Suggested Resources for Learning IT Security
To Get Started:
1.) Build a home lab. Any PC or laptop with an i3 and 8GB of memory will be excellent, but you can get away with even 4GB for two Linux VMs.
2.) Try some exploits. Install VMware Player or Fusion then add a Kali VM for an attack platform and Metasploitable 2 as a victim. (Get help online.)
3.) If you have time, try some of the blogs or news feeds from the list below. Pick the one you like best, and keep up.
4.) If you like learning from books, choose one from the list below.
The Hacker Playbook 2
The Basics of Hacking and Penetration Testing
Rtfm: Red Team Field Manual
Metasploit – The Penetration Testers Guide
If you love reading, find other books on the excellent list here.
http://risky.biz/ <– Excellent podcast weekly
https://www.elearnsecurity.com/virtual-labs/ <– Best by far
Build a home lab:
– VMware Player is free. Run 3 full, or 10 small VM’s on a PC or nice laptop.
– VMware Workstation costs a few hundred $ and adds more networking support.
– VMware ESXi is free, highly professional, and will help you in corporate IT Centers where real companies with massive installations use VMware all the time. You must be able to work in a VMware environment if you want to be a pentester. However, you need to dedicate a computer to build an ESXi server. HapiRat runs 32 VM’s and 40 networks on ESXi using an i7 box with 16GB mem. http://hackingaway.org/small-esxi/ Any PC or laptop with an i3 and 8GB of memory will be excellent, but you can get away with even 4GB for two Linux VMs.
Tools for your home lab:
https://www.kali.org/ <–Includes nmap, Metasploit, ncrack, john-the-ripper and many other important tools!
Add or import some vulnerabilities to your home lab: