Links

Getting Started in Cyber Security

Quick start: https://tryhackme.com/room/introtooffensivesecurity the above link is for those who know what cyber security is and just want to start trying it.
Below is a youtube video to start with, it helps explain some ways to get started in cyber security. It starts with giving the opinion to learn programming as it will help, but not rquired, especially if youre not into that thing, but if you do want to do that then it will always help.
Additionally, this is a 12 hour "training" course on youtube. it covers the basics of things you should be learning. Looks like a lot, but is a resource you can go over in your own time
Get started by getting a virtual machine installed on your laptop. Then you can run a “Kali linux” virtual machine, this is where you will do all your hacking from, this keeps your own machin safe then too in case you make a mistake. Youtube can show you how to do this. This is pretty much a bare minimum to get started.
This is a useful video on the top 5 things you need to get started with: (note, they’re not necessarily the same as the ones that I listed below)
The following are things you really want to learn. Learn what it is, how to use it, why to use it:
  • Nmap - this is a network mapping tool, used to identify what services are running on a target machine.
  • Bash – this isn’t a tool but this is the command line interface for Linux. This is where you would probably spend 80% of your time. So learning basics of command line is a must, such as changing directly (cd), listing files (ls), reading a file (cat) etc.. There are sites to help you learn this too in the form of a game/challenges - https://overthewire.org/wargames/ or watch this video to help. Again, old video but its good. https://www.youtube.com/watch?v=b5NmtmNwMgU&list=PLW5y1tjAOzI2ZYTlMdGzCV8AJuoqW5lKB
  • SSH – This is called secure shell. This is a program, via command line, that lets you connect to other servers. Example of usage: “ssh [email protected]” this would then log you in to my server via command line (assuming you had the password) – you will need to use this for “overthewire”
  • DNS – DNS is what makes web sites (and other machines) know how to find each other. Its basically what directs a name like “bbc.co.uk” to point to the IP address of the actual BBC server that runs the website. Its much easier to remember the bbc.o.uk than it would be to remember every IP for every website e.g. “212.58.244.210”. but along with this generally learn how websites work. How do they show on the internet, what do you need to load your own etc.. This is a good, but very old, video: https://www.youtube.com/watch?v=2hMkSNiBPvE&t=3s I have done work with this guy and his channel in general is great! “Hak5”
  • Learning basic web app vulnerabilities (those found in “OWASP top 10” ideally) you’ll likely want to use a tool called “ZAP” or “burp” as this is where the start of your web app journey will take you anyway.
Below are a few resources that should get you going, with a litter description for each to make it less daunting. Do remember though, that at first, it may seem a little tricky, but its likely an entirely new field to you so it will take some getting used to but hopefully they will help. Feel free to message me at any time with any question and I’ll certainly do my best to help.
Another good practice site for hacking. Probably the more beginner one. Its advertised as high school level friendly.
This is a fun site. Free to join also. Start with “basic” on the left, under “challenges”. If you struggle, which you might if its your first time then perhaps watch some youtube videos again to get the gist of what to do.
This is good for beginners right up to experts to practice. It gamifies hacking and least you learn certain areas of hacking with hands on training.
This one is my favorite but is probably a little more advanced to be honest, but is the most fun (for me). Plus, there are plenty of youtube videos around showing how people do stuff but you really need a basic understanding of hacking and tools first to be honest but its good for your list for later.
I can’t really pass too much comment on this one as I haven’t used it but its supposed to be a beginner-friendly way to get into hacking so might be of use for you.