Home | Street #CySec - Tales of a cybersecurity journey

01010100 01101000 01100101 01000111 01100001 01101101 01100101

Reading List

While there some penetration testing courses out there are great, some of which changed radically (and for the better) my knowledge and way of approaching challenges, I’m still a big fan of self studying because of how you can delve deeper into your favorite arguments, plus, reading and learning the experts’ tips and tricks is a great way to look at things from a different point of view. I am compiling this list of must read books, and I hope you can find it valuable:

Georgia Weidman: Penetration Testing - A hands on introduction to hacking.
Along with the BlackHat EU 2019, this is the book that got me started. Georgia has an excellent way of teching, with visual examples to follow along while reading. The book itself is a bit old and something might not work, but online there are many resources to fix/change what might be broken, e.g. like this. Either way, if you want to get started reading a book and really get you hands dirty, then look no further!
Peter Kim: The Hacker Playbook 2. This book is another must read. While written in 2015, and even though there is a new version (v3, aka Red Team Edition), it is still an awesome reference. Peter Kim’s explanation is straight to the point and clear, covers A LOT of different tools and techniques which are derived from his personal experience conducting assessments. He gives advice to build a vulnerable home Active Directory Lab on which to practice the techniques described, and, since technology evolves quickly, provides updates on such tools and techniques on his blog, so that even if the information in the book is outdated, the reader can still adapt it and have a working version. Some of the techniques described were completely new to me and had a real wow factor when first read, such as the printer exploitation and building a custom reverse shell with its C2 infrastructure! While, as I said, Peter’s explanation is clear, I still recommend gaining some experience before actually reading this book, and if you’re wondering whether skipping this one and going straight to the V3, I think that both books go along well, and as such complement each other. To sum up: a very interesting read, both for the new and the seasoned pentester!

whoami

Hello everyone and welcome to my blog! My name is Matteo and I am currently working as an Ethical Hacker. I pursued a double masters' degree in Telecommunication Engineering and I like everything technology related, but in particular cybersecurity and networks. After attending BlackHat EU 2019 meetings I decided what I really wanted to do after University and taking advantage of the unfortunate lockdowns of Covid-19, I started my journey to become a penetration tester! In this blog you will find my adventures in the pentesting field, possibly some tips and tricks, certifications and courses reviews, TryHackMe and HackTheBox writeups and many more. Enjoy your stay!

Contact

Feel free to contact me at anytime for doubts, suggestions or whatever comes to your mind, even just to chat! I will answer as soon as possible.