6 01 2012



Definitive list of learning resources

4 06 2011
I’ve prepared a small list of resources helpful for learning h4cking. I will keep updating this list as and when I find good stuff.
Feel free to add more.

CEH v7 Review

25 04 2011

I am getting started in this infosec world. So I did some research on the internet as to “How to get started in this field? How important is certification?” The answers I got weren’t much encouraging but still one thing was clear, if you are new and want to get into this field, you have got to be certified. Learning this, I started looking for certifications, options were clear, I chose CEH v7 because of its market recognition.

Now lets get started with the review…

CEH is by far the best course for starters, it adds a star to your resume, gets your feet wet very quickly and the content too is suitable for starters only. 🙂

The syllabus comprises of 19 modules, starting with Intro to Ethical Hacking to Pentesting. Ideally training should be given for 5 days,  my trainer chose to speed it up even more. He did it in 4 days only!

The course material is 2 books and 5 dvds. Those 2 books are nothing but the instructor slides with some lab material! Seriously, whats the use of a book which has slides printed in it? They could make it awesome by detailing the techniques and some live scenarios to use those techniques, but they wasted it. DVDs: 4 dvds full of windows tools (mostly) and 1 Backtrack R2 DVD. 😀

Instructor quality: I did my training from a local APT which was renowned in my city. The instructor I got was OKish.  In this fast paced training, quality of trainer matters a lot. So you have to get some info about trainers at your location.

The syllabus for the course is well designed.  But there should be more emphasis on hands on training rather than theory. Things may be different at different locations because it all depends on what your instructors prefers. My instructor preferred to read the slides aloud as if we couldn’t even do that. Also some modules shouldn’t have been included in it. Modules like Buffer overflow can’t be taught in 1 hr!

All in all, CEH v7 is a good certification for starters. If you are getting sponsored, don’t worry, do it. Add a certification to your resume for free!

If you are going to pay for it, learn basic things first then sign up for it. It is fast, but gives a good head start into the industry.

Getting Started!

27 02 2011

Getting Started!

I know it took me a lot of time to even getting started. But I wanted to come up with some kind of useful stuff for the blog. In the meantime I published 1 post which is now deleted because it didn’t seem to fit in the flow.

In this post I am going to create a road map for getting started into the dirty InfoSec business. (It’s not dirty actually ;)). When I was just a little kid in InfoSec (I still am a kidJ), I used to read each and everything related to InfoSec that came to me, and then start following that for some days eventually with fading interest. Then I decided to make a blueprint so that I can always track where I currently stand on my journey to becoming Ninja. In this process I have created some rules or “note-to-self” type advices which come in very useful. I would like to share them here so that if someday by chance any n00b comes to this blog, will not get boggled down by the vastness of this field.


First thing: do not try to do everything.

What usually happens is, you are interested in InfoSec. So you start following interesting people on Twitter, their blogs etc. Then you come across some neat trick someone explained in their blog. You decide to try that on your own. Then some other person shares another cool trick on a different blog, which is in a totally different domain. You want to try that too! You go ahead but then you mix up all the things. Don’t do that! Decide what you like the most. Follow that with passion. Be a master in that, and then try something else. It will give you a boost.


Second thing: do not follow others roadmap as it is.

This is really important. You are reading a roadmap here and I am telling you to not to follow these paths. Many people have different opinions on how to get started in InfoSec. They have expressed their views on the net. Read them all. But after all it all comes down to what you really like. So, from all that you have read, create your own roadmap. Follow it religiously.


Third thing: Love what you do, Do what you love!

Last thing: Always maintain your “Can Do” attitude! This industry needs you!



Hello world!

14 12 2010

Hello and welcome to Security Learnings. I am Adi and this is the place where I am going to post my learnings in network security. For some reason, I am going to keep the title of this post as it was given by WordPress : “Hello world!”

As a programmer, the first program that you see in any language is Hello World. And I have done that quite often. I have started learning C,C++,Python,Ruby,Perl… and what not, but the problem is, I never became master of any of them. And now, time has come to become a Master. That is why I am creating this blog, I have done this stuff many many  times before but every time I start doing something new, I have to go places just to revise the stuff I already know. So this time, this blog will act as a central place to store my learnings and at the same time if these things are of any use to anyone, I will be more than happy.

I hope to create step by step guides to tools, post links to interesting articles/blogs, provide tips and tricks as well as videos, if I am that good 🙂 Lets see how far this goes.

Keep Hacking 🙂