1. Thinking before starting
1. Do I really like being safe?
2. Am I just trying to make money through security?
3. I don't know what to do is just casual.
4. Do you want to do information security for the rest of your life?
These incomprehensions will be detrimental to your future development. Instead of learning web security blindly, it is better to make a long-term plan first. Otherwise it's a waste of time in my opinion. If you have considered learning according to my plan, I can't guarantee how awesome you will be after practice, but finding a 6k-9k job is definitely not a problem.
1. Purpose
The purpose of this question is to bring you a quick introduction to web security. It is my learning experience not to engage in bluffing. It will not involve particularly detailed technologies, but to guide you how to learn systematically to avoid detours and save time. Be confident. Don't think anyone or anything is awesome, don't underestimate yourself, and don't overestimate others. study hard.
2. Experience
When we study web security or anything, we need to focus on learning in stages, such as studying XSS, so most of our energy during this period is only studying XSS. XSS is usually combined with CSRF to achieve better utilization effects, but don't spend too much time on csrf, study the next vulnerability type after thorough research on xss, and focus on research.
3. Read more books and analyze articles
When learning code auditing, I think the most effective way is to read relevant books first, then find two articles that analyze 0day, and analyze the same version of code in the article according to the gourd painting. This is very helpful for your growth and progress very fast .
4. Organize notes
I think this is the most important. This is a good habit, which allows us to summarize and consolidate the techniques we have learned. In the process of summarizing, form your own understanding and innovation of technology.
2. About network security resources
Network security is a very important part in today's information age. Whether looking for a job or being interested (hacker), they are the top choices in future career choices. In order to protect your own network security, learning network security knowledge is essential.
If you are preparing to study cyber security (hacking) or are currently studying, the following should be useful to you:
①Network security learning route
②20 penetration testing e-books ③357
pages of notes on security attack and defense ④50
interview guides on security attack and defense CTF capture the flag problem analysis
1. Network security (hacker) learning route
The network security (hacker) learning route forms a summary of all knowledge points in the field of network security. Its usefulness lies in that you can find corresponding learning resources according to the above knowledge points to ensure that you learn more comprehensively.
2. Network security tutorial video
When we watch videos and learn, we can’t just move our eyes and brain without using our hands. A more scientific learning method is to use them after understanding. At this time, the hands-on project is very suitable.
3. Practical cases of network security CTF
Optical theory is useless, you have to learn to follow along, and you have to practice to apply what you have learned to practice. Here are CTF&SRC data&HW data. After all, actual combat is the only criterion for testing the truth~
4. Network security interview questions
Finally, all our actions are for employment, so the key step is the content of our interview questions, so the interview question section is an indispensable part of us. What I prepare for you here is what I prepared during the interview. data of.
Internet security is actually not difficult, but the hard part is to persist and believe in yourself. My experience is that since you have chosen Internet security, you have to believe in it, and believe that it can become an efficient channel for you to advance in the future, so that you will have more confidence in yourself. Learn to persevere in times of difficulty.
Opportunities belong to those who are prepared. This is an era of strength. The gap between people does not lie in IQ, but in how to use spare time. As long as you want to learn, it is never too late to start. Don’t worry about this or that. You just need to work hard and leave the rest to time!
A full set of network security learning materials have been uploaded to CSDN. If you need them, you can scan the QR code of the CSDN official certification below on WeChat to get it for free [guaranteed 100% free]