If you’re reading this article, you shouldn’t begin the learning offensive security 🙂
Only joke. I don’t want to make it hopeless. But if I must be realistic, your way will be hard. We should talk about some soft skills for that after we will talk technically. Firstly, computer jobs come through easy for someones. In the reality, NOT. You may think this like a girl, you can laugh but I think similar things. You must struggle, love, understand, etc. In this field, you won’t know or do anything if you don’t challenge yourself. (Personally) If I give a list to you;
- You must read much more than others, this may about security or not. You must improve your mindset.
- You must be a researcher.
- You should know how to motivate yourself.
- You must think analytically.
- Sometimes you will work a lot for a while, you have to get used to working hard.
- Start the sport, the sport improves your nervous system. It allows you to tolerate most things and helps improve your thinking.
- Learn to relax with small rests. You will work harder, you will need this skill 🙂
- Learn how to learn.
Remember; when you give up, there are many people who will replace you, don’t give up.
Starting to the offensive security, really hard. Why? If you want to hack or defend a system, you must know this system how it works. And there are lots of systems 🙂 You can’t know everything but you must learn how to learn different things. For example, companies use “Active Directory” for management something, firstly you must know how to works active directory environment. At this point, lots of students ask “If I didn’t hear this term, how can ı search?”. Really nice question but the answer is easy. You should take a book or a blog site, you will read this. Later that, when if you don’t know any term in the book or blog, you will search into search engines. This is slow, I know but this technique comes through more percentage of success. And scientifically, it’s harder to forget the knowledge you’ve researched.
Let’s move on to the technical part.
In this part, we will talk about “where should we start before security?”. Because the security comes with some pre-requirements. For example you must know programming if you want to develop an exploit.
- Programming Basics: Programming teaches you analytical thinking, problem-solving. If you want to write malware, you will use programming for that 🙂 Or you want to hack a website, you should think like a developer. When you think of a developer, you may see the bugs easily.
- Networking: IT systems or machines talks to each other. What is this way? How does the communication continue? How do we understand this communication for hacking? You must networking basics like what is the mean of Port, IP, etc.
- Systems: You face systems everywhere. IT systems, computer systems, etc. How does it work? If you click a mouse, what is that function background? How does a processor work? How can you think to find a vulnerability in a processor without knowing them? You must know the basics of systems.
Now we can talk with sources. I present to you your best friend in this industry; The Search Engines.
Also you can use this sources and more;
- Codeacademy
- Hacerrank
- Algo.io
- Tutorialspoint
- Javatpoint
- Geeksforgeeks
- Online Learning Platforms
- Cisco Academy
- Github Sources
- Known People 🙂 You can read blogs and posts on social media.
- Stackoverflow, etc.
If you want to practice or paths;
- Tryhackme
- Hack the Box
- Cybrary.it ,etc
You can find lots of books and sources on the internet but I think firstly you must prepare your background and mindset. Every book teaches to you different things, this may not must a security book but every book or hobby teaches to you think different than others. Thinking differently than others helps to you more skillful cybersecurity guy.
Thanks for your time and interest.
Berk KIRAS – Cyber Security Consultant