Results 1 to 5 of 5

Thread: How Can I Become a good Pentester ! Share/Save - My123World.Com!

  1. #1

    How Can I Become a good Pentester !

    Hello It's Been Two years I Learn About Hacking

    so i Learn Some Good Stuff Sql Injection , LFI , RFI , Blind Sql Injeciton , Xss

    and some server tricks

    now i want a setup a virtualmachine

    to test my Skills And finding New Vuln So I Use Debain On My Laptop and Never Use Windows And I want Setup some Server in VirtualMachine With VirtualBox

    So I need Some Good Stuff How To Create a Good Lab ! to Start and Thanks

    It's Ma first Time To Comming In This Forums But It's Looks Good

    Thanks very Much
    Last edited by Pr1x; 05-31-2011 at 09:31 AM.

  2. #2

    Wink

    First of all welcome to the forum !

    Well from your description I am considering your aim is towards web app hacking more at this time so I will give info about test lab for checking your web app hacking knowledge.

    To test your Web Vulnerabilities knowledge you can use some tools from foundstone like
    Hackme Bank, Hackme Casino, which can setup the Vulnerable Web Application in your test machine. Here are some tools which you can get from foundstone

    Hacme Bank v2.0
    Hacme Bank™ is designed to teach application developers, programmers, architects and security professionals how to create secure software.

    Hacme BooksFoundstone Hacme Books is a learning platform for secure software development.

    Hacme Casino v1.0Foundstone Hacme Casino™ is a learning platform for secure software development.

    Hacme ShippingHacme Shipping is a web-based shipping application developed to demonstrate common web application hacking techniques.

    Hacme TravelHacme Travel is designed to create secure software.

    These tools come with the documentations also. So if you stuck exploiting and of the vulnerabilities the documentations help you with what kinda vulnerability is there in the application and how it can be exploited by an attacker.

    My suggestion would be try to find out vulnerabilities in these web app yourself first then go on read the answers in the documentations.
    Orkut id: neo1981
    Blog: infosec-neo.blogspot.com
    Nothing is Impossible*


    *Conditions Apply

  3. #3
    Thanks Neo Bro ... Also ~ I Have Some [ Q ] Need [ A ] I want Find vulnerabilities in Server Programms Like OpenSSH , Proftpd , OpsnSSL , And Some vulnerabilities Also There Many Iso DE-ICE desgined to find vulnerabilities and getting root but idon't know how it's work would you show me some books are some good advice to starting

    and also what's is good programming language to start and coding tools

  4. #4
    if you want to learn website/webapp hacking, Webgoat is alright.
    https://www.owasp.org/index.php/Cate...ebGoat_Project

  5. #5
    Pr1x ! I would suggest you to either join PWB or read some books on SANS. SANS 560 series e-books can be found on torrents (including speech). Just search for it you'll get a good material there.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •