When starting out in the field of cyber security, whether that is on your own or through higher education, you are confronted with a massive problem. There are so many skills and information out there! You probably have asked yourself, where do you start first? In this blog, I hope to ease your mind and point you in the right direction. We are going to talk about the first skills you should focus on before venturing out and specializing.
The attacker methodology is a fantastic framework for thinking about how attackers go about hacking stuff. You will use it whether you would like to or not during the OSCP process.
The methodology consists of many steps. The first of which is to figure out what you are attacking, aka enumerating ports and services. Many people approach this phase with half-heartedness, jumping on the first clue they find. Contrary to your giddy ego, you probably will not find your way into a system within the first five minutes. Maybe. But chances are slim.
In this blog post, we will discuss tools and techniques used to gather data on your targets to set up a avenue for additional recon. Another blog posts will cover other types of recon including web applications specifically.