First, let me give you a brief introduction to network security:
1. What is cybersecurity?
Network security can be classified based on the perspective of attack and defense. The "red team" and "penetration testing" we often hear are research on attack technology, while the "blue team", "security operation" and "security operation and maintenance" are research on defense technology.
Regardless of the field of network, web, mobile, desktop, cloud, etc., there are two sides of attack and defense. For example, web security technology includes both web penetration and web defense technology (WAF). As a qualified network security engineer, you should be both offensive and defensive. After all, you can win every battle if you know yourself and the enemy.
2. Cyber Security Market
First, the market demand is high;
The second is that the development is relatively mature and it is easier to get started.
3. Required skill level
There are too many knowledge points to master,
Peripheral management capabilities
fishing remote control
penetration
Vulnerability mining
Traffic Analysis
code audit
reverse escape
4. National policy environment
It is becoming more and more important to the status of the country and enterprises. Without network security, there will be no national security.
A righteous hacker who is more effective for the country—Honker League
You can see its importance.
5. Network Security Learning Route
Network Security (Hacking Technology) Learning Roadmap
Phase 1: Security Basics
Cybersecurity Industry and Regulations
Linux operating system
computer network
HTML PHP Mysql Python basics to practical mastery
Phase Two: Information Gathering
IP information collection
Domain name information collection
Server Information Collection
Web site information collection
Google hacking
Fofa Network Security Mapping
Phase Three: Web Security
SQL injection vulnerability
XSS
CSRF vulnerability
File Upload Vulnerability
file contains bug
SSRF vulnerability
XXE vulnerability
Remote Code Execution Vulnerabilities
Password Brute Force Cracking and Defense
Middleware Parsing Vulnerabilities
Deserialization Vulnerabilities
Stage Four: Penetration Tools
MSF
Cobalt strike
Burp suite
Nessus Appscea AWVS
Goby XRay
Sqlmap
Nmap
Kali
The fifth stage: actual combat digging
Vulnerability mining skills
Src
Cnvd
Crowdtest project
Recurrence of popular CVE vulnerabilities
Shooting Range Combat
The learning framework has been sorted out, and now the data resources are missing. I have sorted out the data resource documents corresponding to all knowledge points here.
Automatically send after friends who need attention
1. Full knowledge point video tutorial
2. Full Toolkit
3. SRC technical documents
4. Code Audit
5. Reverse Engineering
Follow all the above content to get it yourself
4. The future of cybersecurity
There is a large demand for talents and a large market vacancy, such as the popularization of Internet of Things network applications and the popularization of 5G, etc., will increase the demand for network security positions.
In the long run, network security will only become more and more popular, and the rise of intelligent disciplines will definitely drive the development of new network security technologies.
Three future development directions of network security: network security (safety protection), cloud-native security, and the application of AI in network security (ChatGPT)
Large room for development:
Within the enterprise, network engineers are basically in a "double high" position, that is, high status and high salary. Wide range of employment, one specialty and many skills, practical experience applicable to various fields.
Great value-added potential:
Mastering the core network architecture and security technology of the enterprise has an irreplaceable competitive advantage. Career value With the enrichment of one's own experience and the maturity of project operation, the appreciation space is bullish all the way.
Long career life:
The focus of the work of network engineers is on the construction and maintenance of enterprise information, including technical and management work. The work is relatively stable. With the continuous growth of project experience and in-depth understanding of the industry background, the older you are, the more popular you will be.
Finally, I can tell you with certainty here: "Network security has good development prospects, and cutting-edge network security technologies are about to rise, or have already risen."