Home Discovery
Rachel Tobac Steals CNN Reporter’s Data (~5m) - https://www.youtube.com/watch?v=LYilP-1TwMg
Rachel does social engineering and penetration testing for a living, and this briefly explains how she got his data with very little effort before the yearly Las Vegas infosec conference Defcon.
Scamming Scammers with Kitboga - https://www.youtube.com/channel/UCm22FAXZMw1BaWeFszZxUKw
Kitboga runs a channel dedicated to baiting scammers and wasting their money. They usually operate on a script, so he performs some hilarious misdirection to annoy them while also pointing out the various tactics they use along the way.
Metasploit Unleashed - https://www.offensive-security.com/metasploit-unleashed/
This is an excellent walkthrough to what Metasploit is capable of. Follow along and test things out with your own VM of Metasploit and Metasploitable!
Research Project
(BOOK) - Ghost in the Wires by Kevin Mitnick
An excellent book by a famous hacker from the 90s who ended up working with the FBI to reduce his sentence. Reads like a story and documents a long history of his knack for social engineering combined with cybercrime. Interesting in that his motivation was mostly seeing what he was capable of, rather than abusing the information he discovered.
(BOOK) - Spam Nation by Brian Krebs
Excellent, gripping introduction to the world of organized cybercrime by a tech journalist. Really eye-opening read about the larger networks that run online spam operations to raise money for other illicit operations.
(PROJECT) - OverTheWire Bandit - https://overthewire.org/wargames/
OverTheWire hosts a number of challenges to see the various tiny holes that can be used to escalate privileges, bypass access controls, and evade security measures in so many different ways. They will give you the commands you’ll need to solve the challenge; try poking around and reading the manual pages for each tool to see if you can figure out which parts will help you solve the challenge.