Top 5 hacking books

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
- Hey everyone, it's David Bombal back with Neal Bridges. I've received a bunch of questions, I've been watching some of Neal's Twitch stream and he's been getting a lot of great questions on his Twitch stream so I've taken some of those questions and we'll discuss some of those here and perhaps if the video gets too long in a separate video. But Neal welcome. - Thanks as always David and glad you decided to have me back again.(laughs) (upbeat music) - So, Neal, let's start with a question that a lot of people have asked. I get this all the time. What books or are there any recommended books that you would have for getting started in cybersecurity? So let's start with that. Do you have like a top three, top five books that you would recommend someone look at getting if they wanna get started in cybersecurity? - Absolutely. And actually I went to my bookshelf and actually pulled some books together so I could do like a little show and tell. The only book that I don't have here that you may have to include a link for is a book called "The Pentester Blueprint" which is starting a career as an ethical hacker by Phillip Wylie and I'll send you the link on that that you can get on Amazon. I don't have a physical copy of that book. That would be like book number one. So we had Phillip on our stream a couple of weeks ago and he was talking about that book and talking about his desire and his passion and some of the mentorship things that he does to try to get people into a career in ethical hacking. He does a project called Pwn School with the university in Texas where he actually teaches ethical hacking to universities for free and brings that free ethical hacking training. So he took all of that knowledge on starting a careers in ethical hacking, and brought it into a book called, "The Pentester Blueprint." So that's book number one, that I would 100% recommend everybody get on board with as well. It's hard 'cause I've got a bookshelf full of books and you read a whole lot of them and there's a lot of good knowledge that's out there. And so when I looked across kinda my series of books one of the first ones that I would definitely recommend, is this one right here, "Social Engineering" by Christopher Hadnagy. This guy is a literal genius when it comes to social engineering. And I think that this is an awesome book. When you look at just how prevalent social engineering is as an attack tactic, it is literally used in 90% of the attacks that are out there. When you talk about fishing, whether you're talking about vishing with a voice call, whether you're talking about trying to social engineer your way into a building when it comes to physical penetration testing, and so this book covers a lot of the psychological mental and kinda the tactics that kinda come with doing social engineering and so 10 of 10 would definitely recommend the "Social Engineering" book by Chris Hadnagy. It's called the "Art of Human Hacking." - Neal, We were discussing this offline. I mean, sorry to interrupt again. Can you like give us like the 32nd? What is social engineering? And give us some examples we were talking previously about. Do you have any cool examples of something? So let's like, just bring that in right here. So this book, give us an example if you can have way someone did something using social engineering to circumvent like really high security or something. - So you say high security and it's hard to define where that bar for high security is in some of these pen test engagements. - Exactly. - I was pen testing a hospital here in the U.S. a number of years ago and hospitals are notoriously bad at security. There's is no one reason why that's the case. It's just, hospitals are open. There's not a lot of physical security as you would imagine because doctors have to move from floor to floor, from room to room, nurses have to move pretty frequently, you've got families that are coming and going out of the floors, it's hard to secure hospitals. Part of one of the pen tests that I did one time, was social engineering and physical access to the hospital. And I think one of the more glaring ones that I had done was I'd put on a polo, a nice polo, I was walking around the hospital with my backpack on and I had my Mac book in my hand, now on my Mac book I'm like any other pen tester, I've got stickers everywhere all over my Mac books so I mean, it's pretty clear that it's not your standard IT guy or maybe it is I guess it depends on what your perspective of what IT is, and I walked up to this receptionist in this hospital and I said, "Hey, we've got some reports of some network issues that are coming from this side of the building, do you care if I sit down right here at this desk right next to you and see if I can troubleshoot some of this networking stuff?" And she said, "Yeah, absolutely." So I literally took my hacker laptop, sat it down next to her, opened it up and pulled up Metasploit and some terminals and things like this and just started to hack literally right next to her. And after about 10 or 15 minutes, I just started Cain and Abel and I was like intercepting traffic and whatnot on the land port. I got to think to myself. I was like, "Well, I wonder if I can take this a little bit further." And so I turned to her and I said, "Hey, there appears to be some really weird activity going on with your account that I can see because I'm sitting right here next to you." I said, "Can you give me your password so that I can check and make sure that your account looks in order in the system?" And she said, "Yeah, absolutely." So she took out a post-it note, wrote her username and password on a post-it note and handed it to me right there on the spot sitting right next to her. I mean, but when you talk about like, that's why I laugh at the high security part because there's not really a high or a low security in some of these places when it comes to doing things like social engineering and that's not an edge case. It's fun to laugh at, but I could tell you numerous places where I've tried that similar tactic and technique and it works. You just seem like a smart guy. You seem like you're in IT. You have all these really cool things that I have no idea what it is that you're doing, so obviously you look like you're in IT and I couldn't ever imagine that a hacker would be sitting right next to me my own place of business. So yeah, here's my password have added. - So, I mean, let me push you a bit. Now social engineering versus technical skills is there a whole domain where someone can become a specialist in social engineering? The reason I asked this is because I saw a video on YouTube where a lady is supposed to be a social engineering expert and she pretend she's got a crying baby and she missing this phone call and she just like, seem so polite and seem so trustworthy that she gets past all the gatekeepers. - Yeah. I mean, I think so short answer is yes. And actually social engineering is one of those areas where it's not for everybody. As a matter of fact, I've had pen testers work for me. I had a brilliant pen tester work for me one year when I was working for a big four consulting company and he could do wireless and network based exploitation with the best of them. But we tried to get him to do a social engineering engagement, and he actually got physically anxious about the prospects of lying to another human being. And I'll tell this story because I this is also, when you talk about, social engineering stories, this is a fun story to tell- - Stories are always fun. So real world stories always the best so go for it. - I got stories for days. I got stories for days. So we were this particular engagement that we were doing was against the university in the Northeast part of the United States of America, and this was before we were ever going on site. This was, we were doing most of the social engineering remotely and so we had scraped their website and had come to find and universities again, like hospitals are terribly bad at security on a whole lot of fronts. And so universities naturally just wanna be open for all their students and all their faculty and things like that. And so they had posted on an IT page on the web, some noticeable downtime that they were gonna be having because of some IT work that they were going to be doing. And so we stood up, there's a .it domain. It's supposed to be for Italy, but you can pay like $75 for a domain and you can get a .it domain. And so we paid for this university's domain in .it and so it read like, and I can't say the university but it read like that university.it. And so it looked like it was an it domain and we scraped the webpage, we made it look just like the university and we took their online directory and we just started calling administrative assistants, we started calling executive assistants, we started calling people who would typically be at their desk and handling affairs for large divisions and our script was very much like, "Hey, you may have seen on the website that we've got this planned upgrade of this system? We need you to, while we're on the phone with you go to this university domain.it let's download this update together and let's make sure that we get your PC updated. And they did it. And they did it on the phone with us. And we tried to get... We wanted this individual to have his chance to practice his social engineering skills and he got physically anxious. And so kinda roundabout way to your original question was, yeah. I mean, it takes a certain mentality and this is gonna sound terrible from like an ethos perspective but it takes a certain mentality to sit on the phone with somebody or to look them in the eye and knowingly lie to them and trick them into doing something that you know could be detrimental to them. (laughs) - Yeah. As I can understand that some people wouldn't wanna do that. - Yeah. - So the idea of social engineering is that you're talking to humans so rather than machines. You're getting humans to do something that they shouldn't really do. - That's true. - Like you're tricking them basically to do something, yeah? - Yeah. I mean, you're eliciting a human response in the digital world whether that comes in the form of clicking on an email, giving up a user ID and a password, letting you into a building, right? Letting you have access to a calm closet, whatever the case is, it's eliciting that type of digital response. - So what do you like about that book? What does it teach you to do? So I'd like these kinds of how to interact with humans, how to read body language, what does it kinda teach you? - It's very much the psychology of it, right? It's how to make eye contact. It's how to engage in that conversation. It's mirroring techniques. It's how to read humans in a way that allows you to determine, do you still have control of the situation or has doubt entered into their mind and how do you control that doubt? And it's about carrying forth. Like you mentioned, the lady that you watched who had the baby crying in the background, it's understanding some of those social norms where, what is the impact of a baby screaming in the background have on a person's psyche when they're on the other end of the phone with you? What's the difference between, "Well, fine. Let me talk to your manager." Or even if you're conducting a penetration test, you're like, "Fine. I'll let you talk to my manager." And in this case, when we were doing the university, we actually did have somebody who wanted to talk to this person's manager and they literally handed the phone and I pretended to be the director of IT for this university. And so it's going through that prospect of understanding, what are the human emotional reactions whenever they're challenged or asked for something and then how do you counter those challenges? And it walks you through that path of basically defeating the human psyche when it comes to social Well engineering. - Okay. So that's great. So Neal, I should have asked you about your first book. So the first book is like more technical, isn't it? - It is. It is. It's more tactical. - And what's your third book? - So the third book that I have here, and since we talk a lot about OSCP and things like this, is this one right here, right? "Basic Security Testing with Kali Linux," right? And so this was done by Daniel Dieterle and this one really just kind of walks you through... This is almost a primer for how to use Kali Linux for doing day-to-day penetration testing. So it walks through Metasploit, it walks through open source intelligence gathering, it's got recon-ng in here. And so this is almost like they took everything that was available inside of Kali Linux and they put it inside of a, "Here's how to pick up Kali Linux and basically start doing penetration testing." And so when we talk about like, and you challenged me on this during the last video which I very much appreciate, right? Which is cert based, you getting searched for credentials and getting past the gatekeepers versus actually getting knowledge. And so I look at books like this and the reason that I highly recommend books like this is because you can pick this book up and you'd be like, "I wanna learn how to use recon-ng inside of Kali Linux." And you can go to the recon-ng section and you could figure out how to use recon-ng and you could start using recon-ng today. That's gaining knowledge in this space that's gonna help you actually know the tools and be more useful for the tools which is why I'm a huge fan of books. - Yeah, so I bet that's teaching you a whole bunch of tools in Kali? - Yeah. This one's really focused on the tool kit that you have available in Kali and so when you think about, when you're getting into this career space you're familiar with Kali because of OSCP, because of just the place that Kali has with most people in their testing toolkit. And so you have to have a manual just like you have for your car or just like you have for almost anything else, that tells you all the features and capabilities and tools that are inside of Kali. Obviously use with caution, as we've seen Kali change pretty extensively over the years but some of the fundamental tools that are listed in here like recon-ng and whatnot and how to use them, are still very much relevant in this book. - That's great. So what's your fourth book? - So the fourth book along that exact same line, is one that kinda dives a little deeper and is the "Metasploit Penetration Testing Cookbook," right? So we've talked about Kali from a broad sense, but one of the biggest toolkits that you're gonna use inside of Kali especially if you look at like kinda your Swiss Army Knife if you will of penetration testing tools inside of Kali, is gonna come to be Metasploit. And one of the things I like to talk about this is Metasploit, it's one of those tools that you don't have to run in Kali, you can fire up an Ubuntu VM, you can download Metasploit from the get rate repo and you can stand it up from scratch. And this type of book is still very useful as well and so it goes through the ins and outs of how Metasploit is built as a framework, the different components of part of it, the auxiliary modules, it talks about how to set it up as a proxy, how to set it up to do SSH tunneling, all of the scripts that you can do, how to do payloads that avoid antivirus and how to deal with things for post exploitation perspective. And so when we talk about, what happens when you get onto a box or where do you find these big, huge repositories of exploits that you can use during a penetration test, this is probably gonna be your first stop inside of Metasploit, and so that's why I like this one is because you start broad with the Kali book but then you can find truth your way down to something like this and focus in on Metasploit. And that right there between those two books, you've probably covered 70% of the knowledge that you need in the penetration testing industry to get started. - That's great. I mean, the problem with training courses sometimes is the costs. We spoke previously about SerDEs and you used to train for SerDes. I mean, it's really expensive but for a lot of people, they can get a book. I really like O'Reilly because O'Reilly has the subscription pack do the same. Have the subscription service where you can get access to a whole bunch of books. So just knowledge is much more freely available today than it used to be. But before I go off on a high horse again 'cause you and I are very good at that, what's your last book? - So the last book that I have, is actually called "The Hacker Playbook." It's a practical guide to penetration testing. So again, I'm a huge fan of having tools in a toolbox and for you to understand the tools that you have available to you. But I like also teaching mentalities and teaching concepts and teaching, how should you think as an ethical hacker? And so this book right here walks you through how to think about chaining exploits together, how to think about chaining attacks. When we talk about chaining exploits or chaining attacks, you asked me about social engineering, that's all well and good but what do I do once I've social engineer my way into that building or what do I do with that username and password? And that may seem like a simple example, but that type of like, "Okay, I have a step one that I have to do, now I have step two. Now I have step three. Now step four. Now step five." Where you combine social engineering with maybe, you've packaged up some piece of malware that gets you in an initial foothold and then you may have to do some post exploitation activity on that and some lateral movement, that all represents a chain. We've oftentimes referred to it as the kill chain, right? Or a chain of attacks. And so this book very much helps you get into that hacker mindset that says, "How do you take an initial access foothold and perpetuate your access across the entire environment and gets you into thinking about that like an attacker perspective?" So when you look at all five of these books, it encompasses Phillip Wylie's, getting in, here's what you need to get your foothold in the door as a career, as ethical hacking, now let's talk about the tools inside of Kali Linux, Social Engineering, Metasploit, and now let's talk about training your mentality of thinking like a hacker. And so that gives you, in my opinion, a very solid foundation into where your head should really be at coming into this Space. - I mean, that's great. And then we've mentioned this multiple times how do we practice? So like, let's say, read those books but reading about whatever tool is kind of pointless. How do I practice? - And this is where I go back to some of the things that we talked about during one of our first interactions together, right? These hands-on ranges like TryHackMe, Hack the Box, range forces is something we've stumbled upon recently on our channel, I did a walkthrough of the range force demos or the range force exercise range a couple of days ago on my stream- - I saw that. - Yeah. We've seen a lot of players come into this, "Hey, let's put our hands on the keyboard and let's teach you how to be more tactical." Because I think HR is really coming to realizing that certs are certs. We want people who have hands-on experience. We want people who can show that they're experienced in this realm. And that's why I push people into these lab environments, these online lab of ours, 'cause this is something and I don't know if we said this on your show before or we've said it on mine, this is something unprecedented. Like when I was coming up in this space, like I had to do my own servers. I had to have my own Cisco switches. I'd have my own virtual machines to practice all this stuff myself, which you can still do. I'm not saying don't do that, but now it's incredibly easy where you don't have to do that. If you have a laptop that you can put Kali on, you can go do TryHackMe. I don't even think you need Kali for some of these labs and TryHackMe, Hack the Box and things like that. You can just kinda go and start working on them. And that's completely unprecedented to when I was learning how to do hands-on in this space. - It's always been a problem. I mean, in networking we had the same problem in the past where you had to buy, I mean, we're showing our age again. You had to buy all the physical equipment of cost like 1000s and 1000s and 1000s of dollars and then- - I can remember the eBay stuff. Like you'd look for racks of stuff like CCNA one right here. - Yeah. I mean, it was mad and then everything got virtualized and now we have more and more of these online labs that people can complete or you can build these virtual labs using packet trace or whatever. So, I mean, it's really nice to see how the world has changed. And I mean, I'm a firm believer the more people that we can educate and the more people that we can help, the better the world's gonna be. So the chances for people all over the world being able to empower themselves through these platforms is fantastic. - And this is why again when we talk about, cert knowledge versus real knowledge, right? Go get a book, go get one of these five books. We'll get all five of these books. Go do TryHackMe, go to Hack the Box because you're gonna get more, and you're actually gonna be a better pen tester following this path, then following the path of like, "Well, should I go get CEH, right? Because you're not gonna be taught how to think about your attacks in a kill chain. You're not gonna get a deep dive on Metasploit and how to do antivirus evasion. You're not gonna understand literally almost every tool that's listed inside of Kali Linux. You're not gonna understand how to do social engineering attacks from CEH, right? That's not something you're gonna get- (laughs) - I know you love CEH, (murmurs). I've got a whole dedicated video on that which I'll link here... (laughs) but I'll put Neal in the hot seat about CEH. - Neal's very passionate about CEH. (laughs) - I gotta wind you up. So, Neal I mean, let's talk practical now. Okay. So those books are a great way to get started but surprise is we've actually got some additional books that you put together for practical stuff. So what are your top five practical, ethical hacking books? - No, that's fantastic and I'm glad you asked me for both, right? Because you're obviously getting started. But some things that I think, every pen testers should have on their shelf or every pen testers should read it at some point in time in their life. This book when is come out, has probably been the single biggest. I'm so glad to have this in my toolkit book that I've ever had. It's RTFM, it's Red Team Field Manual. And it's very thin. You can kind of see it's very tiny book, I think it's only like four or $5 on Amazon. I can't remember. I'm sure you'll find it when you post the video. But when you look at this book, this book I don't think this will show up well on camera- - [David] I'll take a screenshot so that's fine. - Yeah. It's got PsExec and here are the top three commands that you're gonna use for PsExec, you can skip forward a little bit and you can find Windows Registry. Here are the top Windows Registry keys that you need to be interested in, in terms of where to put your malware, how to use your malware, right? IPv4, IPv6, right? InMap, it's tool syntax for InMap and it breaks down all the commands and everything that you can use for InMap. And so even to this day, if I were to go on an engagement, this book is in my toolkit just like my hack five toolkit, just like all the hardware stuff. It's right next to my laptop and yes, if I forget a command, I'll check here first before I go to Google and figure out how to work it because they've done just such a great, great job of putting stuff into this book. And so number one is RTFM. Like, this is a huge book. Like you should have this in your arsenal. Because I'm also not necessarily related to practical at their ethical hacking but also along that same lines, just because I like to give a plug for my Blue Team folks, there is a Blue Team, a handbook that is also very similar to RTFM for "Incident Response Edition" which also walks you through very similar type stuff on the incident response side. So you know me, I'm always trying to plug the Blue Team at the same time that I'm doing the Red Team stuff. So that's why- - Neal, what I really appreciate about you since I've met you is the reason why I think it's good that you mentioned this stuff, it's just because there's so many more jobs for Blue Team. So yeah. Feel free. - Yeah. Yeah. I mean, it is. We've talked about that before. So yeah. So Blue Team equivalent, it's called the "Blue Team Handbook the Incidence Response Edition" still lots of good stuff in there. Again, it may be Blue Team, but again I tell my Red Teamers this all the time, right? Which is understand how an incident responder thinks that way you know how to evade them when you're doing a penetration test. - Yeah. That's a very good point. - I get asked a ton and I'm sure you do too when it comes to like which language you should learn- - I think we pulled it on. - I think we've answered that question all the time. Absolutely. And so I think I've mentioned Python. And so this is one of my favorite books right here "Gray Hat Python" and this walks through not necessarily, it assumes a very baseline knowledge that you have Python in there. So again, getting back to the fact that this is a practical set of books, you're kind of maybe a little bit more established but this walks through kinda how do you use Python, excuse me for certain APIs to do certain types of web scraping, to interact with certain tools and technologies that are out there, how do you basically use Python to help make you a better penetration tester? And so that's very much why I like the "Gray Hat Python" book very much because it walks through there's a lot of different use cases that you can use in terms of how to use Python, where you can make it better, does everything from helping you write malware find memory corruption, vulnerabilities, figure out how to interact with assembly language all the way to programming DLL injection, type of malware and remote thread creation. So very good book that covers a wide range of topics when it comes to using Python in the penetration testing space. - And I mean, just to summarize, we've discussed this multiple times. Python would be your first or preferred first language to learn, yeah? - Yeah, yeah. I think I've narrowed it. My top three is Bash, PowerShell and Python. And so I feel like you learn Bash and PowerShell as you come up in this space naturally. And so as you learn Python, a book like this helps you kinda take your Python really, in my opinion to the next level. - Is that all the books? - No, no. I've got two more. - I was gonna say (murmurs) I'm waiting for the next book. - Oh my God. I got you. I got you in the edge of your seat wait for books. That's good. - So this one, you can see this one has gotten quite a lot of use in my library here. This is the "Malware Analyst's Cookbook and DVD." One of the things that I think is important and you'll hear me harp on this all the time when I talk about penetration testers, ethical hackers, Red Teamers, is the hacker mindset. But one of the things that I think people lose sight of when they think about hacker mindset, is how does malware work, right? What is the thought process behind some of these criminal organizations when they go to develop malware? And so I think a well-rounded penetration tester has some malware analysis, expertise in them because that shows that they do understand either A, how malware works or B, at least the ability to notionally pick apart some malware to understand how it works because again, let's go back to the root of penetration testing. The root of penetration testing is to simulate an adversary, simulate a hacker attacking an organization, right? In an ethical fashion. How can you do that if you don't understand how malware works, if you don't understand the ins and outs of it? And so I'm a huge fan of getting well-rounding yourself out by throwing a little bit of malware analysis in here. So I think this is a fantastic book to kinda help you in that regard. - So Neal, I have to ask the question, are these books current to today or is it quite old? - So that's a great question. This book has been on my shelf for a while. This is a Wylie book. I don't even know what the copyright on this book is. - But it's still relevant, yeah? - Yeah. And that's kinda the key, right? If you're looking for something on zero login, obviously that's not gonna be here, right? But these books aren't here to teach you about like zero log-in or even about like start focusing on SUNBURST or SUPERNOVA or any of the stuff that's gone on with SolarWinds. These books help you build muscles, build core muscles that help you stand up regardless of the new tactics or techniques, regardless of new tools that come out, regardless of any of this stuff. This stuff's not here to teach you, how are you gonna do the latest AMSI bypass or ASLR, defeat mechanisms or things like this. This is here to teach you, "Here's how you use Python to make yourself a better penetration tester and there's stuff that you can use in there." Now the flip side of that, right? Is that we still see a lot of networks on the ethical hacking side that use things like Windows NT, Windows 95, Windows XP, we still see a lot of systems that don't have antivirus on them at all, don't have ASLR enabled, we tie this conversation as well about the efficacy of using PowerShell in penetration test and even PowerShell V3 not everybody has PowerShell logging turned on. Not everybody has got execution mode disabled on workstations inside of a corporate environment. And so you have to be careful when we talk about this concept of currency, what are you hoping to achieve with currency? Do you wanna know the iOS update that just got dropped today that I'm gonna talk about on my stream tonight? Is because of three, zero-days. Do you wanna know the ins and outs of those three, zero-days? No, you're not gonna read a book, right? But do you wanna understand how people find iOS zero-days or how to do bug bounties inside of iOS and things like this, that's where you're gonna pick up a book and read how to do that type of work. And so I'm always cautious when people say, "Well, how current are these books? What are you trying to achieve with currency or trying to build core muscles and core foundation or you try to exploit the latest and greatest thing that came out today?" - That's a very valid point. I mean, you get it in all spheres, you need to be able to crawl and walk before you run. So learn the basics? - Yeah. Yeah. Basics are something that is very commonly overlooked in our industry, that I I will always harp on. I'm that gym instructor who's like, "Did you do your pushups and sit ups today?" Like, that's it. I mean, you don't need to worry about bench pressing 300 pounds if you didn't do your pushups and sit-ups today. Like that's just not a case. (laughs) - So, I mean, I don't wanna like deviate now because by the time this video is published, your stream would have gone. But you're talking about you're interviewing someone where you're gonna talk about these zero-days. Is that right in Apple iOS? - Yeah. So tonight we are interviewing the former CSO of Splunk. He's also the former Deputy CSO of Symantec, Joel Fulton. He's got a fantastic story. If you get an opportunity to check out the stream that'd be fantastic. - I'll put at link below. - Yeah. He's got an amazing story about how he got into security and some of the things he does. It's truly one of the awesome rags to riches stories that we have in our industry. We're gonna be talking about literally the iOS zero-days that just got dropped today. We're gonna be talking about a lot of the other stuff that's happened from a cybersecurity news relevancy perspective and kinda get his take on it, his big picture, take from a cybersecurity perspective and then of course, we're gonna push him hard on his career advice having been a CSO, I very much take these opportunities with folks like him to give his CSO perspective on what he looks for when he hires cybersecurity people. Because again, we've talked about this on stream, right? You've got HR gatekeepers who are looking for CEH and Cert Plus and things like this. But I think what some people who come into this career field don't have, is the CSO sits at the very top. And the CSO is the guy who's like, "I don't care about that stuff. HR stop putting these stupid ridiculous gatekeeping stuff on getting people into cybersecurity." And I think it's important for audiences to hear, this is truly gatekeeping. Let's talk about what the real need of the real industry is and that's the message that I think people need to hear about how it is to get into this career field, not just what they focusing on the HR gatekeeping in the job Lex. - How do you say the winds of change where companies are realizing the certs are not as relevant and preps are now asking for other things or is this something that you're hoping to see happens? - I think the industry is still notionally split down the middle on it, and if you look at the big fours, so we talk about the big four accounting firms being like EY, Ernst & Young, PWC, Deloitte and KPMG, a number of years ago I think it was probably like four or so years ago, these are huge accounting firms. They're $50 billion organizations globally. They dropped for the most part all of them I think the KPMG may be the last one to drop it but I know EY, PWC and Deloitte have dropped their requirement for a four year degree to bring people into their organization. And I think that right there is a fundamental shift in a lot of companies to say, "Well, you don't need to have a four-year degree to come work for us anymore." And I think that HR teams and it's been proven and we've had two recruiters who have come on stream and talked about this as well. Some of these very, very attuned corporate recruiters and even some of the recruiters who are specific to the cybersecurity industry, do understand the value of hands-on practical experience more so than the paper chase that comes with the SerDes and so my advice to people is, don't let one recruiter tell you that you have to have 15 certs. Don't let one recruiter tell you that because you don't have OSCP, you can't apply for this job. Chances are that recruiter isn't the only one that's recruiting for that pen testing job. One piece of advice that I did give on stream that I'll share with you and your audience on your channel too is, you wanna be a hacker, you wanna be an ethical hacker, part of being an ethical hacker is thinking outside the box, right? How do you take a system and how do you make a system do what it is that you want it to do, through means other than what it was intended to do, right? You should be thinking about your career the same way. Right? And so I said this recently, I think I kinda got onto a small little Neal Soapbox on my stream here recently where I talked about hacking LinkedIn and I think you and I are gonna do a segment- - Let's not get into that 'cause I wanna put that in a separate video. But I'm gonna- - Will tease that one up. - That's gonna come in in another video 'cause I think this one's already too long. So Neal, you better give me the last- - The last one. (laughs) - I'm gonna put you on your Soapbox so we can put that in the next video. - The last box or the last book, right? And again, I go back to teaching concepts and teaching mentality, right? Is cyberwarfare, right? And this is actually one of the first books that I got about the subject when it first came out back in the day you mentioned O'Reilly and that's an O'Reilly book down there, this "Cyber Warfare" book. And I just looked at this, it's got a daily progress report from my days in the military. Like I didn't even realize that. Look at this, I've got stuff from the military still embedded into this book. I didn't even realize it. (laughs) Anyway, so this is a fantastic book by O'Reilly and again we talk about, and I'm okay being the old guy in the room and being like, "This is a history book, right? This is the first book that was really, really written to talk about some of the cyber conflicts that were happening across the world." And I mentioned this frequently, my time at the government I learned more about geopolitics dealing with, "Can you hack this nation from this nation?" If you're gonna attack Syria, you can't do it from any of these other middle Eastern countries because of all these interweaved geopolitical constructs. This book really dives deep into helping you understand why a hack on Estonia isn't just about, "Oh, Hey look, they defaced a couple of websites. So they brought down the internet of Estonia. It's about a larger geopolitical conversation. And so when we talk about understanding of the mindset of a hacker, right? I think it's easy to understand the mindset of a ransomware hacker, their mindset is go make money. But it's not easy to understand what the broader picture of cyberwarfare looks like across the entire world and so that's why I recommend this book immensely. - Okay. Now I'd like to put you on the spot. So you didn't know this was coming because I just thought of it. - Oh, oh. - Neal, I haven't got a lot of money. Give me the top three books if I wanna get in, like out of all those you've shown me 10 books or shown us 10 books, put you on the spot. Could you like recommend three books maybe just to get started 'cause I can only afford three books. - Absolutely. If you could only afford three books, "Pentester Blueprint" by Phillip. So that's book number one. I'm gonna go "Social engineering" with Chris Hadnagy, number two. Okay. And then I'll do this. And again, this is thinking outside the box, right? If you don't have a lot of money and you wanna be an ethical hacker, right? And you wanna get a job in ethical hacking, you're probably looking at OSCP as a far out thing but right now you need to solve problems of filling knowledge gaps. So "Pentester Blueprint" by Phillip, "Social Engineering the Art of Human Hacking" by Chris Hadnagy and then understand Kali Linux. Because eventually, eventually when you take your OSCP, all of this will be relevant but at least now you can start to use the number one pen testing toolkit that's out there on the market today and you can start doing things like TryHackMe, Hack the Box and everything else and at least you can familiarize yourself with the tools that you have at your disposal and start to get your hands dirty with those tools. So there you go. Those three books that I'd flip right back over to you and say, "That's what you do." - That's great. I mean, Neal this video has got really long, so I'm gonna cut it here and then we'll talk about LinkedIn, how do you like hack your career using LinkedIn and I wanna ask you some other stuff in a separate video, so thanks again for your time. - Absolutely glad to be here. (upbeat music)
Info
Channel: David Bombal
Views: 355,015
Rating: undefined out of 5
Keywords: hacking, cybersecurity, ethical hacker, ethical hacking, ethical hacking course, hacking books, hacking books for beginners, kali linux, kali, hacking for beginners, black hat hacking, hacker, learn ethical hacking, computer hacking, hacking tutorial, learn hacking, how to hack, ethical hacking career, ceh, oscp, comptia, hackers, nsa, hacking course, ethical hacking tutorial, oscp certification, elearnsecurity, ine, ctf, hack the box starting point, ethical hacking for beginners
Id: VrayWzHKVw4
Channel Id: undefined
Length: 39min 6sec (2346 seconds)
Published: Tue Feb 09 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.