How Can I Become a good Pentester !

**Pr1x** · 05-31-2011, 09:18 AM

Hello It's Been Two years I Learn About Hacking

so i Learn Some Good Stuff Sql Injection , LFI , RFI , Blind Sql Injeciton , Xss

and some server tricks

now i want a setup a virtualmachine

to test my Skills And finding New Vuln So I Use Debain On My Laptop and Never Use Windows And I want Setup some Server in VirtualMachine With VirtualBox

So I need Some Good Stuff How To Create a Good Lab ! to Start and Thanks

It's Ma first Time To Comming In This Forums But It's Looks Good

Thanks very Much

**neo** · 05-31-2011, 11:51 AM

First of all welcome to the forum !

Well from your description I am considering your aim is towards web app hacking more at this time so I will give info about test lab for checking your web app hacking knowledge.

To test your Web Vulnerabilities knowledge you can use some tools from foundstone like
Hackme Bank, Hackme Casino, which can setup the Vulnerable Web Application in your test machine. Here are some tools which you can get from foundstone

Hacme Bank v2.0
Hacme Bank™ is designed to teach application developers, programmers, architects and security professionals how to create secure software.

Hacme BooksFoundstone Hacme Books is a learning platform for secure software development.

Hacme Casino v1.0Foundstone Hacme Casino™ is a learning platform for secure software development.

Hacme ShippingHacme Shipping is a web-based shipping application developed to demonstrate common web application hacking techniques.

Hacme TravelHacme Travel is designed to create secure software.

These tools come with the documentations also. So if you stuck exploiting and of the vulnerabilities the documentations help you with what kinda vulnerability is there in the application and how it can be exploited by an attacker.

My suggestion would be try to find out vulnerabilities in these web app yourself first then go on read the answers in the documentations.

**Pr1x** · 05-31-2011, 03:09 PM

Thanks Neo Bro ... Also ~ I Have Some [ Q ] Need [ A ] I want Find vulnerabilities in Server Programms Like OpenSSH , Proftpd , OpsnSSL , And Some vulnerabilities Also There Many Iso DE-ICE desgined to find vulnerabilities and getting root but idon't know how it's work would you show me some books are some good advice to starting

and also what's is good programming language to start and coding tools

**MissJoJo** · 08-07-2012, 09:40 AM

if you want to learn website/webapp hacking, Webgoat is alright.
https://www.owasp.org/index.php/Cate...ebGoat_Project

**marc_kriss** · 08-11-2012, 10:13 PM

Pr1x ! I would suggest you to either join PWB or read some books on SANS. SANS 560 series e-books can be found on torrents (including speech). Just search for it you'll get a good material there.

Thread: How Can I Become a good Pentester !

LinkBack

Thread Tools

Search Thread

Display