Cyber Security; Beginner Roadmap
I previously wrote an article on How to be a Hacker, and I mentioned taking courses and practicing in Safe Environments. We will be taking a more precise look at that.
We will be exploring a Beginner to Expert Roadmap as designed by Tux in the infographic below
tryhackme.com provides a wide variety of security topics you can select from. These security topics give you access to different vulnerable machines and they are to be scanned and exploited with different tools for you to be able to complete the given tasks. Although there are certain aspects where you would require premium access, most of it is free. Every learning path comes with a different cybersecurity topic and they are very crucial to understand various concepts. TryHackMe Network can be connected to via OpenVPN in order to deploy machines / various Operating systems and carry out exploits.
immersivelabs.online is a gamified learning lab that is developed by experts as an emulation of world-class security threats. It allows you to visualize your capabilities as Hacker, practice with the latest discovered security threats, and earn points for completing labs. It has over 600labs, and it's one of the coolest places to hon your skills
hackthebox.eu is very much hard than the previous two because you can't sign up directly, you have to hack your way into the platform. It is focused on practicing your skills and it comes with a Social Network feeling as you can connect with millions of hackers on the platform, share ideas, methodologies, and even compete for the Leaderboards. But It also has an Academy, if you need to review your knowledge or learn new concepts.
VulnHub.com provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications, and network administration tasks. VulnHub offers offline virtual machines, allowing users to practice without competing with other learners. There’s no need to worry about consistent internet access, high pings, or latency. Users can set up their own private labs to practice and learn new skills.
PEH by tcm is a 25 hours course by TCM Security, it is one of the best-paid courses you can ever get. It is recommended to have a hackthebox account before starting the course. They focus only on tools and topics that will make you successful as an ethical hacker, it is completely hands-on and covers all foundational topics.
Once you have quite an experience in all of the above, you can decide to test your credibility and prepare for employment by getting the certifications, We will discuss below.
eLearnSecurity Junior Penetration is designed for students with no penetration testing experience, as shown in course content, the instructor’s mode of teaching, and the lab modules. The course teaches about practical skill-sets that are important to penetration testing such as networking knowledge, scripting/programming, vulnerability identification, etc. It has a fairly great structure and is delivered in the easiest way to understand. Although you can proceed to the certification without the course, it is still very recommended you take the course.
Offensive Security Certified Professional is an ethical hacking certification offered by Offensive Security that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution (successor of BackTrack). The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment.
eLearnSecurity’s Certified Professional Penetration Tester is a comprehensive, “black box” engagement against a given scope. You have seven days to complete the engagement, and another seven days to complete a professional penetration test report.
Offensive Security Certified Expert is a 48-hour lab examination that will thoroughly test you on web exploitation, Windows exploit development, anti-virus evasion, x86 assembly, handcrafting shellcode, and more
Certified Ethical Hacker (CEH) is a qualification obtained by demonstrating knowledge of assessing the security of computer systems by looking for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system.
Cyber Security is one of the most expensive fields, You are required to do a number of exams and certification. Unlike Software Development, These certifications are very crucial, They are more or less like a "Get out of jail free" Card.
Thanks for coming this far with me, I might be writing soon on preparatory exams for the above certifications
References: medium.com/cybersecpadawan/ecppt-certified-.. Wikipedia