foreword
Cybersecurity , by definition, without security, is not cyber. Nowadays, the security industry is developing rapidly, we call for professional inaugural personnel and college students, and you, do you think you are qualified to be a hacker?
This article is aimed at beginners and practitioners in all information security fields. It plans a detailed network security learning route for you , and attaches high-quality learning materials , so that you can quickly become a master of network security on the increasingly complicated network security track. A monthly salary of 10k is not a dream!
Misunderstandings and pitfalls of self-study network security learning
1. Don't try to become a programmer first (programming-based learning) and then start learning
In my previous answers, I have repeatedly emphasized not to start learning network security based on programming. Generally speaking, learning programming is not only a long learning cycle, but also there are not many key knowledge available after the actual transition to security
If ordinary people want to learn programming well and start learning network security, it often takes a long time, and it is easy to give up halfway. And learning programming is just a tool, not an end. Our goal is not to become a programmer. It is suggested that in the process of learning network security, what will not be filled, which is more purposeful and less time-consuming
2. Don’t take deep learning as the first lesson
Many people are aiming to learn network security well and solidly, so it is easy to use too much force and fall into a misunderstanding: it is to learn all the content in depth, but it is not right to use deep learning as the first lesson of network security. good idea. The reasons are as follows:
[1] The black-box nature of deep learning is more obvious, and it is easy to learn and swallow
【2】Deep learning has high requirements on itself, it is not suitable for self-study, and it is easy to enter a dead end
3. Don’t Collect Too Much Data
There are a lot of learning materials about network security on the Internet, and there are several gigabytes of materials that can be downloaded or watched at every turn. And many friends have "collection addiction", buying more than a dozen books at once, or collecting dozens of videos
Many online learning materials are extremely repetitive and most of the content has not been updated a few years ago. During the introductory period, it is recommended to choose "small but refined" materials. Below I will recommend some learning resources that I think are good for Xiaobai. Read on patiently.
Suggestion 1: Seven Levels of Hackers
Hackers are full of temptation for many people. Many people can find that this field is like any other field. The deeper you go, the more you will be in awe. Knowledge is like an ocean, and hackers also have some levels. Please refer to the sharing of Zhichuangyu CEO ic (a member of the world's top hacker team 0x557) as follows:
Level 1 Lengtouqing [millions of people]: know how to use security tools, can only scan and decipher passwords easily
Level 2 system administrators [tens of thousands of people]: make good use of security tools, especially familiar with
the development of systems and networks Level 3 large companies Personnel or core security company Da Niu [thousands of people]: very familiar with the operating system, started to develop codes, wrote their own scanner Level
4 can find and exploit vulnerabilities [hundreds of people]: can find loopholes by themselves, find 0DAY by themselves and Write Exp to exploit loopholes, do protocol testing for exploiting loopholes in the system
Level 5 high level [less than a hundred people]: people who defend and build systems
Level 6 elite level [dozens to a dozen people]: have a good understanding of the operating system In-depth
Level 7 Big Niu Niu [Few]: Mark Zuckerberg, Albert Einstein and other people who changed the world
You can see, what level are you at now? You may be wondering which level I am at, my level is not high, and I am on the way to seek a breakthrough. However, I have also practiced the other two skills, which may allow me to make a more interesting breakthrough. As for what it is, I am sorry, how dare I be presumptuous before I succeed.
Suggestion 2: learn to observe
I often say that the Internet is full of treasures, and observation is the first necessary skill. If you are good at observing and summarizing, you will discover some ways faster, which will make your life easier than others.
Suggestion 3: circle
In the above process, you will definitely become familiar with some IDs. Do you want to make some friends? Show your strengths, sharing is important, no one likes to reach out or troll.
It is especially recommended to understand the classic attributes of all groups in the next circle, and recommend the books "The Selfish Gene" and "The Crowd".
Tip Four: Creativity
I mentioned before that to be creative enough, there are two key points, one is "vision" and the other is "focus". Vision is horizontal, and concentration is vertical. The two need to be balanced, because human energy is limited (the law of energy conservation). As long as either one is out of balance, neither will exist.
For most people, focusing is the most difficult. After all, this is an immediate process of entropy reduction, a process of self-organization of information. Seriously, you accelerated the end of the universe because of your focus. As for why, it will not be expanded here. In short, it is really difficult to focus, and you have to force yourself a lot of times.
Because of selfish genes, human beings are always bursting out their creativity consciously or unconsciously. Some creativity can change the world, some creativity can change the family, and some creativity can change yourself. These are all creativity. How much creativity you need depends on your genes, on who you want to be.
After all, there are "very few" people who can change the world...
Suggestion 5: Some good resources
Open your browser and search for:
i Chunqiu, Wuyun, Zhichuangyu R&D skill table v3.0, FreeBuf, enough!
If these few clues don't open up your hacker world view and make you creative enough, then it's useless to ask more. I suggest that you really savor some of the knowledge they give, follow the vines, and gradually extend your tentacles to the world. As I said earlier, learn to observe
super hacker
This part of the content is still relatively far away for students with zero foundation, so I won’t go into details, and attach the learning route.
If the picture is too large and is compressed by the platform and cannot be seen clearly, you can follow me and send it automatically in the background
Video supporting materials & domestic and foreign cybersecurity books, notes & tools
Of course, in addition to supporting videos, we also organize various documents, books, materials & tools for you
If you want to get into hacking & network security, the author has prepared a copy for everyone: the most complete network security information package on the whole network for free
epilogue
The network security industry is like a river and lake, where people of all colors gather. Compared with many decent families with solid foundations in European and American countries (understand encryption, know how to protect, can dig holes, and are good at engineering), our talents are more heretics (many white hats may not be convinced), so in the future Talent training and In terms of construction, it is necessary to adjust the structure and encourage more people to do "positive" "system and construction" that combines "business" and "data" and "automation" in order to quench the thirst for talents and truly serve the society in an all-round way. Internet provides security.
Special statement:
This tutorial is purely technical sharing! The purpose of this tutorial is in no way to provide and technical support for those with bad motives! Nor does it assume joint and several liability arising from the misuse of technology! The purpose of this tutorial is to maximize everyone's attention to network security and take corresponding security measures to reduce economic losses caused by network security. ! ! !