bobeck

Although I consider these books reference guides, these three books are a MUST HAVE! First, the RTFM has several commands used in Linux and Windows penetration testing including some advanced tools like Powershell.

Similar to the RTFM, “The Hacker Methodology Handbook” covers several tools, methods and techniques in each phase of a penetration test that were covered in the previous books. But on the other hand, this book serves as a quick reference guide on some of the basics as well some advanced commands you can use in a Windows or Linux penetration test.

However, Netmux builds on both of these penetration testing reference books as well as other techniques like OSINT and AWS/Cloud and created one of the best and complete reference guides to date! The the “Operator Handbook” covers tools and syntax for most of the popular tools used by penetration testers, cyber forensics (DFIR), cloud professionals and more! This book can definitely be used as a “one stop shop” for all things security related, no matter what team you’re on.

Conclusion

For a list of more books and equipment I recommend, check out the recommendations page

Are you interested in learning more about hacking and penetration testing? Then check out my previous article about the different types of hackers. I also listed some courses you can grab on Udemy! Udemy is an online training platform that always has sales. This is a great way to build your skills at affordable prices!

Then, get some hands on experience and learn about the tools with this article on ten of the common tools you will use in your hacking career.

If you’re looking to prepare for a Penetration Testing certification, check out my previous articles on how to prepare for the SANS GPEN Exam and PASS, or how the lessons I’ve learned from failing the OSCP.

Also, if you want to hear about the experiences of other Cyber Security professionals, check out my show “InfoSec Unplugged“! Live every Thursdays on my YouTube channel and Twitter.

Furthermore, If you like my work, you can buy me a coffee and share your thoughts!

I truly appreciate the kind words and support!

Finally, Enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post Books to Start Your Penetration Testing Journey (2021 Edition) first appeared on Alpha Cyber Security.

Occasionally when I am struggling, I look at this desk sign my wife bought me to cheer myself up. It’s a sign that says “I’m kind of a big deal”. Now, I am in no way cocky or arrogant, but I do look at this from time to time to tell myself that same thing!

Even though this was originally a gag gift, it is very helpful. It helps to keep me going and provide a source of motivation. I am sure if you are in cyber security, you have either heard about or personally dealt with Impostor (or Imposter) Syndrome. But for those who don’t know, Impostor Syndrome is when someone heavily doubts their talents and accomplishments and think they are frauds and don’t belong. I know people in other career fields go through this, but it seems like it is way too common in Cyber Security.

Lately, it feels like I deal with it damn near every other week! When I interview people on my show, give talks or speak on panels and other podcasts, or start a big project, I ask myself “what the hell am I doing here?” repeatedly. Shortly after that, doubt and anxiety start to kick in and before you know it, I am telling myself to stop what I am doing or quit all together. I am telling myself that someone else has done it better, and that I don’t belong.

However, that is far from the truth!. I did do the long nights of studying & practice…and still do! I did invest my money as well as my time to build myself up. Taking away time from my family & friends to work on things. (Still do!) I EARNED those certifications & elevated my career from the bottom. It was me who started doing tech, practically for free, just to get some experience and then work job to job getting paid crappy wages because that was “what I was worth” until I got more experience and training!

I Am Not Alone…

I’m sure I am not the only one with a story like this! Plenty of people just like me fought and clawed to get to where they are and are STILL fighting! In addition, these same people with similar experiences also struggle with Impostor Syndrome as well.

Well, I am here today to tell you that I belong here! I am where I’m supposed to be but this spot is only temporary. I will continue to elevate and move up! And yes….I AM KIND OF A BIG DEAL!….Scratch that….I’M A BIG DEAL! And guess what? If you are busting your ass and grinding away to achieve your goals and reach new heights, you belong here and YOU ARE A BIG DEAL TOO!

Don’t let your doubts get in the way of your accomplishments or FUTURE BLESSINGS and let’s figure out how to deal with this!

How to Deal With Impostor Syndrome

Here are a few tips I use to help deal with Impostor Syndrome:

Acknowledge It

First step is admitting and accepting it. Just like every other problem, you can’t deal with it if you don’t acknowledge the problem exists! Therefore, the first thing we must do is realize when we are going through Impostor Syndrome. You can even talk about with other people and “get it off your chest”! Put it out there. Like I said before, you’re not alone and people may be able to share their experiences as well as advice and words of encouragement!

Stick to the FACTS!

After we acknowledge we are dealing with Impostor Syndrome, the next step is to figure out why. Are we struggling with something? Did we fail an exam or quiz? Is there a topic or subject we just don’t get? Then say that and ONLY that! We’re struggling with one or more things CURRENTLY, not failing at our whole careers or lives.

We all have our “dummy” moments, but that doesn’t mean we are dumb! It’s important that we recognize the source of the frustration, but not let it control the narrative! If we’re struggling with something, then we’re struggling with THAT. It does NOT invalidate all your other accomplishments. While we’re at it…

Remember who YOU Are!

This one thing doesn’t define you. Failing that exam or missing a deadline does not mean you are now a loser. You took a loss, it happens a lot to everyone. However, you have also won a lot! You have several accomplishments that you can be proud of. You did the work and it payed off my you achieving your goals. Remember all you have done and tell yourself that this is just a minor setback and GET BACK UP!

Remember, it’s not about how you messed up, it’s about how you learn from it and recover!

Think Positive and Change the Narrative!

Finally, flip the script! Instead of thinking about how you will never get it, tell yourself how more productive and valuable you will be when you do. Another thing you can try is visualizing yourself in the outcome you are shooting for. See yourself passing the exam or killing that presentation and being successful. You have been successful before, you can do it again! It may sound crazy, but remember, the goal is to stay positive and not feel like a failure or impostor!

Conclusion

In closing, IMPOSTOR SYNDROME! YOU’RE AWESOME! KEEP GOING!

Check out my previous article on how to prepare for the SANS GPEN Exam and PASS!

Also, if you want to hear about the experiences of other Cyber Security professionals, check out my show “InfoSec Unplugged“! Live every Thursdays on my YouTube channel and Twitter.

Furthermore, If you like my work, you can buy me a coffee and share your thoughts!

I truly appreciate the kind words and support!

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.SUBSCRIBE

The post Dealing With Impostor Syndrome first appeared on Alpha Cyber Security.

A few months ago, I decided to take the SANS SEC560: Network Penetration Testing and Ethical Hacking course. This course prepares you to conduct penetration tests in a professional setting. Like other courses, you are taught about tools and techniques used by hackers and penetration testers in real-world assessments. However, the SEC560 also covers what I like to call the ‘business side of penetration testing’. The instructors go in depth about other processes and procedures and best practices that are just as important. As a result, you not only learn the skills and tools used in each phase of an assessment. Instructors also cover non-technical procedures to protect you and your team professionally and legally!

This course also prepares you for the GIAC Penetration Tester (GPEN) exam. The GPEN is considered an advanced level certification course and I recommend that people should have a good understanding of the penetration testing process, tools like NMap, TCPDump and Metasploit, and other methodologies. In addition, they should also be familiar with Windows and Linux operating systems.

The Course

I took the On-Demand course which consists of watching videos and doing the labs. At first, I was a bit hesitant about this because I felt it wouldn’t be as good in quality as in person training. I have taken some on demand courses in the past, and let’s just say they weren’t that great. However, I was pleasantly surprised with the quality of the course and the material. That being said, make sure to pay attention to courses videos and books.

Now, let’s address the elephant in the room! The first thing most people bring up when talking about SANS courses is the price. Although it is true that the courses are expensive, I must admit, you get what you pay for! The course is incredibly detailed, and the instructors make the course easy to follow. They tell personal stories about their experiences making the material easier to understand and remember. Furthermore, the lab environment is also one of the best experiences I had in a training course. The books you are given provide all the instructions needed to get up and running in minutes. Each exercise is clear and concise and the subject matter experts are extremely helpful.      

The Process

Once you receive the On-Demand material, you are given four months to complete the course and access to their labs before you take the exam.  First, I recommend using as much of this time as possible to watch, take notes, do the labs, re-watch, and review. The ideal scenario would be to take a week off and go through the course and labs just like you would if you attended the training live. However, if you are like me and could not take the time off to do this, you can try budgeting your time. Dedicate 3-4 hours every night during the week and more time on the weekends. Use this time to watch the videos and take notes uninterrupted. However, make sure to take small breaks from time to time.

At the end of every book, there are a few lab exercises that reinforce the course material. MAKE SURE YOU DO THE LABS! This will give you the hands-on knowledge and familiarity with some of the commands you may not be familiar with. Try to do at least 3 passes through the course before taking the practice exams and ultimately, the exam itself.

First Pass

My first pass, I watched the videos, took notes, and did all the labs as soon as I got access to the course. I used this time to take the course and familiarize myself with the SANS experience. Although I took notes, they were few and weren’t very detailed. I guess you can call this the passive pass.

After I completed everything (which took me roughly two weeks), I took a couple weeks off before revisiting the material again.

Second Pass

If the first pass was passive, the second pass was active, Unlike the last pass, I had my notepad and highlighters ready to go! My goal this time was to refresh myself on the course, look for any “hidden gems” or useful information, and take detailed notes on some of the more technical topics. Although Tim Medin does an excellent job of explaining the material, I like to transcribe the material in my own words. By doing this, I can use certain words or references that help me remember what I am working on. I also used this opportunity to do extra research online or from other books and resources on some of the tools, commands, and attacks that I felt needed further explaining. As a result, this pass takes significantly longer than the other two.

Again, I took some time off after completing everything.

Third Pass and Practice Exams

The final pass was more of a review of the SANS material and my notes. However, this time around, I made sure I passed all the course review materials with at least a score of 95 before taking the first practice exam. If I missed that score, I reviewed and made a note of what went wrong. I won’t go into detail about the material. However, I recommend you pay attention to all the small details in the syntax of command line commands. Both in a course setting and the real world!

In addition to quickly reviewing the course, you must also review all the labs. Especially ones that you aren’t 100% confident with. Remember, not only are you doing this to pass. You are also spending a lot of time (and money) to improve your penetration testing skills.

Once you are confident in your knowledge of the course and the labs, it is time to take your first practice exam. Although SANS allows you to use your books and notes for the exam, try not to rely on them too much. Only use your notes when you absolutely need to. However, for the practice exams, try not to use them at all. In my opinion, not using your notes will truly gauge how prepared you are for the real thing!

Again, I will not go into the specifics of the course or the exam. However, I will say that the first practice test can have one of two results. The first practice exam can either be a confidence building experience, or a sobering one. For me It was the latter. To clarify, I passed, but I was not happy with my score. If you passed comfortably, congratulations. Schedule your GPEN exam and do some review in the days leading up to your exam. Take the second practice exam one or two days before your exam.

If you failed or barely passed, do not feel discouraged. SANS gives you two practice exams for a reason. Take the results of your practice test and make notes of where you struggled. Next, take another week or so to review those topics. Use the course material, Google, other books, and videos, etc. However, do not forget about where you excelled. Use this as an opportunity to strengthen where you are weak and reinforce where you are strong!  

After you review and revamp your notes, do the course reviews again. Once you pass them comfortably, take the second practice exam. If you reviewed where you went wrong and truly understand the material, your second score should be better than the first.

Congratulations! Now, schedule your GPEN exam and do some review in the days leading up to the exam! In my opinion, you should schedule your exam as soon as possible after the second practice exam.

Indexes

In addition to reviewing your results of the practice test, you should also update your notes. Another great tool to help you prepare for the GPEN and other GIAC exams are indexes. However, if you look online on some sites, creating an index can seem like an enormous project. Filled with tabs, labels, color coding and more! This isn’t true.  You can create your index to be a simple reference guide to the course materials and whatever else you used. My index included tools and topics in alphabetical order, and where to find them. It also included little notes on things I struggled with like hashes, authentication processes, command syntaxes, and more.

Lesley Carhart (@hacksforpancakes on Twitter) has written THE guide on creating an index for GIAC testing. You can read it here.

Exam

Again, I will not go into the details of the GPEN exam. Instead, I will talk about my approach. First, in the days leading up to the exam, make sure you are getting adequate rest. But make sure you are also giving your notes a quick review. Because of COVID-19, you will more than likely be taking the exam remotely with a proctor. Make sure the computer you are using for the exam is ready the day before. After that is all set up, review briefly if you feel you need to. But make sure you give yourself a well-deserved mental break for the better part of the day. The night before, get a good night’s rest (8-10 hours, if possible).

On exam day, have your notes, indexes and reference materials ready to go. You will go through the setup process with the proctor and they will get you set up for the exam. Before you start, take a deep breath (or two), and remember your training!

The GPEN exam is three hours long, but do not be fooled! That three hours can go by quickly. Remember to pace yourself and try not to spend too much time on questions. If you can’t answer it confidently, or find the answer in your notes, you can skip and come back to it. DO NOT GUESS or answer a question unless you are sure of the answer. If you don’t know, skip it and come back! If you need to step away, you are allowed one 15-minute break. But, you must answer all the skipped questions prior to taking it.

Also, some of the questions may seem like it is covering something you didn’t see in the course. Remember to reference your notes if you are stuck and do not let the test intimidate you. Sometimes, I get “exam brain” and my mind goes blank. Remember to breathe and stay calm. If you did your due diligence, you know (or have) the answer. Look at the question and read it a few times. Look for words or phrases that could provide a hint. Check your index and refer to your notes or the books. It will be there!

As for me. After coming down to the wire, I was able to pass my exam and I am now GIAC GPEN certified!

Recap

• Read and study the material thoroughly!
• Take good, detailed notes
• Use an index
• Take the practice test, review and revamp your notes and indexes, take second practice test
• Get some rest the night before
• On exam day, breathe, pace yourself, refer on your reference materials
• CRUSH THE EXAM!!!

Conclusion

There are several ethical hacking and penetration testing courses and certifications out there! Each one has their own individual characteristics. The SEC560 and GPEN exam are no different! However, with proper studying and hands on lab time, you can add this to your certification collection!

To see my previous experience with another hacking certification, check out my post on the OSCP exam.

Next, if you are interested in penetration testing and not sure where to start. You can watch my video on how to install VirtualBox

In addition, you can read my article on how to set up a Kali Linux virtual machine.

Also, if you want to hear about the experiences of other Cyber Security professionals, check out my show “InfoSec Unplugged“! Live every Thursdays on my YouTube channel and Twitter.

Furthermore, If you like my work, you can buy me a coffee and share your thoughts!

I truly appreciate the kind words and support!

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post Prepping and Passing the GPEN Exam first appeared on Alpha Cyber Security.

If you have been following me, you know I am a HUGE advocate of researching and reading books to gain knowledge about penetration testing and cybersecurity! In addition, I have published articles and videos on books I recommend to get your career started. As a result, I have decided to write a few honest and detailed reviews of some books and resources.

First, I realize that there have been several great books released this year. As a result, there more books I must add to my list to get your hacking and cybersecurity career started. And I’m starting with a new book that I feel should be the very FIRST book on the list!

Recently, I purchased “The Pentester Blueprint: Starting A Career As An Ethical Hacker” by Phillip Wylie and Kim Crawley. I am very familiar with each of them and their contributions to the community. As a result, I was excited to see their thoughts on what a newbie should do to get started.

About The Authors

Before I get into my thoughts on this book. First I want to take some time to talk about the authors.

Phillip Wylie

Phillip Wylie is an offensive cybersecurity professional with 23 years of experience in cybersecurity and information technology. He has spent the last 8 years in penetration testing. In addition, Phillip is a Lead Curriculum Developer at Point3 Federal, Adjunct Instructor at Dallas College, and founder of The Pwn School Project.  

Kim Crawley

Kim Crawley is a cybersecurity researcher and InfoSec writer. She enjoys researching social engineering threats, advanced persistent threats (APTs) and malware. Kim has worked for several companies including AT&T Cybersecurity, Tripwire, Sophos and more! Furthermore, Kim runs DisInfoSec, an online cybersecurity conference that features professionals with disabilities.

In addition to joining forces to write “The Pentester Blueprint”, Kim and Phillip have shared their knowledge on numerous occasions . For example, they are both featured in the great “Tribe of Hackers” series written by Marcus J. Carey (who wrote the forward in this book), and Jennifer Jin. (Kim is featured in the first “Tribe of Hackers” and Phillip is featured in “Tribe of Hackers: Red Team“)

My Thoughts On The Book

First, I feel that Phillip and Kim named the book PERFECTLY! “The Pentester Blueprint” is just that. It excels at creating a blueprint to begin your journey into penetration testing and cybersecurity. From explaining what penetration testing is, the differences in the “hats” and types of assessments, the phases of a penetration test, and terms you will encounter in this field. In addition to this, Phillip and Kim go in depth on the education, certifications and training one should obtain to gain the foundational knowledge.

Not only do the authors share their experiences to advise the reader. Similar to the “Tribe of Hackers” books, they gathered input from other seasoned professionals. They all share their experiences and opinions on topics ranging from how they build their lab environments, how they gained their knowledge and experience and tips on how to get your first job!

Furthermore, I really like that they explain how different skills from other fields and experiences can transfer over to cybersecurity. One thing we often hear when talking to people is that they are hesitant to start or switch careers. They are concerned because they don’t think they can learn the skills to be successful. Especially when people are looking for a change because of personal choices or because the pandemic have left them unemployed. And in my opinion, that is the beauty of cybersecurity! Our different walks of life and experiences provide us different outlooks on how to attack and/or defend a target. Phillip and Kim did an excellent job in showing this!

Conclusion

In closing, “The Pentester Blueprint” is an excellent book if you are interested in starting your penetration testing career. Phillip, Kim and all the contributors are very knowledgeable in this field and share some great gems! I highly recommend reading and using it to assist you developing a plan to successfully gain knowledge and experience!

If you liked this article, please check out my previous article “Why You are Going to Get Hacked!“

Also, check out my last episode of InfoSec Unplugged with guest Tracy Z. Maleeff!

Please remember to like, comment, share and follow me:

• Twitter
• Instagram
• Facebook
• Twitch
• YouTube

If you like my work, you can buy me a coffee and share your thoughts!

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post Honest Review: The Pentester Blueprint first appeared on Alpha Cyber Security.

2019 saw Billions (with a ‘B’) of user accounts hacked and breached. These are emails, social media accounts, apps and more. When you hear about these breaches in the media, they are usually attached to some big-name companies like Equifax, Capital One, Target or Home Depot. However, they rarely talk about the smaller companies or everyday users that get hacked. I don’t know for certain, but if they did have an actual count, I am willing to bet that number would double or even triple!

Did you know most companies do not know they are hacked for an average of 6 ½ months? That is with some of them having the best firewalls, protection and cyber security staff money could buy! If that can happen to them, imagine what could happen to the regular home user. Especially the ones who think this can’t happen to them and do not practice proper security “hygiene”. As a result, users are more prone to hacking attacks. Even worse, they’re already hacked and aren’t aware of it!

Here are five reasons why you are risking being hacked, if you aren’t already!

You are Using Weak and/or Reused Passwords

The first reason you are risking being hacked is because you don’t use strong passwords. Passwords are your first line of defense between your personal information and attackers looking to steal it. Therefore, creating strong, unique passwords is highly recommended. However, people use many different accounts and seem to struggle with coming up with strong passwords for every account. As a result, users sometimes make weaker ones and/or use the same password across several accounts. This is extremely dangerous because if an attacker gains access to one account using the same password for other accounts, then the attacker will have access to all the accounts.

An example of a strong and unique password includes each of the following:

• Long – at least 12-15 characters
• Mixed – Combination of uppercase and lowercase letters as well as numbers and special characters. Also use spaces if possible
• Never Repeated – Never use a password more than once. If one account gets compromised, then every account that uses the same password is at risk
• Memorable to You – Make sure the password is something you can remember. Use something like a passphrase.

In addition, you can also use password managers to help create strong, unique and unguessable passwords. The password manager also saves it in their “vault” where you can then copy and paste them if you need to access an account. A great password manager tool is Lastpass. The reason I recommend Lastpass is over others like Dashlane is because Lastpass’ premium version comes with multi-factor authentication service.

Get Lastpass here.

Here is a video on using strong passwords.

You Have No Real Anti-Virus Protection

The next reason, which in all honesty could be a factor in all of these is that you are cheap. You don’t want to spend a few dollars to help your cause. For example, if you have a computer or device that has access to the internet, you need to protect it with Anti-virus. However, people will go online and download the latest and greatest free protection. Or even worse, rely solely on software like Windows Defender. Windows Defender is not good enough and most free Anti-virus software isn’t very good at all. Furthermore, some of the free stuff bombard your computer with adware or even malware that slows your computer down. It is a small investment, but it is important to have your devices protected.

Devices are constantly infected with malware, making users victims of ransomware and losing their data. Not having proper anti-virus or having the latest virus definitions installed puts your devices and data at risk. More reason to invest in good anti-virus software

PCMag.com does a good job of testing and listing the top anti-virus software out along with their pros and cons. One of the top rated ones on this list that I use and strongly recommend is Webroot. WebRoot is extremely fast and offers other features like Identity Protection and System Optimization scans.

Get WebRoot Anti-Virus here.

You’re Not using a VPN and Connecting to Open Networks

With more people working from home, the bigger the risk of attackers stealing data. When you connect to open wi-fi networks at shops and stores, you are connecting to a network that should not be trusted. Open wi-fi networks are not secure. In addition, several other people are also connected to this same network. As a result, someone with the skillset and malicious intent could possibly see what sites you are visiting and even see what you’re typing!

That is why I recommend using a virtual private network or VPN to help keep your data private. VPNs connect to different networks securely and encrypt your data transmitted over the internet. There are several VPN services out there to choose from. In fact, VPNRatings has created a list of the best VPN services of 2020.  Although there are several on this list, I recommend NordVPN!

NordVPN has several servers from various locations you can connect to. This presents several opportunities for users to take advantage of several things as well as securing your network traffic. (Read here for more information) Nord also doesn’t keep logs which helps make your browsing experience more private and secure. In addition, I recommend this VPN service because of their upgrades and improvements since having some issues that were disclosed last year. One major improvement was the partnership with the creator of HaveIBeenPwned, Troy Hunt!

Get NordVPN here.

You Keep Clicking Dangerous Links

Another reason you probably are hacked as we speak is because you are too trusting! Sure, you may have strong passwords and protection. What good is a secure password and great anti-virus if you give the attacker the very access you are trying to protect? If an attacker crafts an email that the user believes to be authentic and they click a link in the email, it’s game over!

These links usually contain malware or redirects the victim to a site the attacker controls and makes the victim enter their username and password. The user thinks it is legit, but they really gave access to the attacker.

Believe it or not, this happens often. This is known as phishing. It involves tricking users to access specially crafted links and websites. Here are a few tips to help you avoid opening suspicious messages:

• If you do see a link that is questionable, try hovering over the link to see the address. However, in some cases hovering over the link can still trigger the exploit. You can also use a link scanner to test if the link is malicious
• Pay attention to the actual email address or source of the message. It may look like a real and trusted email address. But there might be some subtle differences in the domain name or misspellings and grammatical errors that you may miss at first glance
• Most banks and organizations will not send you messages asking for your credentials or to change your password. If you do receive an email from a bank or institution, call them directly. DO NOT use the contact information provided in the message
• If you get a friend request from someone who you are already friends with, try to reach out to them and confirm that they sent the new page request
• If you receive a message or text from a friend that is uncharacteristic of them, do not click anything. It may be a fake or they may have been compromised
• Don’t get intimidated by threatening emails that use words like “Urgent Action” or messages from people claiming they are from a government agency. Contact the bank or agency directly and confirm (*Note most government agencies will not contact you via email)

You Do Not Secure Your Phone

Finally, the last reason you are at risk of being hacked is because you are overlooking an important piece of technology. People tend to forget that they carry powerful computers in their pockets every day! I am talking about their phone. Some high-end phones have stronger processing power than most computers. As a result, some people use their phones more than they use their own computers. However, they don’t protect their phones like they would their home PC or laptop. As a result, they’re leaving devices vulnerable to malicious attackers.

Mobile devices are a top target for attackers since most users store practically their entire lives on them. Everything from their passwords, emails social media accounts, financial information, personal files, etc.

Therefore, it is crucial that you treat your phone with the same sense of security I am writing about in this article. You can follow every one of these steps when securing your phone. In addition, you can also do the following:

• Keep your phone updated with the latest version of Android or Mac OSX
• Keep your phone locked with a 4-6-digit passcode, pattern, fingerprint, or facial recognition
• Use strong passwords for all your personal apps (banking, email, shopping, social media, etc.)
• Enable Find My Device/Find My iPhone
• Use Wi-Fi / Bluetooth as needed and use a VPN on untrusted networks
• Confirm apps are from a trusted source and manage your app permissions

Conclusion

In closing, no one wants to have their data stolen. But these five things are reasons why it happens and why it will continue to happen. These are five issues you can fix to prevent it from happening to you. So, do yourself and your loved ones a favor and protect your information!

If you are looking for more secure options to use the internet every day, check out my latest article on that very topic!

Another thing you should consider doing on a regular basis is backing up your data. Having recent copies of your data is crucial to restore anything lost from hardware/software failure or devices infected with malware or ransomware. Read this article for more information.

Are you having a difficult time working while in quarantine? Read this article for ten tips to help you get through this challenging time.

Also, please remember to like, comment, share and follow me:

• Twitter
• Instagram
• Facebook
• Twitch
• YouTube

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post Why You are Going to Get Hacked! first appeared on Alpha Cyber Security.

Before You Install

Before you download and install Kali Linux, you must make sure the computer you are using meets some of the recommended requirements. This will help ensure you can run multiple virtual machines at once without any issues.

• Make sure your computer’s hardware virtualization settings are enabled in your BIOS settings. Most current PCs should have it enabled, but if you are using an older computer or are having issues running virtual machines, you may have to enable this setting. (You will have to Google your model computer to see how to turn this on)
• Most people recommend 4GB of RAM, but I usually make sure I have at least 8-10GB of RAM. This makes sure you have enough RAM to run your host and guest operating systems smoothly.
• Make sure you have enough hard drive space on your host computer to install each virtual machine. The sizes of memory on each virtual machine is different, so make sure your hard drive has room if you plan on installing several at a time

Having enough RAM and memory to run your host and guest environment is crucial. Not only will the machines be slow during use, you run the risk of system crashes and failures.

Now that we have made sure our computer meets the recommended requirements, we can download and install the virtualization software that will run the machines we download. There are several types of virtualization software to choose from, but I am going to cover using Virtualbox for this article.

If you need to learn how to install VirtualBox, click here, or watch this video

What Is Kali Linux?

Kali Linux is one of the most popular hacking distributions used today. It is Debian based Linux Operating System. It is also open sourced and maintained by Offensive Security. Earlier this year, Offensive Security released the new Kali 2020.1. This updated version of Kali has several new features including:

• New Tools like Sherlock and Email Harvester
• Non-Root default users
• Kali Undercover Mode (Not helpful in labs but still a really cool feature)

Since then, Kali has been updated again to 2020.2 and more recently, 2020.3. This version improved on previous issues as well as added even more features and tools like capability to install and use Powershell and soon, Kali will switch from the traditional Bash shell to ZSH shell!

Offensive Security provides .iso files that allow you to do a clean installation from burning the disk image to a CD or a bootable USB stick. However, there is a simpler option we are going to use with our virtual hosting software. If you go to this page and scroll down, you will find a section named “Download Kali Linux VMWare and VirtualBox Images”.

Install Kali Linux on VirtualBox

On the Offensive Security download page, select “Kali Linux VirtualBox Images” and select the architecture you need. Since we are using a 64-bit host machine, we will select the 64-bit file. It’s a significantly file so be patient and wait for the file to download.

Next, start VirtualBox. Click File and select “Import Appliance”. Navigate to where your Kali Linux file is located and click it. You will find the .ova file. Click that and select “Open”, then click “Next” and finally, click “Import”. VirtualBox will use the settings in that file to create the virtual machine.

Now, you will see your Kali Linux virtual machine. When you click it, you will see the system settings. Click the green arrow and start the virtual machine.

*Note – If you run into any error messages, download and install the VirtualBox Extension Pack. Make sure the extension pack matches the version of VirtualBox you are running.

Follow the steps and when the login screen comes up, use the same credentials we used for the VMWare image. The username is “kali” and the password is “kali”.

And we now have a Kali Linux machine running on VirtualBox.

Conclusion

Now with our Kali Linux installed on VirtualBox, we are almost ready to get to the fun stuff! We still need to make sure our virtual machine is updated and secured. Also, we need to install some tools to help us pop some shells! In addition, I want you to get accustomed to installing virtual machines because I am going to give you some homework in the coming articles!

Check out my recent article on the difference between a vulnerability assessment and penetration tests.

If you are interested in learning about techniques used by hackers, Penetration Testers and other Cyber Security professionals, check out my article on Udemy courses you should get on sale!

I also made a list of ten books I recommend you get to help you get started in Penetration Testing. You can read it here. If you want the TL;DR version, check out my video on YouTube

Please remember to like, comment, share and follow me:

• Twitter
• Instagram
• Facebook
• Twitch
• YouTube

Finally, enter your email address to subscribe to this blog and receive notifications of new posts by email.

The post How to Install Kali Linux 2020.3 first appeared on Alpha Cyber Security.