Cyber Security Beginner Roadmap

The 9th edition of the Tech Journey Newsletter

Author

Alex
February 05, 2023

Hi, this is Alex, and welcome to the new edition of Tech Journey,

Today I would like to talk about hacking or more formally - cyber security. As our lives are more integrated into the digital online world, the need for information security professionals is increasing.

Cyber security is quite varied and there are a lot of paths to learning: from the development of security software, analysis, and creation of security policies to hardware hacking and penetration testing. Everyone will find here something interesting.

And 2023 is the great time to start, there are lots of resources you can learn from and practice, so let's discuss what skills you need to become a cyber security specialist.

First, you need to master operating systems: Linux, and Windows.

Learn terminal/cmd commands, how permissions/privileges are set, system services, etc.

The following course might be useful

Operating Systems and You: Becoming a Power User

Offered by Google. In this course -- through a combination of video lectures, demonstrations, and hands-on practice -- you’ll learn about ... Enroll for free.

https://www.coursera.org/learn/os-power-user

You as a security specialist will hack apps and you need to know how they are communicating - learn networking:

The Bits and Bytes of Computer Networking

Offered by Google. This course is designed to provide a full overview of computer networking. We’ll cover everything from the fundamentals ... Enroll for free.

https://www.coursera.org/learn/computer-networking

Network+ Certification Course | Cybrary

Cybrary's Network plus training will prepare you for your CompTIA Network+ certification. What are you waiting for? Begin today!

https://www.cybrary.it/course/comptia-network-plus/

Next, you need to learn the programming language. I suggest you check python or golang. Learn basics: if-else statements, loops, data types, and how to read and write from/to files. That will be enough to start.

Then learn basic security, you need to be familiar with common terms, vocabulary, topics, etc:

CompTIA Security Plus Training and Certification Prep Course

Earn your CompTIA Security Plus certification or just learn cybersecurity online! Cybrary's CompTIA Security Plus training is for you.

https://www.cybrary.it/course/comptia-security-plus/

Some people say you must have "that" or "this" certification to work as a cyber security specialist. From my personal experience, it is not necessary. Your hands-on experience is much more important, in other words, you need to do more hacking to be a hacker 😏 Therefore rely more on gaining hands-on experience than any certifications

Now as you already grasped the basics you should start practicing hacking

You need to get familiar with common Web Application vulnerabilities, so check OWASP TOP 10:

OWASP Top Ten | OWASP Foundation

The OWASP Top 10 is the reference standard for the most critical web application security risks. Adopting the OWASP Top 10 is perhaps the most effective first step towards changing your software development culture focused on producing secure code.

https://owasp.org/www-project-top-ten/

Then learn it in practice:

Web Security Academy: Free Online Training from PortSwigger

The Web Security Academy is a free online training center for web application security, brought to you by PortSwigger. Create an account to get started.

https://portswigger.net/web-security

To practice more on Web hacking and Network pentesting take a look on:

  • https://www.hackthebox.com/

  • https://www.vulnhub.com/

  • https://pentesterlab.com/

  • https://tryhackme.com/

Share your learning online: create a portfolio website on WordPress or GitHub pages and collect there all your finding and thoughts

Read published bugbounty reports, e.g. from hackerone, and learn new techniques from them

This is just the beginning, but you will already have a base, and then you can choose for yourself what to learn next

I hope this has inspired you and given you an idea of how to start. Thank you for reading 😎

Alex