Hackers are full of temptation for many people. Many people can find that this field is like any other field. The deeper you go, the more you will be in awe. Knowledge is like an ocean, and hackers also have some levels. Please refer to the sharing of Zhichuangyu CEO ic (a member of the world's top hacker team 0x557) as follows:
Level 1 愣头青[百万人]:会使用安全工具,只能简单扫描、破译密码
Level 2 系统管理员[上万人]:善用安全工具,特别熟悉系统及网络
Level 3 大公司的开发人员或核心安全公司大牛[几千人]:对操作系统特别熟悉,开始开发代码,写自己的扫描器
Level 4 能找到并利用漏洞[几百人]:自己能找漏洞、自己找 0DAY 并且写 Exp 利用漏洞的,对系统做挖掘漏洞的协议测试
Level 5 高水平[少于百人]:防御和构建系统的人
Level 6 精英级[几十人到十几人]:对操作系统的理解很深入
Level 7 大牛牛[寥寥无几]:马克·扎克伯格、艾伯特·爱因斯坦等改变世界的人
You can see, what level are you at now? You may be wondering which level I am at, my level is not high, and I am on the way to seek a breakthrough. However, I have also practiced the other two skills, which may allow me to make a more interesting breakthrough. As for what it is, I am sorry, how dare I be presumptuous before I succeed. Well, back to the topic, this article is mainly about "learning route of hacking technology"
If you want to learn hacking, you need to understand, as follows:
What is a hacker?
Classification of the group of hackers
What are hackers mainly doing?
Passion Begins - Hacking Route Learning Program
What is a hacker?
What is a hacker? This question is worth thinking about. Hackers just play in circles, record tutorials and recruit apprentices to play online dating? Make money to build a website and play space? Or a bunch of tech freaks? Or some groups walking between black and white? These are all intriguing, but the word hacker existed in Shakespeare's time. The earliest computer was born in the University of Pennsylvania in 1946, while the earliest hackers appeared in MIT and Bell Labs. The first generation of hackers refers to researchers with computer skills, who are keen on challenges, advocate freedom and advocate the sharing of information.
From the first generation to the present, hackers have gradually developed a division of names. Since the "China-US Hacking War" in 1999, the term Honker has gradually entered people's attention. Honker translates as hongke, which refers to a group of people who know how to hack and are patriotic. The founder of hongke is "Lion". Honkers usually use their own technology to maintain domestic network security and fight back against external attacks.
The main division of hacker names:
Black hat hacker: Anyone who hacks into any electronic device of the other party without permission is called a black hat hacker, or "black hat" for short.
White hat hackers: Those who debug and analyze computer systems, and dig and submit vulnerabilities in major Web-based sites and operating systems are called white hat hackers, or "white hats" for short.
Script kiddies: Script kiddies are mainly people who are good at using hacking tools but can't program themselves.
The first generation of hackers: It originated from the English hacker, and it was commendable in the computer industry in the United States in the early days. They are all high-level computer experts, especially programmers, which can be regarded as a general term.
Hacker/breaker: It is a transliteration of "Cracker", which means "cracker". Engage in malicious cracking of commercial software, malicious intrusion into other people's websites, etc. Nearly synonymous with hackers, hackers and hackers are essentially the same, those who break into computer systems/software. There is not a very clear line between hacker and "cracker", but as the meaning of the two has become more and more blurred, the public's understanding of the meaning of the two has become less important.
Passion Begins - Hacking Route Learning Program
The first week: getting started
When you are studying, you need to master at least the common hacker terminology. If you understand the terminology, you can go to the Baidu library here. You can write it. There is a transition for most hacker terminology, and you need to have a certain foundation for computer network principles, so be sure to learn it.
After understanding the terminology of hackers, you may think, can I now hack into other people's computers and websites to hang black pages? No, you need the second edition of "Proficient in Script Hackers" and "Web Security Attack and Defense Practical Combat" to understand some penetration techniques and techniques. I hold the hacker profession as my dedication to computer technology research. Hackers are not malicious attacks or damage to other people's systems.
Well, after reading those books, you should also have a general understanding of hacking techniques and infiltration techniques. Now the fastest learning shortcut is: thinking and diligence
Thinking: Thinking is thinking. You need to have your own insights into common vulnerabilities. You must not only learn attack skills, but also learn to protect yourself on the Internet. Don’t let your thinking be restricted by existing technologies. You need to use your own brain to think.
Qin: More practice. After reading one or two books, you have a very thorough understanding of theory, but you are in a state of "ignorance" in actual combat. Therefore, I personally recommend: learning while practicing. If you only learn without practicing, what is the difference from talking on paper?
Week 2: Learn to use common hacking and penetration tools
Note: This is definitely not talking about some brainless software such as catching chickens, remote control, etc. What do you think you will get after using those software? A hint of vanity? Or a sense of accomplishment? No, you are nothing in the eyes of others. You are still sweeping around with other people’s broken things, so you need to learn systematically. Even if you say you don’t have enough time, you still need to know common tools, such as: Hydra, medusa, sqlmap, AWVS, Burpsuite, Beef-XSS, Metasploit, Nessus, wireshark and other security tools. These are relatively well-known penetration tools and platforms in the security and penetration circles.
Week 3: You now know about penetration, so you're basically a script kiddie.
You can start learning linux now, because I can ask you in one sentence: Have you seen those hackers or network security engineers abroad who use Windows? You need to learn linux commands, linux network programming, etc. VI and VIM must be learned (two god-level editors, I don’t need to say more, I can use them all).
After getting familiar with linux, you can start to learn some programming-related knowledge now, because a hacker must master at least two or more programming languages. If you have no programming foundation, I recommend Python as a language here. Because the Python language code is short, it is easy for beginners to understand. For example, it takes 5-6 lines to write a helloworld code in C language, while Python only needs 1 line. After learning Python, you can learn C language or Java.
After about 6-7 months, you should be barely a junior hacker or a small hacker. You can learn some 0-day mining techniques to improve your skills in the later stage, read some security books, and pay attention to security circle trends, such as: Freebuf, tools forum, Kanxue forum and other famous technical forums, and then I will post a learning map as a guide!
1 year later: You can now learn some of the more famous penetration testing systems, here I list a few:
Kali linux, Parrot OS Arch linux and other well-known infiltration systems, if you have the opportunity, you can also study the bypassing of some protection software such as website and server security dog, cloud lock, etc. Most of them on the market are blocked by security dog, so if you have enough time, you can study it yourself. After all, there is a saying: make a fortune with silence.
super hacker
This part of the content is still relatively far away for students with zero foundation, so I won’t go into details, and attach the learning route.
If the picture is too large and is compressed by the platform and cannot be seen clearly, please like it in the comment area and leave a message in the comment area to get it. i will reply
Video supporting materials & domestic and foreign network security books, documents & tools
Of course, in addition to supporting videos, various documents, books, materials & tools have been sorted out for you, and they have been classified into categories for you.
Some video tutorials that the author bought by himself, but which cannot be found on other platforms for free
If you want to get involved in hacking & network security, the author has prepared a copy for everyone: 300G the most complete network security data package on the entire network for free! Follow me and it will be sent automatically
Conclusion
The network security industry is like a world where people of all colors gather. Compared with many well-known and decent people in European and American countries with solid foundations (knowing encryption, being able to protect, being able to dig holes, and being good at engineering), my country’s talents are more heretics (many white hats may not be convinced). Therefore, in the future of talent training and construction, it is necessary to adjust the structure and encourage more people to do "positive" "systems and construction" that combine "business" and "data" and "automation" in order to satisfy the thirst for talents and truly provide security for the comprehensive Internet of society.