1. What is network security?
Cybersecurity is the art of protecting networks, devices, and data from unauthorized access or criminal use, and the practice of ensuring the confidentiality, integrity, and availability of information. Everything seems to depend on computers and the Internet these days - communication (e.g., email, smartphones, tablets), entertainment (e.g., interactive video games, social media, apps), transportation (e.g., navigation systems), shopping (e.g., online shopping, credit cards), pharmaceuticals (e.g., medical devices, medical records), etc. How much of daily life relies on technology? How much personal information is stored on your own computer, smartphone, tablet, or other people’s systems?
2. How to get started with network security
1. Security basics (Linux+MySQL+Python)
Most of the network security industry uses some command symbols, but there are also some requirements for programming development, and some simple codes still need to be understood. For example, if you want to penetrate a website, you must first know how to develop a website. If you don't know how to write the most basic SQL statements, how do you do SQL injection?
So if you don’t have a certain understanding of various network communication protocols, cryptography, front-end and back-end, databases, servers, shell scripts, etc., how can you become an excellent network security engineer?
If you want to control a person, you must first understand him, then you can know his weaknesses, and finally you can use your methods. But no matter which process it is, it takes a long time and energy to study and study.
The above content is the essential foundation for learning network security. This part of the content is not too difficult, nor does it have any logical difficulty. It only requires more practice and more reading. The content of the basic part is what makes perfect.
2. Introduction to security (hacking tools + vulnerability mining)
With the previous computer network and programming foundation, this stage is the official introduction to network security.
Several typical attack methods in the field of network security: SQL injection, XSS, CSRF, SSRF, file upload vulnerabilities, etc. Each of them requires detailed study, and requires both theoretical principles and hands-on practice.
Never use real networks on the Internet to attack learning! Even if this website is a BC website or a scam website, penetration testing cannot be conducted without authorization. This is illegal behavior!
During the learning process, you can also build some websites containing vulnerabilities in a virtual machine and practice with the websites you built.
In addition to the attack methods of these common vulnerabilities, you also need to have some simple understanding of commonly used penetration tools. This is also a section that most students are very interested in, because if you learn how to use these tools, you can upgrade to a script kiddie.
For example: the use of AWVS, sqlmap, Burp, nessus, nmap, Appscan and other related tools.
Understand the purpose and usage scenarios of this type of tool, first use the software name Google/Baidu, and then download the backdoor-free version of these software to install;
If you've gotten this far, you need to think about it carefully. Are you studying network security and want to become a script kiddie for fun? Or do you want to enter this industry and become a professional network security engineer?
If you want to become a professional and enter the network security industry in the future, you can continue. If not, then there is no need to read on, because the following learning content will take at least 3 months, and the difficulty will increase. If you don’t have enough perseverance and clear goals, it will be difficult to persist.
3. Security advancement (intranet penetration + DDoS attack and defense + social engineering)
In the previous basic part, we learned some web security attack techniques, but just learning basic attacks is not enough. When we have traffic to attack a target, it is crucial to find the attack point and obtain target information.
This information includes: what operating system the target is running, which ports are open, which services are running, what type of back-end service is, what version information is, etc. What vulnerabilities can be exploited? Only by obtaining this information can we formulate targeted attack methods.
Network penetration in the true sense is not just about using some ready-made tools to dig out loopholes from ancient times, but having strong self-study, analysis, and problem-solving abilities, and then using your own "wonderful ideas" To break into a certain site. For example, use your own scripts and tools, or your newly discovered attack injection methods.
You can refer to the above learning methods, and the technologies in different directions above are not strictly independent. In many cases, they complement each other and need to be combined and integrated.
Everyone’s knowledge is limited. It is recommended that you refer to more summaries and experiences for horizontal comparison. If you listen to both, it will be bright; if you listen to one side, it will be dark.
3. Network security learning route
If you really want to get started with network security through self-study, I suggest you take a look at the following learning roadmap. Specifically, how long should you study each knowledge point and how to learn it. The total self-study time is about half a year. Take a personal test. It’s valid. If you can’t see clearly, you can ask me to get the original picture (there is a surprise at the end of the article):
Stage One: Basic Introduction
Penetration Testing Basics
Network Basics
Operating System Basics
Web Security Basics
Database basics
Programming basics
CTF basics
Stage 2: Technical advancement (at this point you are considered a beginner)
Weak passwords and password blasting
XSS vulnerability
CSRF vulnerability
SSRF vulnerability
XXE vulnerability
SQL injection
Arbitrary file operation vulnerability
Business logic vulnerability
Stage three: high-level promotion
Deserialization vulnerability
RCE
Comprehensive shooting range practical project
Intranet penetration< a i=4> Traffic analysis Log analysis Malicious code analysis Emergency response Actual combat Training
at last
After sorting out your knowledge framework and knowing how to learn, the next step is to fill the framework with content.
At this time, we have many choices, such as CSDN, Zhihu, and Station B. There are many people sharing their learning materials, but I think there is a big one here. The problem is that it is incoherent and incomplete. Most of the tutorials shared for free are one piece here and here , Preface It doesn’t match Houyu, and you will get confused as soon as you learn it. This is my personal experience after self-study.
If you really want to learn on your own, I can share with you these tutorials that I have collected. They not only cover web security, There are also penetration testing and other content, including e-books, interview questions , pdf documents, videos and related courseware notes, I have already After learning, Like, collect and leave a message in the comment area“Already followed the request "! You can share it with everyone for free! Friends who can't wait can also directlykick me! Orfollow me and the background will automatically send it to everyone! After following, please pay attention to the background news!
My advice to my friends is to think clearly, There is no shortcut to self-study network security. In comparison, system network security is the most economical Cost-effective way, because it can help you save a lot of time and energy costs. Hold on, now that you've been on this road, even though the future may seem difficult, as long as you grit your teeth and persevere, you will eventually get the results you want.
Network security learning materials and tutorials, follow to be automatically sent
Hacking tools & SRC technical documents & PDF books & web security, etc. (can be shared)
Recommended books for getting started
"White Hat Talks about Web Security" 2012
"Web Security In-Depth Analysis" 2015
"Web Security Attack and Defense Penetration Testing Practical Guide" 2018 Advanced
"The Dilemma of WEB - Modern WEB Application Security Guide" 2013
"Intranet Security Attack and Defense Penetration Testing Security Guide" 2020
"Metasploit Penetration Testing Devil Training Camp" 2013
"SQL Injection Attack and Defense" 2010
"Hacker's Attack and Defense Technology Guide-Web Practical Combat (2nd Edition)"
"The Definitive Guide to Log Management and Analysis"
"kali Linux Advanced Penetration Testing"
"Hacker Social Engineering Attack and Defense Drill"
"XSS cross-site scripting attack analysis and defense"
"Hacker Attack and Defense Practice from Beginner to Master"
Conclusion
The network security industry is like a river and lake, where people of all colors gather. Compared with many well-known and decent people in European and American countries who have a solid foundation (understand encryption, know how to protect, can dig holes, and are good at engineering), our country's talents are more of a heretic (many white hats may be unconvinced), so in the future talent training and In terms of construction, it is necessary to adjust the structure and encourage more people to do "positive" "system construction" that combines "business" with "data" and "automation". Only in this way can we quench the thirst for talents and truly provide comprehensive services to society. The Internet provides security.
Special statement:
This tutorial is purely technical sharing! This tutorial is in no way intended to provide technical support to those with ill intentions! We also do not assume any joint liability arising from the misuse of technology! The purpose of this tutorial is to maximize everyone's attention to network security and take corresponding security measures, thereby reducing the economic losses caused by network security.