Академический Документы
Профессиональный Документы
Культура Документы
Warning: This is not the kind of case study you would expect from an established company. If you expect a case study that shows you how great our new course is, youd better close this file because you will be disappointed. This document explains how a boy, dreaming to become a Penetration Tester, pushed back our course release by 6 months! And, yesthat actually made our course the great course it is now.
after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.
by +++The Mentor+++ Written on January 8, 1986 Credit: Phrack - Volume One, Issue 7, Phile 3 of 10
Damn kids; they are all alike. My younger brother is no exception. Yesmy brother. It must be some sort of genetic disease. Apparently, my brother fell victim to the insatiable curiosity typical of the early 90s hackers before him like me. Its the same curiosity that keeps you up all night, browsing the internet and reading tutorials. Its that unrelenting fixation that makes you get bad grades in school or gets your boss pissed off and in your face, scolding your drowsy ass at work the next day. Its more than curiosity; its a mission, a passion. My brother was bitten by the same bug that inspired my true passion to explore the secret realm deep inside the inner sanctum of computers the same passion that compelled you to read this PDF right now. Its in our blood: a hypnotic enchantment for this field, the endless opportunities, and the incredible feelings of discovery that rush through us every time we uncover something new.
As a beginner, learning is a matter of trial and error, going back and forth through different topics without a clear path and wasting time on outdated or unrelated contents. The truth is, 90% of the people get frustrated with the process and give up. My brothers problem was that he lived miles away from me, and I had a hard time explaining things to him by email all the time! Phone calls didnt help much either, by the way. Needless to say, his first steps into the field of hacking were a mixture of aha! moments and unbearable frustration. His passion for hacking and pentesting grew while my staff and I were publishing the Penetration Testing Professional Course, back in 2010. Those were the craziest days of our lives. But, being the persistent pain in the butt that he is, I promised to put together a very small course for him. It would be just a few PDF guides that he could print out and bring to school to read during those boring hours in Latin class. He eagerly accepted my offer, and I began on what I thought would be a couple weeks of work to put the contents together. Well, its not hard to imagine that, due to the success of our professional course and our busy schedule, it actually took me a couple of months to come up with something workable for him. Or at least I thought it was workable
Our contents did not contain all the background skills that a beginner needed BEFORE he could ever understand a thing about security, hacking, attacks, exploits and so on; and Our contents did not contain any tips from instructors that would guide the student through all of the content we had put together.
It was unbelievable how I could manage to forget all the little details and necessary background skills that every single hacking technique depends on. I was taking all of the basics for granted, but a novice would just be fumbling around in the dark! What he was really looking for was guidance. He needed someone to show him the path and give him a direction to follow, not just a few unrelated tutorials or slides to read. Bottom line: We had managed to build an exceptional professional course our flagship, The Penetration Testing Professional Course. But somehow we had forgotten the long process and struggle we went through, back when we were just learning, that brought us from beginner to expert status. The frustration, the highs, the lows, the perseverance and the enlightened guidance we wished we had! At this point I either had to let my brother give up his passion or apply the lesson I just learned from him in a brand new course, built from scratch side by side with HIS guidance.
4 Confessions of a Beginner
Its sad, as professionals, how easily we forget our humble beginnings and the high emotions of those early days, when we manage to launch our first exploit. Its like becoming a skilled lover and then forgetting about the magic of romance. Whether its making love or hacking, the first time you do it you dont understand half of what youre doing, but when its done youre the happiest person in the world because you did it, and you are now privy to much of the mystery and excitement. I didnt want to give up on my challenge, and I didnt want my bro give up on his passion. It was still October, 2010. We trashed the contents, and a completely new course had to be written. This time, for every chapter I wrote, I received a ton of questions from him. I applied all of his suggestions and then answered all of his questions in the content. For each technique, we noted all the necessary background skills required from IP addresses to Firewalls, from Network protocols to HTTP basics. These had to be structured into a completely new section of the course. Additionally, the only text we used in the course was to describe the images. Videos and audio narration were used in place of text. Ilaria, the e-learning developer, had the best time of his young career transforming text into animation and narration and submitting it to my brother, who became the boss of this project. The first draft of the course was looking almost awesome, to use the young bosss words. Why almost? Something was missing: The whys and The am I correct?
Basically, when youre hungry to learn new things you tend to skip the boring stuff and get right to the juice. So, the background skills (mainly about networking and programming in this field) were the most boring and difficult
eLearnSecurity srl 2011 | www.elearnsecurity.com
for him. He found that if we included the reason WHY each piece of background information was useful for his hacking studies, he would devour it as if it were actual hacking, and not boring stuff. Before even beginning to study any preliminary topic such as networking, my brother would know how and when that information would become useful. Guess what? This, and the high interactivity of the course, finally let him get through the boring stuff and have a lot of fun doing it. But still, one final piece was missing. When you are first starting out, you dont see the big picture clearly. You have to guess and make assumptions. But how do you know your guesses and assumptions are right? You need some kind of proof to be convinced that youve mastered the topic you just read and that you can finally move on to the next level of expertise. Thats why we decided to convert all of my brothers questions into self-assessment quizzes at the end of each chapter. Four to eight interactive questions would provide him with a final assurance about the topics he just learned. Failure means that he will have to dive deeper into the subject matter; Success means that he can move ahead to the next topic. Simple and effective.