Education on System Overlord

Security 101: Learning From Home

david@systemoverlord.com (David Tomaschik) — Wed, 08 Apr 2020 00:00:00 +0000

Outside, there’s a pandemic. We’re being asked to stay indoors, shelter in place, and avoid social contact. Conferences are cancelled, live trainings are out of the question. Some businesses are closing (hopefully temporarily) and there are unfortunate layoffs and furloughs across the board. It’s a tough time.

Rather than dwell on the negative, focusing on something else can help you get through this mentally. Learning something or growing your skills can both help take away from the anxiety of the situation and also help you come out of this a better person. Whether you’re just getting started in security or looking to advance your career, or just looking to become more security-aware as an individual, there are some great options for learning from home. My lists below are by no means comprehensive – there’s more content than I can shake a stick at. However, these are intended to be good for beginners and have a diverse set of content. If you know of something I should have included, please reach out.

Preparing for Penetration Testing with Kali Linux

david@systemoverlord.com (David Tomaschik) — Wed, 14 Feb 2018 00:00:00 +0000

If you spend any time at all on Reddit or forums for information security students, you’ll find dozens of questions about preparing for the Penetration Testing with Kali Linux (PWK, aka OSCP) class from Offensive Security. Likewise, I’ve been asked by a number of people I know personally about moving into the security realm. I figured I’d put together some notes on how to prepare and the knowledge that I believe is necessary to succeed with the PWK class. Additionally, all of the skills listed here are skills I would expect even the most junior of penetration testers to possess.

Building a Home Lab for Offensive Security & Security Research

david@systemoverlord.com (David Tomaschik) — Tue, 24 Oct 2017 00:00:00 +0000

When I wrote my “getting started” post on offensive security, I promised I’d write about building a lab you can use to practice your skillset. It’s taken a little while for me to get to it, but I’m finally trying to deliver.

Much like the post on getting started, I’m not claiming to have all the answers. I’ll again be focusing on an environment that helps you build a focus in the areas I most work in – penetration testing, black box application security, and red teaming. (And if you’re wondering about the difference between a penetration test and red team, there will be a post for that too – I promise they’re very different.)

Getting Started in Offensive Security

david@systemoverlord.com (David Tomaschik) — Mon, 18 Sep 2017 00:00:00 +0000

Please note that this post, like all of those on my blog, represents only my views, and not those of my employer. Nothing in here implies official hiring policy or requirements.

I’m not going to pretend that this article is unique or has magic bullets to get you into the offensive security space. I also won’t pretend to speak for others in that space or in other areas of information security. It’s a big field, and it turns out that a lot of us have opinions about it. Mubix maintains a list of posts like this so you can see everyone’s opinions. I highly recommend the post “So You Want to Work in Security” by Parisa Tabriz for a view that’s not specific to offensive security. (Though there’s a lot of cross-over.)