Tuesday, January 27, 2009

Offensive Security: Backtrack 101

My day-job focus primarily on information strategy, with an occasional
excursion into the tactical level. Operational activities, such as actively pentesting is
relatively far removed from my day-to-day professional work. I have
always found it very important to have hands-on knowledge and skills,
and that is why I always keep my eye open for opportunities to keep my operational skills honed.

For a while, I have been eying the Pentesting with BackTrack (Offsec 101) training that is offered by Offensive Security, and finally decided to sign up for it.

While I have only just started and have not gone much past the introductory stuff, I am already impressed. I have already re-assessed my valuation of SNMP as an attack vector. Also, from an educational point of view, I appreciate the manual ARP spoof that is demonstrated in the course, immediately followed by the tools that can do it semi-automatically.

What I am also very impressed with is the way in which the whole class enrollment process is organized. Offensive Security has done a great job at streamlining it and makes it a pleasure to work with them before even starting the class.

Keep in mind though-- the class is not for the faint-of-heart, nor for people without a reasonable technical background. The material that is covered is well-presented and (to the best of my knowledge) factually correct. There is little or no hand-holding for stuff that they consider to be basic knowledge, and that is fine with me.

At the price that they charge, I would say that the class is excellent value for money.

Highly recommended! As I go further into the material, I will probably post some more on it.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.