How to Get Started

Getting into cybersecurity can be a bit daunting. It is a huge and rapidly evolving field that contains numerous specializations including penetration testing, incidence response, digital forensics, network engineering, malware analysis, and more.

If you are just getting started here is what we recommend:

  1. Learn Linux and/or Windows Server as well as Bash or Powershell respectively.

  2. Learn the basics of computer networking and the OSI Model.

  3. Interact with the club and ask questions. We want to help!

Our GitHub Organization

CofC Cyber Security Club on GitHub

We have a lot of resources and projects we are working on over on GitHub, check it out! If you are an active club member we will also add you to the organization upon request so you can contribute as well.

Linux

Linux is a family of open source operating systems. Many prominent Linux distributions (distros) exist and are designed for a variety of use cases including personal computers (ex Ubuntu, Fedora), mobile devices (ex Android), embedded devices (ex BusyBox), and servers (ex Red Hat, Ubuntu Server).

Getting Started

  1. Linux Command Line for Beginners by Ubuntu
  2. Linux Command Line Youtube Playlist

Infosec Oriented Distros

There are Linux distros specifically built with pentesting and infosec in mind. Here are some of our favorites.
If you are new to linux/cybersecurity we recommend you start with Kali.

  1. Kali
  1. Parrot
  2. Black Arch

Other Important Distros

  1. Debian
  2. Ubuntu and Ubuntu Server
  3. Red Hat Enterprise Linux
  4. CentOS
  5. Fedora

Virtualization

Hypervisors like VirtualBox and VMware allow you to create and run virtual machines (VMs) on your computer. This allows you to run multiple operating systems on one computer, each in its own virtualized environment.

We recommend you set up Kali Linux in either VirtualBox or VMware using the guides here.

  1. VirtualBox
  2. VMware Workstation Player

The Tools of The Trade

These are some of our favorite tools, check them out! The most important to know are nmap, netcat, and Wireshark. Most of these tools come prepackaged with Kali Linux.

  1. nmap: THE network mapper
  2. netcat: Swiss army knife network debugger and investigation tool
  3. Wireshark: Extremely powerful network packet analysis tool
  4. Metasploit: Prominent pentesting framework
  5. OWASP ZAP: Web app security scanner
  6. Radare Cutter: Decompiler and Disassembler
  7. Nikto: Web server scanner
  8. hashcat: password cracker (more GPU heavy)
  9. john the ripper: password cracker (more CPU heavy)
  10. Aircrack-ng: Wireless cracker and analysis suite

Hardware Hacking

Some cool hardware projects relevant to cybersecurity.

  1. Hak5: Hak5 makes a ton of pentesting and infosec gear including the infamous WiFi Pineapple as well as network implants, hardware keyloggers, and more
  2. Raspberry Pi: Cheap, powerful, and versatile single board computer good for any tech projects

The Cloud

Nowadays cloud knowledge is crucial to virtually anything computer science including software engineering and cybersecurity. Pick a platform and learn the basics! Most platforms offer a decent amount of free credit per month to get started.

  1. Amazon Web Services
  2. Google Cloud Platform
  3. Microsoft Azure

Youtube Channels and Playlists

  1. Hak5: Hak5 updates, HackByte, Hack Across America, ThreatWire, etc.
  2. IppSec: HackTheBox walkthroughs
  3. danscourses: Lots of networking tutorials
  4. TechWorld with Nana: Tons of DevOps tutorials
  5. Hackersploit: HackerSploit is the leading provider of free Infosec and cybersecurity training. Our goal is to make cybersecurity training more effective and accessible to students and professionals.
  6. NetworkChuck: If your goals are to obtain your CCNA, CompTIA A+, CompTIA Network+…I’m here to help you with that goal in any way I can!

Practice

  1. Metasploitable 2: Vulnerable VM to practice pentesting against
  2. Vulnhub: A collection of vulnerable VMs to practice against
  3. Hack The Box: Another collection of vulnerable VMs
  4. Over The Wire: Bandit (Bash): Learn security concepts in wargames challenges
  5. Under the Wire (Powershell): Like Over The Wire, but with a focus on Powershell
  6. Posh-Hunter: More advanced powershell for both blue and red team ops

Competitions

Here’s some of the competitions that are on our radar. Our defense team competes in both PCDC and SECCDC annually and any club member can compete with us in National Cyber League which takes place every Fall/Spring semester.

Defense Team

  1. Palmetto Cyber Defense Competition (PCDC)
  2. Southeast Collegiate Cyber Defense Competition (SECCDC)
  3. National Collegiate Cyber Defense Competition (NCCDC)

Anyone

  1. National Cyber League ($35.00 for the individual game and team game)
  2. PicoCTF (FREE)