Tuesday, July 30, 2013

Learning security

Over the past few years I have begin to develop an interest in computer security and cryptography. I am going to attempt to document the process of learning for my benefit and others.

I have several tasks that I am currently working on to help this process.

Matasano crypto exercises- I first hard about this on hacker news and it rocks. I did the first set and a half a couple of months ago and then got rely busy so I haven't been able to make forward progress recently. Was doing them in Google go and that was fun

Enigma group challenges. I am user qianyilong. Currently I am still going through the basic skills ones.

Overthewire.org - I had a good friend who works in web security recommend these to me. Have played with several of them.

Coursera's cryptography 1 course - I am currently going through this but I found the class late and am so far behind that I don't think I can get credit but since I am doing this to learn I am OK with that.

At work a group of guys are doing a cryptography book group. The first half of the group if focusing on the abstract algebra background using the textbook from abstract.ups.edu

I am also following Bruce Schneier's  blog and cryptyo gram monthly email. I read his book applied cryptography cover to cover.

Things I am looking at

I just finished reading the basics of hacking and penetration testing by pat engebretson

I am reading Modern cryptanalysis by Christopher swenson

After reading the book on pen testing I am also looking into exploring
The owasp goat project as a learning opportunity.
Metasploit
Owasp zap
Many other tools that I have seen mentioned. I have created a little virtual machine security lab that I can use to try some of these things out.

So this post was long but this is the initial dump. I hope to update this blog near daily with my current status in learning.