Where to start...

[lexacon]

I have gotten somewhat good at maneuvering around Ubuntu so I thought I'd give Backtrack 5 a go since it is known to be a great place to learn system security, pen testing, and the like. I am aware that I could easily go onto duckduckgo.com (google if you will), and search for a decent tutorial to get me started in BT5, but I want some input from people who have already taken tutorials or know sites that would be good to look around in. I started learning C, C++, and a tiny bit of Python, but I am nowhere good in either. I am not sure if that should be my starting point or not... Input please! Thanks

[samiux]

@lexacon,

I would suggest you to take the Offensive Security's Penetration Testing with BackTrack course. You will learn a lot about that.

May I suggest my course review of Penetration Testing with BackTrack (PWB)?

Part One
Part Two

Samiux

[thorin]

http://www.backtrack-linux.org/forum...ad.php?t=33114

[anonymousHippopotamus]

I'm also new to backtrack, I have a decent amount of experience in programming c++ and c and have been using linux based systems for quite sometime. I was wondering which topic would be the easiest/best to start with, I understand there are a lot of resources, but to a beginner the vast amount of information is sort of overwhelming. Thanks in advance.

[aerokid240]

If you are looking for free resouces, there are tons available on the web as thorin pointed out. If you don't mind spending a little on a book, Backtrack 4: Assuring Security by Penetration Testing ( can be purchased on amazon for around $50) is decent resource for the beginner and is based on backtrack 4 (most of the tools and concepts still apply to BT5). I have a blog that might be useful to you as well that you can check out here.

[anonymousHippopotamus]

Ok thanks! Yeah I understand there are a lot of resources, but as I said, to a beginner its like looking at an entire library of information with no idea where to start. Also, I found video lectures for using metasploit at security tube for those who are new and are also not sure what to do first. Has anyone else watched these? They seem informative but since I know nothing, everything seems informative haha...

[shadowzero]

Since you have some background in Ubuntu already, level up on your Linux mastery by trying out something a bit more hardcore like Slackware, Gentoo, or ArchLinux. Recompile the kernel, play around with networking, setup some printers, basically - learn how to control the OS and figure out where the quirks are. Understanding how Linux works is crucial to privilege escalation later on. You can't expect to understand some of the Metasploit modules unless you know what it is they're exploiting and how it works.

[anonymousHippopotamus]

Ok thanks for the advice. I've actually started to do the "Linux from scratch" distro or however you'd categorize that.

[aerokid240]

Ok thanks! Yeah I understand there are a lot of resources, but as I said, to a beginner its like looking at an entire library of information with no idea where to start. Also, I found video lectures for using metasploit at security tube for those who are new and are also not sure what to do first. Has anyone else watched these? They seem informative but since I know nothing, everything seems informative haha...

Thats why i mentioned the backtrack book. Securitytube and others (blogs included) are great resources for learning, but aren't necessarily organized in a manner that takes you through some basic principles and builds on it to more advanced topics. As a beginner that want to get their feet wet using backtrack and doesn't have a clue where to start or what he should learn first, the book "Backtrack 4: Assuring Security by Penetration Testing" is a great option. Not only is the information organized, and builds on the concepts and tools learned from previous chapters, its one of the few books (if not the only one, not sure) that is based on the backtrack distribution. And like others have mentioned, you would definitely want to up your linux knowledge. The Metasploit: The Penetration Tester's Guide book is an awesome book, but it's purpose isn't to get new backtrack users aquainted with the distibution. After you are somewhat familiar with backtrack then the metasploit book is the way to go for furthering your knowledge.

[anonymousHippopotamus]

just ordered the book