How to get started in CyberSecurity?
Are you thinking to start a career in cybersecurity as a Pentest Engineer? The thrill of finding risks and vulnerabilities in different systems sounds exciting to you? We put together some resources that might be very helpful for someone that wants to start studying the basics of Pentests and jump-start their career in cybersecurity.
These are all some useful resources and guidelines, everyone’s path is different. Use our collection of information as a guideline, and don’t forget that learning is a process that will require time and effort. But most importantly will come with great satisfaction after each step is completed. If you are passionate, you’ll find a way.
- The Starting point
Any future Pentester should know the following basics before approaching a real pentest. It is important to have a bigger picture before starting to investigate the security of any application. Keep in mind that we don’t address a specific type of Pentest (such as a Web, or Mobile one) but rather a general approach. Here is what we think would be essential:
- How websites work: Requests and Responses, Headers, Methods.
- Learn the basics of Bash and Powershell.
- Basics of Operating Systems: How is the operating system organized (folders/directories, files).
- Basics of Operating Systems: Linux and Windows, how use the Terminal/Command prompt/Powershell console.
- Use Kali linux/Parrot OS (Specialized pentesting OS).
- Study programming concepts: variables, functions, data structures, classes.
- Learn a bit of programming languages: Python, C, php, C#, java.
- Learn basics of databases: mysql, mariadb, mssql, postgresql, mongodb.
- Basic of networking: TPC and UDP protocols, Public and private IPs, netmasks, sub-netting (network segregation), DNS, tunneling, VPN.
- Types of encoding (base64, utf-8, url, hexadecimal, binary).
- Common services and ports (SSH, http/s, SMB, RDP, ftp etc.).
The next step after you get comfortable enough with the above-mentioned, you can move on with:
2. Learning more about common vulnerabilities such as:
- SQL injections
- Cross-Site Scripting
- Command Execution
- Consult the OWASP top ten vulnerabilities: https://owasp.org/www-project-top-ten/
Understanding the most common vulnerabilities and risks will help you realise where to look next when analyzing a website, or another system.
3. Learn to use the following programs/commands, which are commonly used in Pentesting:
- Linux Kali
- Metasploit Framework
- how to use VMs
It’s important to always take notes and save as many useful commands, create a database that will be valuable when you’ll look for the same commands on the next projects. Here are some note-taking apps (Obsidian, cherry tree, OneNote).
4. Practice everything that you are studying with platforms such as:
- Hack the box
- Try hack me
- Vuln Hub
- Proving grounds
- Port Swigger Labs
- Recommended to participate in CTFs (capture the flag) to learn new tools and concepts, even though at the beginning you will not do much: ctftime.org.
As you start to understand more and more about cyber security, it would be extremely useful to apply this knowledge. The above websites/platforms are the best way to practice in safe environments.
5. Books that might be very helpful are the following:
- The Hackers Playbook 3
- Penetration Testing: A Hands-On Introduction to Hacking
- The Web Application Hacker’s Handbook
- OWASP Methodologies
6. The internet could help you very much in the process if you consult the right resources:
- Hack Tricks
- John Hammond
- PortSwigger articles
- Black-hat episodes (youtube)
- The Cyber Mentor
- Marcus Hutchins
- Articles on medium
- linpeas and winpeas
- ffuf, gobuster, wfuzz, dirbuster
7. Don’t forget about the #media resources that you can browse:
- The Hacker News (https://thehackernews.com/
- Facebook security groups
- Sub-reddits: netsec, oscp
- Discord groups
# Word lists – get familiar with using word lists, here are some examples:
- SecList (SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.)
- Rockyou (list of common passwords)
- Rockyou 2021
If you mastered everything above, we will present some advanced resources that you can focus next:
- Assembly (learn how an OS behaves at a granular level)
- Buffer overflow vulnerabilities: www.corelan.be
- Looking at exploits source code on github to understand how they work
- Cryptography: hashing, ssl, tls
- More advanced vulnerabilities: CSRF, SSTI, SSRF, XXE, SSRF etc.
And most important: Google,
Google is your best friend when you search for information. Also learn google dorking if you want to narrow your search (consult: google hacking database).
Passion and hard work will produce the expected result in time. Here at Cyber Threat Defense we have many colleagues that could testify for this, if you have questions or curiosities don’t hesitate to ask us. Cybersecurity is a complex and dynamic world waiting for new people to cross the threshold.
Read how it is like to work onsite in cybersecurity here: https://blog.ctdefense.com/working-onsite-in-cybersecurity/