Anyone who knows me will tell you IT Security has always been something I’ve been interested in and passionate about. And after obtaining a degree, several years in IT, and a few CompTIA certs later, I’ve decided to go after my OSCP.
Just like most IT fields there are a million places to start, and a million paths to cross, just to end up at the same place. So after extensive research and peer insight I came up with a path that will (should) work for me.
I started with reading Penetration Testing: A Hands-On Intro To Hacking by Georgia Weidman. This book is a great starting place and I highly recommend starting here if you’re trying to get in to PenTesting. The book covers a lot of good topics and tools that are commonly used in real world tests. Georgia also provides you with software (you’ll need to obtain the Windows OS) to make the machine vulnerable and give you real world testings scenarios. It doesn’t cover everything, but that’s something she states in the beginning. PenTesting is so vast and has a million different angles, and she can’t cover that all in one book.
I also ordered and am now starting The Hacker’s Playbook 2 (THP2). I setup my lab based on the recommendations of the book. But also early on they suggest using sites such as OverTheWire’s War Games to get familiar with some intro level stuff. I’m currently about halfway through their CTF challenge called Bandit which is what made me decide to starting blogging and talking about my progress! I’m hoping this will help others as their posts have helped me, and give me experience in vulnerability write-ups.