First, let’s talk about what problems usually arise when learning about network security.
1. It takes too long to lay the foundation
It takes a long time to learn the basics, and there are several languages. Some people will fall into learning the Linux system and commands, and more people will fall into learning the language;
2. Unclear grasp of knowledge points
Regarding the basic content of network security, many people do not know how much they need to learn, and they swallow it all, resulting in spending too much time on the basics. I have seen many friends buy books on HTML, PHP, databases, computer networks, etc., and each of them is still very useful. It is thick, and many of the writings are very in-depth. I find that the more I learn, the less confident I am. Others can find a job just by learning PHP or database, but there is so much to learn about network security, and I am increasingly doubting whether I have chosen the wrong direction;
3. Can’t distinguish the key points of knowledge
Many people spent a lot of effort to learn the basic content, but found that a lot of knowledge was not closely related to subsequent network security, and they failed to distinguish the key points and wasted a lot of time;
4. Learning knowledge points is not systematic
I have seen many friends looking for a lot of videos on station b, and also bought some small lessons on other platforms. There are also 1-2T of learning materials and video content on Baidu Cloud Disk, but it takes a lot of money to complete each category. It takes a lot of time, and a lot of the content is repetitive. After learning SQL injection, I later saw another company talking about SQL injection. It was not bad. I will study it again. I found that after learning all the principles of web vulnerabilities, I am still not sure about myself. Have you learned nothing about Web vulnerabilities?
5. It is difficult to solve problems by yourself
For beginners, many will build some shooting ranges by themselves, but due to configuration environment and other reasons, it will take a lot of time. Especially when beginners encounter three consecutive problems that cannot be solved, it is easy to give up; for some people with poor hands-on ability Classmates, this may directly affect your confidence in continuing to study;
6. Insufficient practical level
For those who learn network security and penetration testing technologies, in fact, to a large extent, they learn "hacking" technology. By learning how to attack and invade, we can have a better understanding of how to defend systems and applications; and this is precisely the area of network security. At the core, if you only have theory and little practical experience, it will be difficult to get a job; in daily study, in addition to building some open source shooting ranges for practice, it is best to have a shooting range composed of real vulnerabilities for learning. Of course, You can go to the SRC platform to penetrate test some real websites (you must be authorized to penetrate real websites), but it is difficult to find and many beginners will lose confidence and doubt themselves;
7. It is difficult to learn the intranet
Information on Web penetration is everywhere on the Internet, and it is relatively easy to learn. However, there is relatively little information on intranets on the Internet, and there is not much information that can be used for reference. In addition, you need to have corresponding shooting ranges to practice with. Technical improvement and accumulation; learning difficulty will be relatively high.
Once you understand the problem and adjust the learning direction based on your own characteristics, you will get twice the result with half the effort. The following are 2 learning routes, suitable for different learning groups.
Method 1: Learn programming first, then learn Web penetration and tool usage, etc.
Applicable people : Friends who have a certain coding foundation
(1) Basic part
The basic part requires learning the following:
(1.1) Computer network:
Focus on learning OSI, TCP/IP models, network protocols, working principles of network equipment, etc., and read through other contents quickly;
(1.2) Linux system and commands:
Since the Web servers currently on the market are all running on the Linux system, if you want to learn to penetrate the Web system, you must at least be very familiar with the Linux system and learn common operating commands;
**Learning suggestions: **Learn about 10% of the common commands that are applicable to 90% of work scenarios. Just like office software, master the 10% of the most commonly used functions. There will be no problem in basic daily use. If you encounter something you don’t know, then you can Go find Du Niang; there are only 50-60 common Linux commands. Many novices learn all the commands without hesitation, but find that they cannot remember them! ! ! ! This learning method is also wrong;
(1.3) Web framework:
Familiar with the content of web frameworks, front-end HTML, JS and other scripting languages are enough. Focus on learning the back-end PHP language. Remember not to learn the language according to the development idea. The minimum requirement for PHP is to be able to read the code. Of course, you can write the best. But it’s not development, but it’s not development, but it’s not development. Say important things three times;
(1.4) Database:
You need to learn SQL syntax, and use the common database MySQL to learn the corresponding database syntax. The same is true. You can understand some advanced syntax of SQL. If you don’t have time, it will not affect your subsequent learning. After all, you are not a database analyst, so you don’t need to Study too deeply;
(2) Web security
(2.1) Web [penetration]
Master the principles, utilization, defense and other knowledge points of more than 10 common web vulnerabilities ranked top by OWASP, and then practice with certain shooting ranges; some novices may ask where to find information, it is recommended to buy it directly A more authoritative book, study with the free video system of station b, and then use the open source shooting range to assist in practice;
[Recommended shooting ranges] Common shooting ranges can be searched on the github platform. The following shooting ranges are recommended: DVWA, bWAPP, upload-labs-master, SQL-lib-master, WebBug, pikachu, etc. Some are comprehensive shooting ranges, and some are specifically targeted at certain vulnerabilities. shooting range;
(2.2) Tool learning
In the Web [penetration] stage, you still need to master some necessary tools. There are many videos on site b to learn tools. Pick some videos with good explanations and watch them. Don’t watch many videos with one tool. Most of the videos are repetitive and It’s a waste of time;
The main tools and platforms to master: burp, AWVS, Appscan, Nessus, sqlmap, nmap, shodan, fofa, proxy tools ssrs, hydra, medusa, airspoof, etc. The above tools can be practiced using the open source shooting range above, which is enough .
The practice is almost done. You can go to the SRC platform to penetrate real sites to see if there are any breakthroughs. If it involves the need to bypass WAF, you need to learn specifically about bypassing WAF. There are not too many postures. Study systematically and then summarize more. Experience takes you to the next level.
(2.2) Automated penetration
Automated penetration requires mastering a language and using it proficiently. It can be any language that you are already familiar with. If you don’t have a good command of any language, then I recommend learning Python. The main reason is to learn It is simple to use and has many modules. It is very convenient to write some scripts and tools;
What the hell? I have to learn programming again. Didn’t I just say that programming is not a necessary condition for learning network security? Not knowing automation penetration will not affect entry and employment, but it will affect career development. Learning Python does not require mastering many unnecessary modules, nor Thousands of lines of code need to be developed. Just use it to write some tools and scripts, ranging from a few lines of code to 1-200 lines of code. Generally, the amount of code is extremely small compared to developers. For example, a The core code of the domain name crawler code is streamlined to only 1-20 lines;
Some friends may be anxious, so how do they need to learn?
It takes a few days to learn the syntax of python. If you have a basic knowledge of coding, you can probably finish learning the syntax of python in one day at the fastest, because the languages are all similar, but the fastest way to learn a language is to write code. There is no other way. Other methods; then you can start to try to write some common tools, such as crawlers, port detection, packet core content extraction, intranet active host scanning, etc. There are a lot of such codes online; then write some POC and EXP For scripts, just use the shooting range as a practice; some friends may want to ask again, what are POC and EXP, you can do it yourself and develop a good habit of doing it;
(2.3) Code audit
What the hell? Let’s look at the code again. The content here requires relatively high coding ability, so if you have weak coding ability, you can skip this part of the study first, which will not affect your learning and development on the road to penetration.
But if you want to go further in Web penetration, you need to be proficient in a backend development language. PHP is recommended, because the majority of websites developed with PHP in the backend. Of course, you are also proficient in python, asp, java and other languages. Congratulations. , you already have a good foundation;
Code auditing, as the name suggests, audits the source code of other people's websites or systems, and audits whether there are vulnerabilities in the system by auditing the source code or code environment (belonging to the category of white-box testing);
So how do you learn it specifically? The specific content of the study is listed in order as follows:
Master some dangerous functions and security configurations of PHP;
Familiar with code audit processes and methods;
Master 1-2 code audit tools, such as seay, etc.;
Master common functional audit methods; (it is recommended to audit AuditDemo to give you confidence)
Common CMS framework audits (difficult);
[Recommended books] Code Audit has a foreign book "Code Audit: Enterprise-level Web Code Security Architecture". Of course, you can read it when you have time. It is recommended to find a system-introduced course on site b to learn; github Find AuditDemo on the Internet, download the source code, build it in a local virtual machine, and then use tools and audit methods to audit the 10 vulnerabilities in AuditDemo. The difficulty distribution conforms to the normal distribution, so you can challenge it;
As for the CMS framework audit, you can go to some official CMS websites and download some versions with historical vulnerabilities to audit. To learn the framework, you can use the official website's manual. For example, the ThinkPHP3.2 version has some vulnerabilities, so you can try to understand the code; But remember not to read the code as soon as you get started, because the amount of code in the CMS framework is relatively large. If you don’t learn the framework systematically first, you will basically be in a state of incomprehension. After learning the framework, you will be able to write a simple POC and audit it together with the code audit method and tools. Framework; in fact, it is not as difficult as you think. If you are a developer who has changed careers, congratulations, you already have the innate advantage of code auditing.
Then some friends asked again, my code is very poor, can I not learn code auditing? Code auditing is not a necessary condition for learning network security. It is best to master it. If you cannot master it, it will not affect your subsequent study and employment, but you need to Choose a stage and practice to become more professional and proficient, such as web penetration or intranet penetration, or automated penetration;
(3) Intranet security
Congratulations, if you have learned this, you can basically work in a network security-related job, such as penetration testing, Web penetration, security services, security analysis, etc.;
If you want to have wider employment opportunities and stronger technical competition, you need to learn more about intranet penetration;
The knowledge of intranet is slightly more difficult, which is related to the learning materials and shooting ranges currently on the market; the main content of intranet learning mainly includes: intranet information collection, domain penetration, proxy and forwarding technology, application and System privilege escalation, tool learning, anti-virus technology, APT, etc.;
Don't use professional terms with me, bah bah bah! How to learn specifically?
[Recommended books] This question is a bit big, uh uh uh uh uh uh! You can read "Intranet Security Attack and Defense: A Practical Guide to Penetration Testing". This book is pretty well written and one of the few domestic books on intranets. It takes the book catalog as the main line and then practices with tools and shooting ranges;
The little friend wants to ask again, where can I download it to the intranet shooting range! This stumps me. If you are capable enough and have a high computer configuration, you can use virtual machines to build an intranet environment by yourself. Generally, more than 3 virtual machines are needed. You can also go to some intranet shooting ranges abroad to use them, and there are some charges. The shooting range is okay;
(4) Penetration and expansion
The penetration and expansion part is also closely related to the specific job position. Try to master it as much as possible. It mainly includes log analysis, security reinforcement, emergency response, grade guarantee evaluation and other contents. Among them, focus on mastering the first three parts, and there is not much information on this area on the Internet. , and there are not many established books and materials. You can just study through industry-related technical groups or materials shared by the industry. If you can learn this step, you have basically succeeded in getting started. Learn the three parts of log analysis, security reinforcement, and emergency response. knowledge is relatively easy.
Method 2: Learn Web penetration and tools first, then learn programming
If you need to systematically learn network security technology, send me a private message and reply: network security. Learn the latest technical content for free
Applicable people : Friends with very weak coding ability, or no coding ability at all, and other basic skills are also relatively poor
Some friends will ask, how can you learn Web penetration if you don't have a good foundation?
The basic parts still need to be learned, such as Linux systems, computer networks, a little bit of Web frameworks, and databases, which still need to be mastered in advance;
Contents such as the PHP language, automated penetration and code auditing can be placed at the end. After learning the previous knowledge, it will be relatively easy to learn the language again;
[Preferred recommendation] Method 2. For novices, the coding foundation is usually weak. Many novices will fall into learning the language in the early stage. Therefore, it is recommended to learn method 2. First, learn web penetration and tools. It is also more interesting and easy. Maintain a high motivation and enthusiasm for learning. I will not go into the specific learning content. Please refer to method 1.
Finally
In order to help everyone learn network security better, the editor has prepared an introductory/advanced learning material for network security for everyone. The content in it is all notes and materials suitable for beginners with zero basic knowledge. It can be understood even if you don’t know programming. Understand, all the information is 282G in total. If friends need a complete set of network security introduction + advanced learning resource package, you can click to receive it for free (if you encounter problems with scanning the QR code, you can leave a message in the comment area to receive it)~
CSDN gift package: "Network Security Introduction & Advanced Learning Resource Package" free sharing
CSDN gift package: "Network Security Introduction & Advanced Learning Resource Package" free sharing
Video supporting materials & domestic and foreign network security books and documents
CSDN gift package: "Introduction to Network Security & Advanced Learning Resource Package" is free to share
or scan the QR code below to get it. If you have any problems with scanning the code, you can leave me a message~
