[ Penny ] - 0x00 > Overview



##– What is the “Penny”-Guide? –

With this guide I want to help the newbies who wants to enter the world of IT-Security and give them a picture which is (in my opinion) essential to understand that it’s much harder than you think.

There is a lot of theory and much more practice behind it.

##– My story –

My empathy starts as I was 2 years old. I watched my dad how he turns on the computer and use it. How he worked with the mouse and the keyboard and so on. Someday as my parents slept yet, I turned on the PC, started playing my first game “Warcraft” and rushed my first round.

A few years later I feel the urge to find out a way to manipulate the values of the resources I already have.
I couldn’t take this feeling off.

In the middle of 2015 I decide to enter the world of the IT-Security. At this moment I already was 24 years old. So I asked myself “Isn’t it too late for me to enter this area?”. I am a guy who acts extreme in everything I do. The question was answered by itself. I decided to go the hard way. After a lot of research I found a course called “Penetration Testing with Kali Linux” by Offensive Security. With 0 experience I purchased this course because at this moment I had no idea how I can enter this area otherwise. I didn’t expect what I had done :frowning:. Did I know it before, I think I would never started it.

And with this I am on my first section.

##– Personal Attitude –

I will structure this guide very detailed and will add some challenges to it which you can use to try out the things you will learn. But the most important thing is - I don’t want you become a skriptkiddie!!!
But before you should read the next parts of this guide you make sure you have the right attitude for it.

  • Motivation
    |_ You have to want to learn it - just your volition will decide how good you’ll become.

  • Patience
    | Be very patience. Now I think I will break the neck of your motivation but you will need YEARS to become a good Pentester. The most important skills of a Pentester you need to have a solid understanding of almost all categories behind IT(-Security).

  • Affinity
    | You don’t need to be genius. But solid understanding how to work with your OS and why you can interact with others over Internet is required. If not so -> Google.

  • Ambition
    | One of the most important things you need! in the future you will have to solve problems where you will lost days or maybe weeks. So won’t be able to give up. Like Offensive Security says - Try Harder!

  • Independence
    | At this area you’re at your own. Nobody will answer your question if it’s too general. If you study math at your university and I will ask you if you can explain me how multiplication table works - you will kick my ass off. You will ask me “What the hell are you doing here without this ‘basics’ ?”. Do it for yourself - not for others.

  • Constructive thinking
    | In my opinion - You should plan everything. Each day, each week, each month and each year. Just try it out. To succeed you will need a construct how you are working, how and when you will study and when you want to archive your goal.

  • Determination
    | Notice your goals. Do it as detailed as possible. “I want to become a good pentester” - is far from “detailed”. Now you have to demonstrate your ability of independence and discipline.

##– The Structure of “Penny”-Guide –

Pentesting requires a lot of knowledge.
I will show you the sections I will create for this guide in the future.
(I’m still working on the order yet and in the meantime I will change, add and edit the guide.)

  • OS

    • (VirtualBox)
    • Windows 7/8
    • Debian
  • Networking

  • TCP/IP
    • TCP
    • UDP
    • Structure
    • Content
  • Subnetting
  • VLSM
  • HUB/Switch
  • ARP
    • MITM
  • Router
  • NAT
  • Proxy
  • VPN
    • OpenVPN
  • Networktraffic
    • Capturing the traffic
    • Analysis
    • Filtering
  • Services
    • DHCP
    • DNS
    • WEB
  • Databses

    • Theory about Databases and SQL
    • MySQL
    • PostgresSQL
    • MSSQL
  • Programming

    • Theory about Programming-Languages and OOP

    • In-Depth:

      • BASH
      • Python (main)
        • Basics
        • Networking
        • Nmap
        • Structure
    • Basics:

      • PowerShell
      • C/C++
      • C#
      • Perl
      • Ruby
      • PHP
      • ASM
      • JavaScript
  • Firewalls

    • Theory behind Firewalls
    • IPTables
    • PfSense
    • Windows Firewall
  • Buffer Overflows

    • Theory about Buffer Overflows
    • Stack based BOs
    • Heap based BOs
  • Pentesting Practice

  • Methodology

    • OSSTMM
    • PTES
    • OWASP
  • Practice

    • VulnHub
    • PWK
    • Hacking-Lab

I think this will be enough to give you the basics after you can go further by your own.
Cya later. :wink:

Because of less time and the difficulty to structure this half-decent I will create the promised topics, but a little bit later. Sorry for that. :wink:


I looked for something exactly like this about 8 years ago. My attempt ended up in failure as I couldn’t find the resources and stopped learning about pen testing. I came back recently and now going at it. Wish tutorials like this were available back in the day. Or maybe I just failed to locate them.
Anyway, big thanks to people like you for making these noob friendly startup tutorials. Cheers!