Learning + practice is the only way at present. Self-study in September and successfully enter the circle. Let me talk about my own learning path. I learned it only after paying N shares of money.
Remember to understand the entire penetration testing process first, and remember the entire process formula.
Information collection & management, vulnerability mining, try intranet, enhance hazards, package reports. Among them, information collection is the most important. Don't think that it is enough to find routine information according to the process, which is not possible at all. Subdomains, sensitive directories, and sensitive information, these things have long been covered, and the information points you can dig out are known by others. The information collection I learned in the early days is nothing more than scanning based on Google hack, Bing Grammar or Yujian, but it is useless. Combined punches need to be combined with js front-end sensitive information, Google Grammar, tools, GitHub, fofa , Some universities or enterprises also need to cooperate with the official account to mine.
The excavated information is sorted out, and then start to manage and exploit vulnerabilities, the existence points of SQL injection, unauthorized existence points, and xss existence points.
It is true that this is a bit like script kiddies , copying tutorials, but it is really efficient. If you want to learn the system, I still recommend learning the principle of vulnerabilities first, so that you will know that there are exploitable vulnerabilities in more function points.
The next step is how to improve the hazards. In general, it is easy to find vulnerabilities such as weak admin passwords, unauthorized js, function point sql injection , etc., and the hazard level of these vulnerabilities is generally medium-risk, which can endanger The damage to the server or getshell can be serious or high-risk. Of course, if the leakage of sensitive information is as high as more than 100 million like a certain communication, it can also reach high-risk and serious.
I won’t talk about writing the report. If you make a little beautification, there is no need to beautify the delivery platform. If you give it to Party A, you must blow the weak password.
After understanding the process, it is necessary to discuss how to learn. There are two channels for learning: institutional or self-study
I don't recommend any channel, because each has its own advantages and disadvantages, and the cost of self-study is low, but it is difficult for you to make a living, and the cost of the organization is high, but the work is promoted internally, and all kinds of cisp have exam skills, although the gold content of cisp may not be high. But as a proof of skill, it's still pretty important. Secondly, I would like to talk about something. Many organizations say that they will provide employment and work. In fact, most of them outsource the students. It is enough to complete the KPI and provide employment. But I did not say how long it will be. One month is also a package. At that time, it will not be needed. People just find a reason to open it for you. Besides, now that Internet security is so complicated, how can you compare with universities from an institution?
If you are self-taught, only the top 20% of the industry have the right to choose, and the rest can only be bounty hunters . As for the top 20%, most of them are in Qixinan , 360, Ali, etc. Bounty hunters also have big bosses, and they can earn thousands of yuan in one night, which is really tiring, digging all night, but There is also a lot of money, and there are srcs, especially the srcs of digging companies, one of which is tens of thousands, and the other is the protection net, with a daily income of 3-4k, which also kills many people.
Hacking & Cyber Security How to Learn
Today, as long as you give my article a thumbs-up, I will share my private collection of online security learning materials with you for free, so let’s see what is there.
1. Learning Roadmap
There are also many things to learn in attack and defense. I have written all the specific things to learn in the roadmap above. If you can learn them, you will have no problem getting a job or taking private jobs.
2. Video Tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is a video tutorial on cyber security recorded by myself. I have a supporting video explanation for every knowledge point in the above roadmap.
The content covers the study of network security law, network security operation and other guarantee assessment, penetration testing basics, detailed explanation of vulnerabilities, basic computer knowledge, etc., which are all learning contents that must be known when getting started with network security.
(It’s all packed into one piece and cannot be unfolded one by one. There are more than 300 episodes in total)
Due to limited space, only part of the information is shown, you need to click the link below to get it
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
3. Technical documents and e-books
The technical documents are also compiled by myself, including my experience and technical points of participating in large-scale network security operations, CTF and SRC vulnerability mining. There are also more than 200 e-books. Due to the sensitivity of the content, I will not show them one by one.
Due to limited space, only part of the information is shown, you need to click the link below to get it
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
4. Toolkit, interview questions and source code
"If you want to do a good job, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
There is also the source code of the case and the corresponding toolkit mentioned in my video, which can be taken away if needed.
Due to limited space, only part of the information is shown, you need to click the link below to get it
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
Finally, there are interview questions about Internet security that I have sorted out in the past few years. If you are looking for a job in Internet security, they will definitely help you a lot.
These questions are often encountered in interviews with Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi Anxin official website, Freebuf, csdn, etc.
Content features: clear organization, including graphic representation, which is easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration test, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logic vulnerability, tool, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is shown, you need to click the link below to get it
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing