Razvan's wiki

User Tools

Site Tools

You are here: start » guides » Cybersecurity Guide
Trace:
guides:cybersecurity

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
guides:cybersecurity [2021/10/02 19:16]
razvan created 		guides:cybersecurity [2021/10/02 20:36] (current)
razvan [Wargames] Add section on vulnerable boxes
Line 43: Line 43:
  
 A very good starting point is [[https://picoctf.org/|picoCTF]], that's created specifically for beginners making their first steps in the cybersecurity world, in a practical manner. A very good starting point is [[https://picoctf.org/|picoCTF]], that's created specifically for beginners making their first steps in the cybersecurity world, in a practical manner.
 +
 +A nice extensive collection of CTF challenges, classified by topics, are on [[https://ctflearn.com/challenge/1/browse|CTFLearn]].
 +There's quite a bunch of them and you can spend quite a bit of time on.
  
 We recommend that you continue with [[http://overthewire.org/wargames/|OverTheWire]]. We recommend that you continue with [[http://overthewire.org/wargames/|OverTheWire]].
Line 54: Line 57:
 It's a binary wargame that's getting you through a lot of the common exploiting patterns in nowadays software. It's a binary wargame that's getting you through a lot of the common exploiting patterns in nowadays software.
  
-In Romania you can use [[https://cyberedu.ro/|CyberEdu]] as a collection of challenges to solve.+Also look at [[https://cyberedu.ro/|CyberEdu]] for collections of challenges to solve
 + 
 +===== Vulnerable Boxes ===== 
 + 
 +A more complex set of challenges figures an entire virtual machine that you have to exploit. 
 +The virtual machine usually has a realistic setup with a vulnerability (or more) that you have to discover. 
 +The virtual machine has to either be downloaded or it is accessible online. 
 + 
 +These challenges are more difficult as they generally require you to go through all steps of a cybersecurity attack: reconnaissance, enumeration, exploiting, remote code execution, privilege escalation. 
 +This also makes them more realistic, so it's important you take a look on those. 
 + 
 +[[https://tryhackme.com/|TryHackMe]] is an excellent platform with both free and paid content and online virtual machines. 
 +It provides learning-centered "paths" in which you can discover or expand computer and cybersecurity related topics. 
 +All items are centered around remotely accessible virtual machines (via a VPN connection). 
 + 
 +Another place to look into is [[https://www.vulnhub.com/|VulnHub]]. 
 +VulnHub is a community repository of vulnerable virtual machines. 
 +Community members create and make available virtual machines on the VulnHub website. 
 +Virtual machines have to be downloaded and installed and exploited locally. 
 +As a community-centered repository, VulnHub has a large set of vulnerable boxes you can toy around with. 
 + 
 +[[https://www.hackthebox.eu/|Hack the Box]] is the next place you want to look for vulnerable boxes. 
 +Hack the Boxes is a more business-oriented organization, with items also available based on a paid subscription and special offers for companies. 
 +Virtual machines are already deployed and you can access remotely via a VPN connection.
  
 ===== CTFs ===== ===== CTFs =====
guides/cybersecurity.1633191397.txt.gz · Last modified: 2021/10/02 19:16 by razvan

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki