Posts

Posted on

Useful cyber security learning sites: an essential top 10 list of platforms

Here is a short summary list of useful cyber security learning sites, suitable for all levels of experience ranging from novice, through to more advance levels of skills and expertise.

In no particular order:

1. The XSS Rat (https://thexssrat.podia.com/) provides material relating to penetration testing and web application security.

2. TryHackMe (https://tryhackme.com/) has various training paths and rooms relating to both offensive and defensive cyber security. Offers free and paid for content.

3. Security Blue Team (https://securityblue.team/) provides learning material for blue team defenders. Offers certification for working within a SOC environment.

4. OffSec (https://www.offsec.com/) formerly Offensive Security, that offers a premier platform within offensive security for training, certification and community-based activities.

5. Hack The Box (https://www.hackthebox.com/) is a useful platform that offers both free and paid for content, that allows CTF hobbyists to exploit vulnerable machines created by the community.

6. Portswigger (https://portswigger.net/) a professional web application software company that provides the well known BurpSuite tool, and offers a learning platform and certification.

7. PentesterLab (https://www.pentesterlab.com/) is a learning platform for web application testing and several other learning paths, covering learning material useful for cyber security.

8. Altered Security (https://www.alteredsecurity.com/) provides training and certification that focuses more on red teaming, penetration testing Microsoft Active Directory based networks.

9. Zero-Point Security (https://www.zeropointsecurity.co.uk/) is a learning platform that covers red teaming, such as targeting simulated users, using C2 infrastructure, and exploitation.

10. INE (https://ine.com/) a learning company that acquired the eLearnSecurity platform, offering cyber security certifications around penetration testing infrastructure, and web applications.

Posted on

New CREST penetration testing certifications

CREST has recently announced several new penetration testing certifications:

  • CREST Registered Security Analyst (Penetration Testing) – CRSA
  • CREST Certified Security Consultant (Red Team) – CCSC RED
  • CREST Certified Security Consultant (Networks) – CCSC NET
  • CREST Certified Security Consultant (Web) – CCSC WEB

Further information can be found on the CREST website.

Posted on

How to become CHECK “green lighted” to deliver ITHC (guidance for organisations and people)

For a company to become a CHECK approved organisation, otherwise known as having been granted a green light status to undertake ITHC penetration testing or vulnerability assessment services, a CHECK approved company is able to conduct security assessments for UK government agencies or critical national infrastructures (CNI).

NCSC has the following to say when discussing what CHECK is and what it means for penetration testing services:

CHECK is the term for the NCSC approved penetration test companies and the methodology used to conduct a penetration test. Companies providing CHECK services do so using staff who hold NCSC approved qualifications and have suitable experience. Penetration tests are conducted using NCSC recognised methods and the subsequent report and recommendations are produced to a recognised standard.

Also directly qouted from the NCSC website for obtaining CHECK, the following criteria must be met prior to the CHECk assessment:

  • the company must be able to sign-up to English law
  • the company must have performed penetration testing service under their company name for a minimum of 12 months
  • all proposed team members must be able to hold SC clearance
  • there is a minimum of one team member who has passed a CHECK Team Leader examination, and can provide a technical (only) CV, 2 redacted penetration test reports they have authored, and have at least 12 months penetration testing experience

Guidance for organisations seeking to be assessed by NCSC in order to obtain CHECK status can be found: here

Posted on

How to join CREST as an organisational member

CREST is widely known in the penetration testing indusry, due to CREST’s professional membership scheme, professional certification for penetraiton testers, and support towards becoming CHECK with NCSC.

Ann excert from CREST’s website regarding membership:

In accordance with CREST’s stated aim “to increase professionalism in the security testing industry”, CREST places requirements on member companies in order to ensure that consistent standards of services are delivered.

It is worth noting that as covered in the FAQ provided by CREST, obtaining organisational membership is not dependant on people holding CREST-based certifications.

For full guidance on joining CREST as an organisational member (for organisations), the following link will be of help: click here

Posted on

Security Blue Team

I recently came across Security Blue Team, a website that provides training and certification towards blue team cyber security. Here is a link to their website: https://securityblue.team/.

Security Blue Team also provide an additional site called Blue Team Labs Online (BTLO), which has both free and premium training courses, covering all topics of interest for blue teams, such as incident response and reverse engineering. This site can be accessed here: https://blueteamlabs.online/.

The Blue Team Level (BTL) certification pathways by Security Blue Team are of great interest, offering the following topics to learn more about:

  1. Phishing Analysis
  2. Threat Intelligence
  3. Digital Forensics
  4. SIEM
  5. Incident Response
Posted on

Linux Foreground Process

When working within the Linux terminal and issuing a command to launch an application, the terminal will continue to run that application and it may seem the need to spawn a new terminal window. However, with using the command shortcut to foreground a process (ctrl + z), this will take the current application within terminal and place it as a background process:

root@kali:~# maltego
Config File path = /root/.maltego/v4.2.3/etc/maltego.conf
canonical: /usr/lib/jvm/java-8-openjdk-amd64/jre
javaHome: /usr/lib/jvm/java-8-openjdk-amd64/jre
resource:com/paterva/maltego/java/config/jre/TestJDK.class -> /tmp/temp397219231743671113628418889499750/TestJDK.class
executing: /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -classpath /tmp/temp397219231743671113628418889499750 TestJDK, in: .
result: 0
command execution finished
out: 1.8.0_212, 25.212-b01, Oracle Corporation, Linux, amd64
jdkhome: /usr/lib/jvm/java-8-openjdk-amd64/jre
canonical: /usr/lib/jvm/java-8-openjdk-amd64/jre
javaHome: /usr/lib/jvm/java-8-openjdk-amd64/jre
executing: /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -classpath /tmp/temp397219231743671113628418889499750 TestJDK, in: .
result: 0
command execution finished
out: 1.8.0_212, 25.212-b01, Oracle Corporation, Linux, amd64
jdkhome: /usr/lib/jvm/java-8-openjdk-amd64/jre
Checking for updates Sat Jan 04 00:24:29 GMT 2020
Found 0 updates.

When the background a process command shortcut is issued, the current process is backgrounded and awaits for further input from the user. You will now notice the application may seem unresponsive. To resume the process, you will need to bring the process to the foreground using the fg command, e.g.:

root@kali:~# fg 1
maltego

To obtain the number ID for the backgrounded process to restore as a foreground process, you can issue the jobs command:

root@kali:~# jobs
[1]+ Stopped maltego