As a network security penetration engineer who has worked for many years, I know that for a zero-based beginner, network security may be a very strange and somewhat scary field. But don't worry, as long as you are willing to spend time and effort to learn, you can also become a good network security expert.
Cyber Security Learning Path
First of all, I would like to share with you the network security learning route
For beginners with zero foundation, they first need to understand the laws and regulations, basic concepts and terminology of network security. Understanding these foundational concepts will help you better understand other aspects of cybersecurity.
Next, you need to master network architecture and communication protocols, which are very basic skills and a necessary basis for your further study of network security. After mastering these basic skills, you can start to learn some more specific areas of network security, such as: intrusion testing, penetration testing, vulnerability assessment and defense, network security monitoring and so on. Studying these areas will help you develop a more general understanding of cybersecurity and acquire practical skills.
Finally, don't forget to keep learning and keep a keen sense of new technologies, network security technology is a field that is constantly updated and evolving.
Let's get down to the specific technical points , the network security learning route, the overall learning time is about half a year, depending on each person's situation.
If you refine the content you need to learn every week to this level, you still worry that you won’t be able to learn it, and you won’t be able to get started. In fact, you have learned it for two months, but you have to learn from east to west, what? The content is just a taste, and I haven't gone deep into it, so I have the feeling that I can't get into the door after studying for 2 months.
1. Concepts related to web security (2 weeks)
- Familiar with basic concepts (SQL injection, upload, XSS, CSRF, one-word Trojan horse, etc.);
- Google/SecWiki through keywords (SQL injection, upload, XSS, CSRF, one-word Trojan horse, etc.);
- Read "Mastering Script Hackers", although it is very old and has errors, it is still possible to get started;
- Watch some infiltration notes/videos to understand the whole process of actual infiltration, you can Google (infiltration notes, infiltration process, intrusion process, etc.);
2. Familiar with penetration related tools (3 weeks)
- Familiar with the use of AWVS, sqlmap, Burp, nessus, chopper, nmap, Appscan and other related tools;
- To understand the purpose and usage scenarios of such tools, first use the software name Google/SecWiki;
- Download the backdoor-free versions of these software for installation;
- Learn and use, specific teaching materials can be searched on SecWiki, for example: Brup's tutorial, sqlmap;
- Once you have learned these commonly used software, you can install Sonic Start to make a penetration toolbox;
3. Infiltration combat operation (5 weeks)
Master the entire stages of penetration and be able to independently penetrate small sites. Look for infiltration videos on the Internet to watch and think about the ideas and principles, keywords (infiltration, SQL injection videos, file upload intrusion, database backup, dedecms exploits, etc.);
- Find a site/build a test environment for testing by yourself, remember to hide yourself;
- Thinking penetration is mainly divided into several stages, and what work needs to be done in each stage;
- Study the types of SQL injection, injection principles, and manual injection techniques;
- Research the principle of file upload, how to truncate, double suffix spoofing (IIS, PHP), parsing exploits (IIS, Nignix, Apache), etc.;
- Study the principles and types of XSS formation, the specific learning method can be Google/SecWiki;
- Study the method and specific use of Windows/Linux privilege escalation;
4. Pay attention to the dynamics of the security circle (1 week)
- Pay attention to the latest vulnerabilities, security incidents and technical articles in the security circle;
- Browse daily security technology articles/events through SecWiki;
- Pay attention to practitioners in the security circle through Weibo/twitter (if you encounter a big cow’s attention or a friend’s decisive attention), take time to check it every day;
- Subscribe to domestic and foreign security technology blogs through feedly/fresh fruit (not limited to domestic, usually pay more attention to accumulation), if you don't have a feed, you can look at the aggregation column of SecWiki;
- Cultivate the habit of actively submitting security technical articles to link to SecWiki every day for accumulation;
- Pay more attention to the latest list of vulnerabilities, and recommend a few: exploit-db, CVE Chinese library, Wooyun, etc., and practice when encountering public vulnerabilities.
- Follow the topics or videos of domestic and international security conferences, and recommend SecWiki-Conference;
5. Familiar with Windows/Kali Linux (3 weeks)
- Learn Windows/Kali Linux basic commands and common tools;
- Familiar with common cmd commands under Windows, such as: ipconfig, nslookup, tracert, net, tasklist, taskkill
- wait;
- Familiar with common commands under Linux, such as: ifconfig, ls, cp, mv, vi, wget, service, sudo, etc.;
- Familiar with common tools under the Kali Linux system, you can refer to SecWiki "Web Penetration Testing with Kali Linux", "Hacking with Kali", etc.;
- Familiar with metasploit tools, you can refer to SecWiki, "Metasploit Penetration Testing Guide";
6. Server security configuration (3 weeks)
- Learn server environment configuration, and be able to discover security problems in configuration through thinking;
- IIS configuration under Windows2003/2008 environment, pay special attention to configuration security and operation permissions;
- The security configuration of LAMP in the Linux environment mainly considers running permissions, cross-directory, folder permissions, etc.;
- Remote system reinforcement, restrict user name and password login, and restrict ports through iptables;
- Configure software Waf to strengthen system security, and configure mod_security and other systems on the server;
- Use Nessus software to perform security detection on the configuration environment and discover unknown security threats;
7. Script programming learning (4 weeks)
- Choose one of the scripting languages Perl/Python/PHP/Go/Java to learn programming of commonly used libraries;
- Build a development environment and choose an IDE. The PHP environment recommends Wamp and XAMPP, and the IDE strongly recommends Sublime;
- Python programming learning, learning content includes: grammar, regularization, files, network, multi-threading and other common libraries, recommend "Python Core Programming", do not read it;
- Write the exploit of the vulnerability in Python, and then write a simple web crawler;
- Learn PHP basic grammar and write a simple blog system, see "PHP and MySQL Programming (4th Edition)", video;
- Familiar with the MVC architecture, and try to learn a PHP framework or Python framework (optional);
- Understand Bootstrap's layout or CSS;
8. Source code audit and vulnerability analysis (3 weeks)
- It can independently analyze script source code programs and find security problems.
- Familiar with the dynamic and static methods of source code audit, and know how to analyze the program;
- Find and analyze the vulnerabilities of open source programs from Wooyun and try to analyze them yourself;
- Understand the causes of web vulnerabilities, and then search and analyze them through keywords;
- Study the formation principles of web vulnerabilities and how to avoid such vulnerabilities from the source code level, and organize them into a checklist.
9. Security system design and development (5 weeks)
- Be able to build your own security system and put forward some security suggestions or system architecture.
- Develop some practical security gadgets and open source to reflect personal strength;
- Establish your own security system and have your own understanding and opinions on company security;
- Propose or join the architecture or development of large security systems;
With the route, the next step is to fill the route with knowledge points, how can it be done? You can choose to read books or watch videos, and choose according to your personal preferences. However, books and videos can only be used as an aid, and the most important thing is to actually fight!
The following are some recommended reading books for you. These books cover multiple fields and aspects of network security. You can choose the books you are interested in for study:
1. "Web Application Security Testing Guide" : This book covers the basic knowledge and techniques of penetration testing, vulnerability assessment and application security, and is very suitable for beginners to learn.
2. "Hacking Attack and Defense Technology Collection: Network Chapter" : This is a very comprehensive network security tutorial, covering many important topics, such as network scanning, vulnerability exploitation and intrusion detection.
3. "Training Course for Network Security Engineers" : This book is a very good network security guide, which explains in detail the concepts, techniques and tools of network security, suitable for beginners to learn.
4. "The Art of Network Security: Attack and Defense" : This is a classic network security book, which tells many interesting stories and examples, and is very suitable for beginners to learn and understand network security.
5. "TCP/IP Detailed Explanation" : This book is a classic network protocol tutorial. It has an in-depth explanation of network protocols and is very helpful for those who want to understand network security in depth.
In addition to reading books, there are some technical points that must be learned. Here are some key technical points I listed, you can start to learn from these technical points:
1. Operating system : Understand Linux and Windows operating systems, master basic operations and command line knowledge.
2. Programming language : Master a programming language, such as Python, C, C++, etc., which will help you better understand and develop tools.
3. Network protocol: understand TCP/IP protocol stack and other common network protocols, such as HTTP, FTP, etc.
4. Penetration testing tools : Familiar with some commonly used penetration testing tools, such as Nmap, Metasploit, Burp Suite, etc.
5. Security assessment and defense: understand common vulnerability assessment and defense technologies, such as WAF, IDS/IPS, etc.
You can refer to the video tutorial to understand and learn these knowledge points. I am also ready for the tutorial here.
The above are some recommendations I gave you. Of course, this is just the tip of the iceberg. I also have other more learning resources here.
Finally, I want to stress again: cybersecurity is a field that is constantly evolving and updating, and you need to keep learning and keep a keen sense of new technologies . In addition, you must always maintain curiosity and exploration spirit , because network security is full of unknowns and challenges, and you need to have the ability and spirit to solve problems.
I hope my sharing can be helpful to you. This full version of the online security learning materials has been uploaded. If you need it, friends can scan the QR code of the CSDN official certification below on WeChat or click the link to get it for free [guaranteed 100% free]
https://mp.weixin.qq.com/s/rB52cfWsdBq57z1eaftQaQ