write at the beginning
The author himself studied in an ordinary undergraduate school in 2017. In June 2020, when he had three years of experience, he successfully passed the school recruitment internship interview and entered a large factory. Now he works in a safety laboratory of a large factory.
Why do I say self-taught hackers? For ordinary people, I still advise you to forget it. Because I am that unusual person.
First of all, let me talk about my understanding of hackers & network security. In fact, the most important thing is my interest and love.
And I entered the big factory mainly by self-study. I was only 20 years old at the time. Based on my love for hackers, every time I finished my work, I would read this book every day. I didn’t even care about and actively research various technologies and Taking on some tasks (unlike most lay-flat people), I may still feel that I am not enough. I gnawed the basics of tcp/ip protocol, routing and switching °, and learned c++ for a while. Based on my school background, I also inevitably have some inferiority complex. I always feel that I came from a wild way, and I want to sort out the system of guerrillas and regular troops. I've been looking at php in recent months (yes, that's the best programming language), and I plan to look at the authoritative guide to http in the future. In addition to work, I also took the initiative to familiarize myself with the equipment of several manufacturers, which may be the spirit of "ingenuity" in me. This is my unusual performance!
How to Teach Yourself Hacking & Cyber Security
Hacker Zero-Basic Introductory Learning Route & Planning
junior hacker
1. Theoretical knowledge of network security (2 days)
① Understand the relevant background and prospects of the industry, and determine the development direction.
②Learn laws and regulations related to network security.
③The concept of network security operation.
④Multiple guarantee introduction, guarantee regulations, procedures and norms. (Very important)
2. Penetration testing basics (one week)
①Penetration testing process, classification, standards
②Information collection technology: active/passive information collection, Nmap tools, Google Hacking
③Vulnerability scanning, vulnerability utilization, principles, utilization methods, tools (MSF), Bypass IDS and anti-virus reconnaissance
④ Host attack and defense drill: MS17-010, MS08-067, MS10-046, MS12-20, etc.
3. Operating system basics (one week)
①Common functions and commands of Windows system
②Common functions and commands of Kali Linux system
③Operating system security (system intrusion troubleshooting/system reinforcement basis)
4. Computer network foundation (one week)
①Computer network foundation, protocol and architecture
②Network communication principle, OSI model, data forwarding process
③Common protocol analysis (HTTP, TCP/IP, ARP, etc.)
④Network attack technology and network security defense technology
⑤Web vulnerability principle and defense: active/passive attack, DDOS attack, CVE vulnerability recurrence
5. Basic database operations (2 days)
①Database basics
②SQL language basics
③Database security reinforcement
6. Web penetration (1 week)
①Introduction to HTML, CSS and JavaScript
②OWASP Top10
③Web vulnerability scanning tools
④Web penetration tools: Nmap, BurpSuite, SQLMap, others (chopper, missing scan, etc.)
Congratulations, if you learn this, you can basically work in a network security-related job, such as penetration testing, web penetration, security services, security analysis and other positions; if you learn the security module well, you can also work as a security engineer. Salary range 6k-15k
So far, about a month. You've become a "script kiddie". So do you still want to explore further?
Friends who want to get involved in hacking & network security, I have prepared a copy for everyone: 386G, the most complete network security information package on the entire network, for free!
Due to the limited space, only part of the information is displayed, friends, if necessaryA full set of " Introduction to Network Security + Advanced Learning Resource Pack ",needClick on the link belowYou can go to get
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
7. Script programming (beginner/intermediate/advanced)
in the field of network security. Programming ability is the essential difference between "script kiddies" and real hackers. In the actual penetration testing process, in the face of a complex and changeable network environment, when the common tools cannot meet the actual needs, it is often necessary to expand the existing tools, or write tools and automated scripts that meet our requirements. Some programming ability is required. In the CTF competition where every second counts, if you want to efficiently use self-made scripting tools to achieve various purposes, you need to have programming skills.
For a zero-based entry, it is recommended to choose one of the scripting languages Python/PHP/Go/Java, and learn programming for common libraries; build a development environment and choose an IDE, Wamp and XAMPP are recommended for the PHP environment, and Sublime is strongly recommended for the IDE; Python programming learning , the learning content includes: common libraries such as grammar, regularization, files, network, multi-threading, etc., "Python Core Programming" is recommended, do not read it; ·Use Python to write vulnerability exploits, and then write a simple web crawler; ·PHP basic syntax Learn and write a simple blog system; Familiar with MVC architecture, and try to learn a PHP framework or Python framework (optional); Understand Bootstrap layout or CSS.
8. Super Hacker
This part of the content is still relatively far away for students with zero foundation, so I won’t go into details, and post a general route.
Network security engineer enterprise-level learning route
If the picture is too large and can't be seen clearly due to the compression of the platform,
click the link below to get it
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
Video supporting materials & domestic and foreign network security books, documents & tools
Of course, in addition to supporting videos, various documents, books, materials & tools have also been sorted out for you, and have been classified into categories for you.
Some video tutorials that I bought myself, and other platforms can’t get free prostitutes:
Due to the limited space, only part of the information is displayed, friends, if necessaryA full set of " Introduction to Network Security + Advanced Learning Resource Pack ",needClick on the link belowYou can go to get
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
epilogue
The network security industry is like a river and lake, where people of all colors gather. Compared with many decent families with solid foundations in European and American countries (understand encryption, know how to protect, can dig holes, and are good at engineering), our talents are more heretics (many white hats may not be convinced), so in the future Talent training and In terms of construction, it is necessary to adjust the structure and encourage more people to do "positive" "system and construction" that combines "business" and "data" and "automation" in order to quench the thirst for talents and truly serve the society in an all-round way. Internet provides security.
Special statement:
This tutorial is purely technical sharing! The purpose of this book is by no means to provide and technical support for those with bad motives! Nor does it assume joint and several liability arising from the misuse of technology! The purpose of this book is to maximize everyone's attention to network security and take corresponding security measures to reduce economic losses caused by network security. ! ! !