Quick Guide To Kick Start Your Journey
Hello everyone! As promised in my previous blog, I’ll provide a technical overview of my journey. So, here I am with a new blog for all the newbies who want to learn about cyber security and my methodology.
Cyber Security, Ethical Hacking, Bug Bounties are growing in popularity among academics, seasoned professionals, and others around the world. The rising population, increased threats, and the need for qualified professionals are undoubtedly driving popularity of cyber security world.
Before entering upon a discussion, I would like to give a little background about myself. I began my education in computer science, hustling with coding, their syntax, semantics, logic, various languages, databases, networks, and so on, which helped me to strengthen my fundamentals. However, if you do not have a background in computer science, this stream will greet you with a mantra.
“If you are committed to learning something every day, opportunities will knock on your doors”
Now, Let’s discuss what technical skills you need to begin the journey.
Good Understanding of Computer networks
This will aid you in comprehending various ports such as SSH, TCP, Telnet, DNS. To understand how data packets are routed based on their IP addresses, networking devices such as routers, hubs, and switches are used. IP versions, IP ranges, using subnets for better data transmission and less congestion. Work flow of network monitoring and detection tools such as firewalls, IDS, IPS. And the most important OSI layer to understand how human readable data gets converted into bits and transmitted from a device over network to another device using various encryption, compression, decryption, decompression techniques, stateless or statefull protocols in an ongoing session.
Complete guide to computer networks
https://tutorials.cyberaces.org/tutorials.html
Good Understanding of Web applications
It is not mandatory that you should know development but it would be great if you know how things are working, what are basic functions and their syntax of at least a client side (Java script) and server-side (PHP) language. What is the process of hosting a website on a server and accessing it through a domain name? How does a user make a resource request and receive a response from the server? What are the variations between the various HTTP protocol versions? Browser storage and security features for web applications. What HTTP request and response headers are available, and what their roles are.
Complete guide to HTTP headers, methods, response codes, security, cookies, sessions
Good Understanding of Operating Systems
When it comes to Operating systems, you need to explore how a program is split into fixed sized programs, processed by OS using paging technique. How do multiple programs run? Concepts like booting, deadlock, process scheduling and prioritizing, types of memories, locking, race conditions.
OS Basics:
Operating System (Complete Playlist)
https://www.tutorialspoint.com/operating_system/os_properties.htm
The most common are Windows, Mac & Linux-based Operating Systems. While I was already familiar with Windows, I researched the idea of Linux for penetration testing after hearing that “Hackers use Linux.” As a result, I was curious why Linux?
Give it a read if you are also curious about it
http://themerkle.com/why-hackers-are-choosing-linux-over-its-competitors/
For Linux, I started with basic commands (operations) such as cat, mv, touch and so on. And the most important thing that astonished me was permissions for users, groups, and files, that’s why Linux is considered secure in comparison to other operating systems. Enriched repositories, faster download, compatibility with applications, availability of testing-centric tools lures various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering to use Linux
Beginner’s guide
https://www.usm.uni-muenchen.de/people/puls/lessons/intro_general/Linux/Linux_for_beginners.pdf
Good understanding of database
This is something to consider if you want to get deeper into Web application penetration testing, since there will be times when you need to retrieve an organization’s database. Learn what are types of databases an organization can use, basic syntax and functions to interact with the database.
Now that we’ve covered the theoretical aspects, it’s time to embark on the practical journey.
I began without a clear goal in mind, but as I read, I realized that learning the fundamentals of network penetration testing is a must for long-term success. So, I began by playing CTF and completing various forms of challenges (I had no idea how to do this at the time, so I began reading writeups/walkthroughs of related challenges). CTFs include not only network-based challenges, but also Web, Forensics, Binary, Cryptography, Programming, Reverse Engineering, and other types of challenges.
Mostly active Battle Grounds for CTFs
CTF Learn offers new challenges in a variety of categories
Root me has application-specific challenges on both the client and server sides, as well as steganography and cryptanalysis challenges. Challenges can be found at https://www.root-me.org/en/Challenges/. Also, https://www.root-me.org/en/Capture-The-Flag/CTF-all-Day/ hosts live CTFs. It also offers numerous research papers and publications to expand knowledge by using realistic ethical hacking skills.
Hack This site provides series of challenges and allows to pass on to the next one after the first one is completed.
Over the wire is one of my personal favorite platforms that allows you to solve challenges one after another and pass on to the next one after the first one is completed. It doesn’t only concentrate on basic bugs, but even challenges you to exploit any misconfiguration, whether it’s protocols or container setups. “The warzone setup gives us the ability to create wargames that are far more interesting than the ones currently online, such as a game based on Windows/Android/, kernel exploitation, advanced network exploitation, etc.”
Try hack me again, one of my personal favorite platforms. It provides various learning path from complete beginner to advanced, rooms [Just like game] of web, network, malware analysis, cryptography, Operating system fundamentals, Security operation and monitoring, threat and vulnerability management, threat emulation and so on.
CTF Time is a live platform that gives you real-time stats on current and upcoming CTFs, as well as writeups and scoreboards.
My next task was to learn about web penetration testing, and how applications are approached, assessed, and bugs are reported. My first goal was to complete OWASP Web Top 10.
YouTube helped me a lot, there are many youtubers out there who talk about information security and a big thanks to all of them. Here, I’ll be giving links to their channel who helped me to understand security.
Hackersploit — Web App Penetration Testing Tutorials
Detectify — OWASP Top 10 Vulnerabilities Explained
Musab Khan [For different tools and techniques]- https://www.youtube.com/c/MusabKhan/playlists
Hacking Simplified [For different tools and techniques] — Bug Bounty
PortSwigger offers a comprehensive learning path and a practical approach to identifying client-side and server-side security problems. Additionally, it addresses advanced vulnerabilities such as OAuth, web cache poisoning, and web cache deception, and many others. It provides complete information about the flaw, why it exists, and how to locate, hack, and remediate it.
OWASP Testing Guide helps you to understand how a penetration testing starts from recon and ends up at reporting, what potential vulnerabilities exists and how to test them. One can refer this approach to get basic knowledge of vulnerability.
Medium infosec blogs helps to stay updated in the cyber security community. Various security experts, consultants, and engineers publish blogs, writeups/walkthroughs of problems, bug bounties, and other related information.
Hackerone Reports provides a practical solution to detect security flaws. You can use it as a model to adapt it in your situation.
Once you’ve grasped the fundamentals and concepts of vulnerability, you can get your hands dirty on a variety of applications that have a responsible disclosure or vulnerability disclosure policy.
