1. The misunderstanding of network security learning
1. Don’t try to learn cybersecurity based on programming
Don't start learning network security based on programming. Generally speaking, learning programming not only has a long learning cycle, but also transitions to network security and uses programming. There are not many key points of programming used. If ordinary people want to learn programming well and start learning network security, it often takes a long time, and it is easy to give up halfway. It is suggested that in the process of learning network security, what can not be filled, which is more purposeful and less time-consuming. Learning programming can determine how far you can go on the road of network security, so it is recommended that you learn some basic programming knowledge by yourself
2. Don’t start with deep learning about cybersecurity
Learning pays attention to this method. It needs to be done step by step, from shallow to deep, and gradually increase the difficulty. Many people learn vigorously at the beginning, and it is easy to get tired later. The more they learn, the more boring they may be. It's easy to give up.
3. Collect Appropriate Study Materials
There are many online security learning materials online. And many friends have "collection addiction". They collect a lot of books and dozens of videos at once. They feel that the more learning materials the better, but the learning materials on the Internet are extremely repetitive. It is recommended to choose learning materials that are useful to the public. The materials I have compiled here are all up-to-date, and cannot be found on other platforms.
4. Appropriate class registration
Many people think that class registration is a waste of money, and they feel that self-study is good, but in fact, self-study also requires a certain talent and understanding, and the self-study cycle is long, and some impatient learners may be eager to learn. For learners who have found a job, it is easier to enroll in classes. The learning period is not long, and they will learn a lot. It is recommended that learners choose whether to enroll in classes according to their own conditions.
2. Some preparations for learning network security
1. Hardware selection
Learning network security does not require a computer with high configuration. The computer used by hackers is never selected according to high configuration, as long as it is stable. Because of some programs used by hackers, low-end CPUs can also run very well, and they don't take up much memory. The hacking is carried out under the DOS command, and the computer can be used in the best condition.
2. Software selection
Many people will be entangled in whether to use Linux, Windows or Mac system for learning hackers. The Linux system is not friendly to beginners. The Windows system can also use a virtual machine to install a target machine for learning. Of course, the system is selected according to the learner's own feelings.
As for programming languages, Python, PHP, C++, and Java are all available. Learning programming is just a tool, not an end. Our goal is not to become a programmer, but to become a network security officer. Programming is just to understand the program.
3. Foreign language ability
Computers were first born at the University of Pennsylvania. Many nouns or codes are in English. It takes a week to translate a vulnerability into Chinese. During this time, the loopholes may be patched. If you don't understand some professional terms, you will also have obstacles when communicating with other hackers, so you need a certain amount of English and understand some professional terms.
3. Network security learning route
Phase 1: Getting Started with Basic Operations
The first step to getting started is to learn some current mainstream security tool courses and supporting books on basic principles. Generally speaking, this process takes about 1 month.
While studying basic introductory courses, read related books to supplement theoretical knowledge. Here are some recommended books:
"White Hats Talk about Web Security"
"Deep Analysis of Web Security"
Practical Guide to Web Security Attack and Defense Penetration Testing
Phase Two: Learning the Basics
At this stage, you already have a basic understanding of cybersecurity. If you study the first step carefully, you already understand what is sql injection and what is xss attack, and you have mastered the basic operations of security tools such as burp and cs. The most important thing at this time is to start laying the foundation! The so-called "foundation" is actually a systematic study of basic computer knowledge.
The third stage: actual combat operation
1. Mining SRC
The purpose of digging SRC is mainly to put the skills into practice. The biggest illusion in learning network security is to feel that you know everything, but when it comes to digging the loopholes, you can’t do anything. More is to carry out practical operations and apply theoretical knowledge. To practice, to ensure a better grasp of knowledge points.
2. Learn from technical sharing posts
Watch and learn all the posts that have been excavated in the past ten years, and then build an environment to reproduce the loopholes, think and learn the author's digging thinking, and cultivate your own penetrating thinking.
At this point, coupled with more practice and accumulation of actual combat experience in the technology of mining vulnerabilities, you can basically reach the level of a security engineer
finally
In order to help you better learn about network security, the editor has prepared a set of introductory/advanced learning materials for network security for you. The contents are all notes and materials suitable for zero-based beginners. I understand, all the information is 282G in total. If you need a full set of network security introduction + advanced learning resource package, you can click to get it for free (if you encounter problems with scanning codes, you can leave a message in the comment area to get it)~
CSDN spree: "Introduction to Network Security & Advanced Learning Resource Pack" for free sharing
Network security source code collection + toolkit
Network
security interview questions
The last is the network security interview questions section that everyone is most concerned about.
The total data is 282G. If you need a full set of network security introduction + advanced learning resource package, you can click to get it for free ( If you encounter problems with scanning the code, you can leave a message in the comment area to get it)~
Video supporting materials & domestic and foreign network security books and documents
