How strong is China's hacker (white hat) technology?

 

Technicians are white and black.

White hat masters in Ali, Tencent, 360.

Typical representatives: keen team, Yuan Ge, TK leader. . .

Black hat masters are among the people, holding several tons of big data. Brush the game, wash Q, do whatever you want.

So how strong is the technical ability?

Microsoft's top100 security contribution list MSRC has more than 30 Chinese on the list.

However, countries still have a lot of hidden strength. For example, the NSA in the United States. The abilities of these people surpass even the top white hats.
 

If you want to become a white hat hacker, you can check out the following:

Basic computer knowledge

• Computer hardware: Understand the functions and working principles of various computer hardware, such as processors, memory, hard disks, graphics cards, etc.
• Computer operating system: understand the basic principles of the operating system, system security, file system, etc.
• Data structure and algorithm: understand the basic knowledge of data structure, such as array, stack, queue, linked list, binary tree, graph, etc., as well as the classification and analysis of basic algorithms.
• Programming languages: Learn one or more programming languages, such as Python, C++, Java, Ruby, Perl, etc., so that you can better understand cybersecurity.

Cyber ​​Security Fundamentals

• Network protocol: learn the basic knowledge and application of TCP/IP protocol, understand common protocols such as HTTP, FTP, SMTP, etc.
• Network topology: understand the composition and layered structure of the network, including LAN, WAN, MAN, etc.
• Network security vulnerabilities and threats: learn common network security vulnerabilities, such as buffer overflow, SQL injection, cross-site scripting, etc., and master the techniques to prevent and solve these vulnerabilities.
• Encryption technology and decryption technology: learn encryption and decryption technology, such as symmetric encryption, asymmetric encryption, hash algorithm, etc.

hacking skills

• Penetration testing: Understand the process, technology and tools of penetration testing, and master the skills of using penetration testing tools such as Nmap and Metasploit.
• Vulnerability Exploitation: Learn how to discover and exploit common vulnerabilities such as SQL injection, XSS, etc.
• Social Engineering: Learn the basic concepts and techniques of social engineering, including Phishing, Spear Phishing, etc.
• Port scanning and identification: Learn how to use port scanning tools to scan networks and hosts, and learn how to identify services and applications with open ports.
• Cyber ​​Attacks and Defense Techniques: Learn how to use cyber attack tools and techniques such as DoS, DDoS, etc. and understand how to defend against these attacks.

Internet Security Tools

• Network scanning tools: Master how to use network scanning tools to scan target hosts and networks, and learn how to identify network topology and open ports.
• Penetration testing tools: understand the basic concepts and usage of penetration testing tools, such as Nmap, Metasploit, etc.
• Malware analysis tools: Master how to use malware analysis tools, such as IDA Pro, Ollydbg, etc., to analyze malware behavior and virus characteristics.
• Packet Capture and Analysis Tools: Learn about packet capture and analysis tools like Wireshark, Tcpdump, etc. to analyze network traffic, protocols, and packets.
• Security protection software: understand the types, functions and principles of security protection software, such as anti-virus software, firewall, intrusion detection system, etc.

Practical experience and study skills

• Practical experience: Accumulate practical experience by participating in CTF competitions, penetration testing challenges, vulnerability submissions, and network protection operations.
• Learning skills: understand and use online resources, books, blogs, forums, etc. related to network security, such as Safe Bull, FreeBuf, Kanxue Forum, etc.

In conclusion, systematic self-taught white hat hacking (cyber security) requires broad and in-depth knowledge, including computer fundamentals, cyber security fundamentals, hacking skills, and cyber security tools. Mastering this knowledge takes time and patience, active practice and continuous learning.

Recommended 10 books related to network security:

• "Hacking Attack and Defense Technology Collection: Web Combat Chapter" - Yu Hongtao
• Practical Guide to Web Penetration Testing - Dark Horse Programmer
• "Network Security Attack and Defense in Simple" - Chen Yuhui
• "Metasploit Penetration Testing Guide" - Yang Jin
• The Hacker and the Painter - Paul Graham
• "Python Black Hat: How to Program Hacking and Penetration Testing" - Justin Seitz
• The Art of Cybersecurity: The Eye of Hackers - Steven Levy
• Penetration Testing Guide - Hackers & Geeks
• Penetration Testing in Practice: How to Pass the Exam - Kevin Cardwell
• "Cyber ​​Attack and Prevention in Actual Combat" - Zheng Huanle

These books cover the basics of network security, penetration testing, hacking techniques, programming, offensive and defensive combat, etc., which can help you fully understand and master the knowledge and skills in the field of network security.

Recommend several network security-related tools that need to be learned in the early stage:

• Wireshark: A packet capture and analysis tool that can be used to analyze network traffic and protocols, and is very helpful for understanding network communication and network security.
• Nmap: A network scanning tool that can be used to quickly scan the ports and services of the target host to discover vulnerabilities and weaknesses in the network.
• Metasploit: A penetration testing tool that includes many commonly used attack modules and exploit codes, which can be used to test the security of the system.
• Burp Suite: A web application penetration testing tool that can be used to intercept, modify and send HTTP requests, and analyze web application vulnerabilities.
• Hydra: A password cracking tool that can be used to crack commonly used usernames and passwords, test the system's strong password policy and user authentication mechanism.

The above tools are very popular and commonly used tools in the field of network security. Mastering them can help you conduct network security testing and attack and defense practices. Of course, mastering these tools requires good computer foundation and network security knowledge. When learning and using these tools, please be sure to follow the principles of legality, compliance, and ethics.

Summarize

To sum up, learning network security requires establishing a solid basic knowledge, mastering common tools and techniques, continuously improving skills through practice, and paying attention to legal compliance and ethics in order to become an excellent hacker or network security practitioner.

Zero-Basic Introduction to Network Security

For students who have never been exposed to network security, I have prepared a detailed learning and growth roadmap for you. It can be said that it is the most scientific and systematic learning route. It is no problem for everyone to follow this general direction. If you need it, you can tell me in the comment area.