Lrning to become is not as sy as lrning to become a software developer. I rlized this when I started looking for lrning resources for simple people do. Even to start doing the simplest on own, a requires to have in depth knowledge of multiple topics. Some people recommend minimum knowledge of few programming languages like C, Python, HTML with Unix operating system concepts and networking knowledge is required to start lrning techniques.
Though knowing a lot of things is required, it is not rlly enough for you to be a competent and successful . You must have a passion and positive attitude towards problem solving. The security soft are constantly evolving and therefore you must keep lrning new things with a rlly fast pace.
If you are thinking about ethical as a career option, you may need to be prepared for a lot of hard/smart work. I hope these free resources will help you speed up on your lrning. If you decide you pursue ethical as a career option, you may also want to rd somein depth ethical books.
A lot of people (including me before doing resrch for this article) think that they can become a using some free tools available on web. Its true that some common types of can be sily done with help of tools, however doing it does not rlly make you a . A true is the one who can find a vulnerability and develop a tool to and/or demonstrate it.
is not only about knowing "how things work", but its about knowing "why things work that way" and "how can we challenge it".
Below are some rlly useful tutorials and resources you may want to explore in your journey of lrning to
For Dummies - Beginners TutorialsThese tutorials are not rlly simple for anyone who is just starting to lrn techniques. However, these should be simple starting point for you. I am sure you have different opinion about complexity of ch tutorial however advanced are going to be calling this a job of script kiddie (beginner ). Even to acquire the skills of a script kiddie you need to have good understanding of computer fundamentals and programming. Tutorials for Beginners- By BrkTheSecurity.comHow to lrn Ethical - By Astalavista.comPenetration Testing Tutorial- By Guru99.comBacktrack Penetration Testing TutorialIntroduction to Penetration TestingInformation Gathering with NmapSimple How To ArticlesBy Open Web Appliion SecurityThe Six Dumbest Ids in Computer SecuritySecure Design Principles10 steps to secure softwareCryptography Related TutorialsCryptography is must know topic for any aspiring security professional or a ethical . You must understand how encryption and decryption is done. You must understand why some of the old encryption techniques do not work in modern computing world.
This is a important ar and a lot of software programmers and professional do not understand it very well. Lrning cryptography involves a lot of good understanding of mathematics, this mns you also need to have good fundamentals on discrete mathematics.Introduction to Public CryptographyCrypto TutorialIntroduction to CryptographyAn Overview of CryptographyCryptography Tutorials- Herong's Tutorial ExamplesThe Crypto Tutorial- Lrn How to Keep Secret SecretIntroduction to cryptology, Part 1: Basic Cryptology Concepts
Websites For Security Related Articles And NewsThese are some websites, that you may find useful to find related resources and articles. A lot of simple tricks and tips are available for experimenting through these sites for improving yourself to become advanced .
In recent yrs, many people are aspiring to lrn how to . With growing interest in this ar, a lot of different types of practices are evolving. With popularity of social networks many people have inclined towards vulnerability in various social networks like facebook, twitter, and myspace etc.
Continuous lrning about latest security issues, news and vulnerability reports are rlly important for any or a security professional. Some of the sites that keep publishing informative articles and news are listed here.http://www.astalavista.com/http://packetstormsecurity.com/http://www.blackhat.com/http://www.metasploit.com/http://sectools.org/http://www.2600.com/DEF CON - conferencehttp://www.brkthesecurity.com/http://www.-tutorial.com/http://www.evilzone.org/http://aday.com/http://www.hitb.org/http://www.thissite.org/http://pentestmag.comhttp://www.securitytube.net/https://www.ssllabs.com/
EBooks And WhitepapersSome of the resrch papers by security experts and gurus can provide you a lot of information and inspiration. White papers can be rlly difficult to rd and understand therefore you may need to rd them multiple times. Once you understand the topic well, rding will become much faster and you will be able to skim through a lot content in less time.Handbook of Applied Cryptography- This ebook contains some free chapter from one of the popular cryptography books. The full book is also available on amazon atCryptography Book.Network Penetration testing GuideHow to anything in JavaMcafee on iPhone and iPad SecurityA Good Collection of White papers on security and vulnerabilities- This site contains collection of white papers from different sources and some of these white papers are rlly worth referring.Engineering Principles for Information Technology SecurityBasic Principles Of Information ProtectionOpen Web Appliion Security Project- OWASP is one of the most popular sites that contains web appliion security related information .
s & Play ListsThose who like to watch tutorials, here are few I liked. However there are many small available on youtube. Feel free to explore more and share with us if you like something.Cryptography CourseBy Dan Boneh Stanford UniversityOpen Security Training- Youtube Playlist of More than 90 hours. I have found this to be the biggest free training available for security related topic.OWASP AppSec USA 2011: Youtube Playlist containing compilation of OWASP conference highlight in 2011.Defcon: How I Met your Girlfriend- Defcon is one of the most popular conference. The presenters in this conference are well know inside the industry.Defcon: What happens when you stl a s computerDefcon: Nmap: Scanning the InternetPublic Cryptography: Diffie-Hellman ExchangeWeb appliion Pen testingIntro to Scanning Nmap, ing, Amap, TCPDump, Metasploit
Forums For s And Security ProfessionalsJust like any other ar, forums are rlly grt help for lrning from other experts. Hundreds of security experts and ethical/non-ethical s are willing to share their knowledge on forums for some rson. Plse keep in mind to do enough resrch before post a question and be polite to people who take time to answer your question.Stackoverflow for security professionalshttp://darksat.x47.net/http://forums.securityinfowatch.com/http://forums.cnet.com/spyware-viruses-security-forum/http://www.forums.net/forumdisplay.p?fid=47
Vulnerability Databases And ResourcesVulnerability Databases are the first place to start your day as a security professional. Any new vulnerability detection is erally available through the public vulnerability databases. These databases are a big source of information for s to be able to understand and /avoid/fix the vulnerability.http://www.-db.com/http://1337day.com/http://securityvulns.com/http://www.securityfocus.com/http://www.osvdb.org/http://www.securitm.com/http://secunia.com/advisories/http://insecure.org/sploits_all.htmlhttp://zerodayinitiative.com/advisories/published/http://nmrc.org/pub/index.htmlhttp://web.nvd.nist.govhttp://www.vupen.com/english/security-advisories/http://www.vupen.com/blog/http://cvedetails.com/http://www.rapid7.com/vulndb/index.jsphttp://oval.mitre.org/Product Specific Vulnerability InformationSome of the very popular products in the world require a special attention and therefore you may want to look at the specific security websites directly from vendors. I have kept Linux. and apache in this list, however it may apply to any product you may be hvily using.Red Hat Security and other updates Site Products Security BulletinApache Foundation Products Security RepositoryUbunut Software Security CenterLinux Security Repository
Tools And Programs For / SecurityThere are dozens of tools available for doing different types of and tests. Tools are rlly important to become more productive at your work. Some of the very common tools that are used by s are listed here. You may have different choice of tools based on your own comfort.nmapNSSingTCPDumpMetasploitWiresharkNetwork StuffNiktoSummaryI have tried to compile some of these resources for my own reference for the journey of lrning I am going to start. I am not even at a beginner level of becoming but the knowledge of this field rlly fascinates me and keeps me motivated for lrning more and more. I hope will be able to become successful in this.
A lot of people use their knowledge skills for brking stuff and stling. I personally think that doing harm to someone is a wk choice and will not have a good ending. I would recommend not to use your skills for any un-ethical endvor. A single misuse of your skill may jeopardize your career since most companies do a strict third party background check before they hire a ethical or a security personal.
There are dozens of companies looking for ethical s and security professionals. There are rlly good of opportunities in this ar and its rlly niche compensation segment. You will be sily able to get a decent job without even acquiring all the expert level skills to become a pro .You Also try so make perfect in Android egory because when you out of house you have no laptop (your hrt ) ,you lrn android and the show is must go on.
No comments:
Post a Comment