I’ve been interested in security for quite a while now. Over the past few years, I have learned quite a lot. Past and present employment has not presented me with many security-focused projects, but during my day to day tasks, security always plays some part.
In 2018, I studied for and got Comptia Security+ certified. This was a small step in this journey that I’ve begun. In 2019 I came across penetration testing videos on YouTube. These looked really interesting and were something I definitely wanted to learn more about. YouTube is a great resource for information, but it can be incomplete. I began studying for Comptia’s Pentest+ certification. The materials I used included:
Video Series:
Jason Dion’s Pentest+ course on Udemy
ITProTV’s Pentest+ course
I also watched lots of videos on youtube from The Cyber Mentor, IPPSEC, I.T. Security Labs, and Hackersploit.
Physical books:
Virtual Labs
I got a Hackthebox subscription for a couple of months and went through walkthroughs on a couple of retired boxes. I also tried a couple on my own but was not successful. Hackthebox has some great challenges but I needed something more basic or instructional.
I tried Tryhackme and I loved it. I'm definitely going to be using this for a while moving forward. I went through some of the basic learning paths on things I was not very comfortable with.
I set up several VMs to run older OS and Vulnhub machines.
Practice tests:
I took the exam in April of 2020, this was just after Pearson Vue released it’s online testing platform, so it was a new experience from what I had in the past, with Comptia exams.
I found the Pentest+ exam to be a difficult one, I took my time and flagged any questions or PBQs was I not confident in. I went over them 2 more times. Submitted the results and Passed :D .
Since becoming Pentest+ certified, I am continuing to use Tryhackme when I can and I regularly watch/listen to Security Podcasts and videos on Youtube.
My next steps are going to be creating a more Blue Team focused home lab with PFSense and Security Onion. I’m currently procuring hardware for this and beginning to study for Comptia’s CySa+ certification.