Pentesting Book for beginners

exspiravitexspiravit MemberMember Posts: 44 ■■□□□□□□□□
So, at a local maker space I'll be starting up a group with the interest of making a virtual cyber range, if you will. I want to accomodate all levels from Total Newb on up. I have found two books that I think could be used as text books that will hopefully hold our hands enough to set up the environment. If someone here happens to have some experience in using a book (ideally) on how to do this, please chime in. The two books are:

Building Virtual Pentesting Labs for Advanced Penetration Testing
Packt Publishing, June 2014
http://amzn.to/1hTr6FO

The Network Security Test Lab: A Step-by-Step Guide
Wiley, August 2015
Amazon.com: The Network Security Test Lab: A Step-by-Step Guide eBook: Michael Gregg: Kindle Store

Since I am in a state of "discovery" as I search *.edu domains, I do have more material. Having a book that everyone could buy and take home is really helpful. I also have some CTF links and other resources I gathered from DC23. But, any links, or other resources would be greatly appreciated.

Comments

  • BlackBeretBlackBeret Member Posts: 684 ■■■■■□□□□□
    Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman Penetration Testing: A Hands-On Introduction to Hacking: Georgia Weidman: 9781593275648: Amazon.com: Books

    I felt this was a great book even for beginners.
  • iBrokeITiBrokeIT GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,309 ■■■■■■■■■□
    Arizona Cyber Warfare Range - Arizona Cyber Warfare Range | Revolutionary advancement in cyber security happens here. does something like this already. Might want to check them out to see how you can compliment what they have to offer and do better in other areas.

    ** Not trying to rain on your parade at all just letting you know that something like this already exists. The more labs available to the public the better in my mind.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA | eCPPT | eWPT | eCTHP

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security
  • josh.armentrout1josh.armentrout1 Member Posts: 36 ■■■□□□□□□□
    I found Basic Security Testing with Kali Linux to be a pretty good intro to several tools within Kali for when you get your lab environment going.
  • exspiravitexspiravit Member Member Posts: 44 ■■□□□□□□□□
    iBrokeIT wrote: »
    Arizona Cyber Warfare Range - Arizona Cyber Warfare Range | Revolutionary advancement in cyber security happens here. does something like this already. Might want to check them out to see how you can compliment what they have to offer and do better in other areas.

    ** Not trying to rain on your parade at all just letting you know that something like this already exists. The more labs available to the public the better in my mind.

    Plenty of cyber ranges out there, but, I'm in the DC area and I want to earn CPEs for my certs at the same time, you know? Sure, plenty of meet-and-greet groups out there which serve a purpose. But, I'd rather earn them this way.

    I'm editing this comment as I looked at that link, and, really, thanks! We may actually use that in the beginning to simply offset the cost of starting of a VM server and everything that goes with it. However, then, the beginners who have never used virtualization won't gain that knowledge, or how to use "make" and the associated troubleshooting that first time around. I feel you need to have that fundamental knowledge. But, yeah, I like the AZCWR a whole lot. Might utilize both the in-house building from the ground up for beginners and AZCWR for more intermediate to advanced topics.

    Thanks for the tips/links/books guys, I'm making the list!
  • iBrokeITiBrokeIT GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,309 ■■■■■■■■■□
    Ah! I like the angle of including CPEs with the lab time, thats a great idea.

    Another one just came to mind is called www.vulnhub.com that has single VM images from beginner to advanced that you break into, also includes walkthroughs on how other accomplished it.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA | eCPPT | eWPT | eCTHP

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security
  • exspiravitexspiravit Member Member Posts: 44 ■■□□□□□□□□
    iBrokeIT wrote: »
    Ah! I like the angle of including CPEs with the lab time, thats a great idea.

    Another one just came to mind is called www.vulnhub.com that has single VM images from beginner to advanced that you break into, also includes walkthroughs on how other accomplished it.

    Thanks, again!
  • exspiravitexspiravit Member Member Posts: 44 ■■□□□□□□□□
    I re-found this book, I used this a little ways back, it's very entry level based:

    Computer Security Lab Manual (Information Assurance & Security): 9780072255089: Computer Science Books @ Amazon.com

    I also found another lab book, I'm hoping to get some review copies versus buying them all to see...

    Hands-On Information Security Lab Manual: 9781285167572: Computer Science Books @ Amazon.com
Sign In or Register to comment.