01 What is Network Security
Network security can be classified based on attack and defense perspectives. We often hear "red team" and "penetration testing" to study attack technology, while "blue team", "security operation" and "security operation and maintenance" study defense technology.
Regardless of the field of network, web, mobile, desktop, cloud, etc., there are two sides of attack and defense. For example, web security technology includes both web penetration and web defense technology (WAF). As a qualified network security engineer, you should be both offensive and defensive. After all, you can win every battle if you know yourself and the enemy.
02 How to plan network security
If you are a newcomer in the security industry, I suggest that you start with network security or web security/penetration testing.
It is worth mentioning that, to learn network security, it is the network first and then the security; to learn web security, it is also the web first and then the security.
Security does not exist independently, but is an upper-layer application technology based on other technologies. Breaking away from this foundation, it is easy to become a theory on paper, and become "knowing what it is, not knowing why it is", and it is difficult to go far on a safe career path.
If you are originally engaged in network operation and maintenance, you can choose the direction of getting started in network security; if you are originally engaged in program development, it is recommended to choose the direction of getting started in web security/penetration testing. Of course, after learning a certain degree or having a certain work experience, the technical coupling in different directions will become higher and higher, and you need to know a little bit in each direction.
According to the network security skills table above, it is not difficult to see that there are still many technologies that network security needs to be exposed to. Common skills need to be learned: peripheral management capabilities, phishing remote control capabilities, domain penetration capabilities, traffic analysis capabilities, vulnerability mining capabilities, code audit capabilities, etc.
CSDN's latest and most complete network security seed material
- ①Network security learning route
- ② 20 penetration testing e-books
- ③ 357 pages of notes on security offense and defense
- ④50 security offensive and defensive interview guides
- ⑤Security Red Team Penetration Toolkit
- ⑥ Necessary Books on Network Security
- ⑦100 actual combat cases of vulnerabilities
- ⑧Internal video resources of major security factories
- ⑨Analysis of past CTF capture the flag questions
The first stage: basic preparation 4~6 weeks
This stage is a must-learn part for all those who are preparing to enter the security industry. As the saying goes: if the foundation is not worked, the ground will shake
Stage Two: Web Penetration
Basic learning time: (1 week to 2 weeks)
① Understand the basic concepts: (SQL injection, XSS, upload, CSRF, one-sentence Trojan horse, etc.) to lay the foundation for subsequent WEB penetration testing.
② Check some web penetrations in some forums, and learn the idea of a case study. Every site is different, so the idea is the main one.
③ Learn the art of asking questions, and be good at asking questions if you don’t understand.
Time to configure the penetration environment: (3 weeks to 4 weeks)
① Understand the commonly used tools for penetration testing, such as (AWVS, SQLMAP, NMAP, BURP, Chinese kitchen knife, etc.).
② Download the backdoor-free versions of these tools and install them on your computer.
③ Understand the usage scenarios of these tools and know the basic usage. It is recommended to search on Google.
Infiltration actual operation time: (about 6 weeks)
① Search for actual penetration cases on the Internet, and gain an in-depth understanding of the use of SQL injection, file upload, and parsing vulnerabilities in actual combat.
② Build a vulnerability environment test by yourself, recommend DWVA, SQLi-labs, Upload-labs, bWAPP.
③ Understand the stages of penetration testing, and what actions need to be done in each stage: such as PTES penetration testing implementation standards.
④ In-depth study of manual SQL injection, find ways to bypass waf, and make your own scripts.
⑤ Study the principle of file upload, how to truncate, double suffix spoofing (IIS, PHP), parsing exploits (IIS, Nignix, Apache), etc., refer to: upload attack framework.
⑥ Understand the principles and types of XSS formation, practice in DWVA, use a cms with XSS vulnerabilities, install security dogs, etc. for testing.
⑦ Understand a sentence Trojan horse, and try to write a dog sentence.
⑧ Research on privilege escalation under Windows and Linux, Google keywords: privilege escalation
This is the introductory stage
Stage Three: Advanced
How can I advance after I have already started and found a job? See the picture below for details
Suggestions for beginners:
web security books for beginners
- "CCNA Study Guide"
- "TCP/IP Detailed Explanation Volume 1"
- "LAN Switch Security"
- "Cisco Firewall"
- "Network Security Principles and Practice"
- "Network Security Technology and Solutions"
- "Huawei Firewall Technology Talk"
- "Cisco Network Hacker Exposure"
- "Wireshark Network Analysis Actual Combat"
- "Wireshark Packet Analysis Actual Combat"
- "DDoS Attack and Defense Depth Analysis"
- "Cisco VPN Complete Configuration Guide"
- "Cisco Security Intrusion Detection System"
Web Security/Penetration Testing Recommended Book List
- "White Hats Talk about Web Security"
- "Deep Analysis of Web Security"
- "Metaspolit Penetration Testing Demon Training Camp"
- "Web front-end security secret"
- "Web penetration testing using Kali Linux"
- "Hacking Attack and Defense Technology Collection Web Actual Combat"
- "BurpSuite Practical Guide"
- "SQL Injection Attack and Defense"
- "XSS cross-site scripting attack analysis and defense"
- "Advanced Guide to Internet Enterprise Security"
Video supporting materials & domestic and foreign network security books, documents & tools
Due to the limited space, only part of the information is shown. For friends who want to enter the hacker and network security, I have prepared a copy for everyone: the most complete network security information package on the entire network in 2023 for free!
If you need it, you can pay attention to it (automatically sent in the background)