What is Reddit's opinion of
Cybrary?
From 3.5 billion Reddit comments
100 reviews of this app found across Reddit:
Well, let's start at the beginning. For Networking, I recommend https://www.cybrary.it/course/comptia-network-plus. Actually, all of Cybrary is your friend, and it's free.
As for security, the KLCP is a GREAT place to start (http://kali.training) and it's also free. I'd start there. Follow the online book/PDF and do all the exercises. This will give you a foundation. Play, play, play on your own VM's (never on other people's sites) and it will come together for you.
OSCP is the "mic drop cert". In my opinion, it's the only cert in our field that proves you can perform, under stress and get the work done.
Disclaimer: I am an employee of Offensive Security, but opinions are my own and my honest opinion.
There are so many free sources of information, why start by paying?
Check out cybrary.it, they offer a good ethical hacking course. https://www.cybrary.it/course/ethical-hacking
Check out ProfessorMesser on YouTube and go through his networking and security+ video playlists.
Pick up a book (dummies guide to hacking? Idk that's up to you) ((I started with networking for dummies))
Have the mindset that your preparing to get a certificate in network+, security+, or a CEH
learn how to install Linux, get used to it, learn the basics. Learn how it works. (For ethical hacking just pick up Kali Linux)
Stay away from the crappy YouTube tutorials that are some guy breathing into the mic and typing in notepad.
Best YouTube channel to start is Hackersploit. Another great way to start is to go to vulnhub, a virtual machine program, and watch walkthroughs as they explain things and do it for yourself it’s actually really fun!
If you are more of a person who writes notes down and likes a class-like structure I would recommend https://www.cybrary.it/
Additionally, you can always come back and message nearly anyone on this board for help. Hope this helped!
Thanks a lot. I graduated with a degree in Computer Science about 15 years ago. I have a CEH certificate but that's my only certification. I was fortunate to gain a lot of experience with the company that laid me off over the 10 years I was there and move from a Specialist/System Admin to a manager.
Check out https://www.cybrary.it/ . They have free courses and certifications for just about any IT cert you could want.
I just wanted to post this here for those who may be depressed about dropping out of college or not going to college. Dropping out of HS may be harder to accomplish this though. Look into IT. There is a lot of great free training for IT. You can do some basic level stuff by using your at home computer (if you have one) and downloading a VM to test some things.
Some of the best free training the internet has to offer. I'd recommend A+ if you're really new to technology. Net+ and Sec+ are great for network engineer and security engineering. Both are entry level certs/training. Training courses on Linux, Windows, and Admin are also great. Don't have to take the certs, just get some training with them.
There are a lot of small companies who will accept jobs applied to IT if you have the skill set and have some labs/computers you've messed around with in your free time to show you have real world experience with it.
You can probably make 30-35k without a degree if you have the skill set and ability to do it. If you go for an IT degree and keep your GPA up above a 3.0, you can easily make 50-60k right out of the door. IT degree (at least when I went) didn't require a lot of math either. I think it only went up to calc 1. If you go into cyber security and focus on cyber security electives, that is a very high demand job. But it is also demanding on what skills they want you to have. On the other hand it is constantly evolving/bleeding edge, challenging, and pays very well right now. Plus cyber crime is becoming more forefront and you feel like a badass when you tell people you work to prevent cybercrime
I'm definitely not saying this because I feel like there is a huge lack of good sys admins in a lot of areas (I am and it sucks).
If you have any questions, please feel free to ask.
This is why I told you on your other post that you should learn hacking 6 days a week and work on coding on the 7th day. Wow I use to ask questions like you haha. I'm talking to my younger self, I know you must feel annoyed, stressed and lost lol.
But you need to work on hacking before you work on coding. Coding is used in hacking by making your own tools. However you can't make any tools to hack anything, if you don't know how to hack in the first place. This is why you need to work on hacking more then working on Coding. Like I just told you 30 mins ago, coding and hacking are not the same thing. They are not of the same world. They are separate worlds that talk to each other.
Use this, watch all the video in order and do as they do: https://www.cybrary.it/video/scanning-whiteboard/#
Do you know what a VM is? Do you know what Linux is?
Download Virtual Box install Windows 10 and Kali Linux. Then watch all the videos on the link I have gave you. Watch them in order. If they talk about something you don't understand. Use google. If google is not helping you, then ask on here.
Hacking is basically finding vulnerabilities in a System. In order to do that you have to know how things work. The link I gave you will go over all of this.
When you on done with that. Give these a try:
http://overthewire.org/wargames/
https://tehaurum.wordpress.com/2015/06/13/metasploitable-walkthrough-an-exploitation-guide/
As you do these things you will run into stuff you do not understand. USE GOOGLE, before asking. For example ls can be googled.
thezoo for samples, Youtube for learning. Hackaday started a series a couple days ago.
Cybrary has courses for it, but only through their subscription. There's a discount running to the end of the month with them.
“scanning is not hacking”
It is phase 2 of penetration testing. Which, if it's not authorized, is an attack. Or hacking. Your choice.
https://www.cybrary.it/2015/05/summarizing-the-five-phases-of-penetration-testing/
Hi there! I used cybrary.it after learning the basics to help me get more in to security, and they do have a course specifically for Python. The website is free to use, and I personally enjoyed it a lot when first starting out:
Check out cybrary.it.
Free courses from CompTIA Security+ all the way to CISSP.
Currently working through the Ethical Hacker course (for CEH) then I'm going onto the forensics course.
All good stuff and all totally free!
I just passed recently, used some info I got from /r/cissp for materials, here are my four recommendations
The Eleventh Hour - It's a 250 page book that's real digestible and covers a lot of the key concepts
Boson's Practice Tests - The hardest and closest to the CISSP I've seen for practice tests
The official CISSP Prep book by Sybex. This is good for all the stuff you find yourself not finding in the eleventh hour and constantly getting wrong on the exam.
https://www.cybrary.it/course/cissp/ This is also a good set of training videos to watch that covers concepts pretty well.
Edit: Adding in some more details
Been in Security for around 6 years. I have GCIH, GPEN, Sec+, CCNA RS, and am in the process of finishing out my B.S In Cyber Security while I work as an ISSO. I put around 200 hours or so into studying before I tested. This is including practice tests, videos, and reading. I found myself doing at leaast 2 practice tests a week, and changing the test source when I could to avoid only getting to know that test bank.
The last recommendation I can give for the test itself is that usually you can eliminate two, and most of the time there is one that is either more managerial or one that is much better worded than the other, it's usually that one.
First, relax. Second breath. Here in Germany, if you don´t come from a university you need to do a apprenticeship. It takes about 3 years, you work in a company and go to visit a school. After 3 years you are a junior admin, and you have learned more than basics. After one year in the IT i know still nothing compared to my knowledge now. Don´t push yourself to hard, it´s not neccesary.
Have a look at https://www.cybrary.it/ free online trainings for different levels ( beginner, experts etc. ). It´s a good way to learn.
Just start here.
First you have to learn the basics of how computers and networks work.
Start here:
I'd recommend backing up and going to textbooks and/or papers that others have written. Since you're starting fresh, I'd recommend starting from the 10,000 foot view. What are the steps to a penetration test?
Here are a couple links to help:
https://www.sans.org/reading-room/whitepapers/auditing/conducting-penetration-test-organization-67
https://www.cybrary.it/2015/05/summarizing-the-five-phases-of-penetration-testing/
Getting really good (and I mean reallllly good) at the first few steps in a penetration test will make the rest a breeze.
Edit: Without knowing your technical prowess, I'd can recommend the Certified Ethical Hacker (CEH) book. While it isn't very technical, it does a good job at setting the mindset, steps, and goals of a pentest.
If you are a vet: sign up - http://www.blogs.va.gov/VAntage/30058/veterans-can-take-advantage-in-free-cybersecurity-training/ Lots of classes 80+
Also Cybrary has some free videos - https://www.cybrary.it
There are some hidden gems on YouTube, you can lookup some older certification classes that still have a good bit of relevant information.
They have loads of free courses, so why not start with those and see if you like them? They seem pretty good to me, covering aspects of cyber attacks outside of terminal commands, actually profiling a company/target and compiling reports for them, as well as getting down to analysing network traffic, crafting packets etc.
I recommend using this site https://www.cybrary.it/ i use it and it's extremely helpful they have tons of free videos on getting certified, if you need any books send me a message I have a few PDFs my professor gave me for Linux certified and other classes.
When covering cyber security, I'd recommend Cybrary, they offer free training that covers qualifications like HIPAA and CISSP. The guy's voice can be a little annoying at times, but I found it to be pretty well made and very useful when I was working in the field.
As for pentesting, Kali Linux should come in handy to help you play around. Learning Python and Ruby will also allow you to develop modules for the Metasploit pentesting framework and for general pentesting. Violent Python and Black Hat Python are also pretty useful books for hacking and pentesting in Python.
Also, learn to use the command line if you don't already know how to.
Long game here. Enrol to one of many IT and cyber security training courses. Find a study pal. Study like there is no tomorrow. Optionally get a certificate on course completion. Regardless of the field you are in IT will add up to your value. Progress in your field. Get a pay raise.
There are hundreds of free and nominally priced trainings https://nationalcareers.service.gov.uk/find-a-course/the-skills-toolkit https://www.cybrary.it udemy etc.
Cool. Start here.
and cybrary.it, as they have a ton of free courseware on cybersecurity. But of course it helps to know some programming, I would learn some Python if I were you, as that's probably the biggest language in the industry ATM. (unless you are doing software security auditing, like reading code, then you need to learn Java/.NET)
ask for this for christmas:
There are also free courses online, for example:
Also check out /r/HowToHack
I was going to say check out the Military.
I'm a Brit so it's a bit different here, but I think you could get a military scholarship where they pay for the Uni time and work.
Intelligence / Signals are what I would look at for Comp-Sci and Software development.
Have a word with a recruiter, but take EVERYTHING they say with a massive pinch of salt. Don't let them bully you into a shitty job and get the trade that you want.
It'll be hard. No sugar coating on that. But in the long run, it'll get you where you want to be.
(after a bit of googling...)
Check out your eligibility for the USAF Academy.
Like I said, that's not going to be an easy road, but it will set you up well...
Good luck!
(This bit is going to sound harsh! Sorry in advance!)
And as others have said, suicide is never the answer! That's really a dick move! NOTHING is ever going to be that bad.
As for your parents, I know you (probably) still love them, even after this, but getting out on your own, away from them will make you a better person than they could ever hope you could be.
It's hard, but look on this as an opportunity. Shove your success back in their faces and make them eat every fucking mouthful of it.
Edit-
Oh yeah, have a look here: cybrary.it
Free computer courses, from the basic certs, all the way up to CISSP training.
(This is quite nearly exhaustive, despite their stated humility.)
I would add the concept of layers.
Also, there is a massive threat map out there and it's growing every day. There is a portion of this threat map you will never be able to beat (zero days, NSA, etc.) and you are going to have to accept that.
Then you need to start by learning about systems, networking, and programming. Hacking is a skill you pick up after having a solid grasps of the basics.
There are plenty of free resources online for self-study.
Cybrary is one example.
There are also testing centers in South Africa for CompTIA certifications (such as the A+, Netowrk+, and Security+). Those are great places to start to get the skills and resume you'll need to get into the field.
That was one of the first Udemy courses I took, and I liked it well enough to give it 4 stars. I see that some material has been added, so I'll have to go through it and see what I missed, but overall I like Jerry's courses very much. The hacking course that I liked best at Udemy was this one, which I probably bought on sale for $10, give or take a little. Having bought a course, you'll be getting emails regularly with some really good deals.
Right now I'm taking this one from Cybrary, which is free but excellent. I'd advise you to take several of this kind of course, as each instructor has his own style and favorite set of tools. If you learning as much as you can from each, you will gain versatility and a broad perspective of the field.
Best of luck.
Not necessarily an app but I've found the site cybrary incredible good for this purpose, they have full bootcamps available at their site and all for free: https://www.cybrary.it
You can access all the videos using Chrome, hopefully they might release an app soon
Certifications. A+ cert is a great place to start. If you need learning materials, check out cybrary, Its free. Certifications are what this industry runs on. Get them and you should be able to find an entry level job as help desk really easily.
Hi u/gibson_mel, yes I can. I have several courses on Cybrary and have developed course material for Franklin University in Columbus, Ohio. Feel free to send me a direct message so we can talk about it!
The trick to becoming a proficient hacker is having a core grasp of the fundamentals of networking, system administration, and programming. If you can find a job doing it I would recommend you spend some time in IT setting up desktops, servers, networks, and etc. These skills are so much more important that memorizing the parameters for an nmap scan.
That being said here are some resources to get you started on the basics. * Basic Linux Usage * Basic Networking * Basic Programming Concepts
If you can, read Georgia Weidman's "Penetration Testing: A hands-on introduction to Hacking" and also watch her advanced penetration course on https://www.cybrary.it/ This will give you a good feel for what's coming in the OSCP. Also, as others mentioned, do Vuln Hub and HTB.
There was a point in time when I also wanted to get into the Cyber Security field before falling in love with programming as a whole. I spent a good deal of time on https://www.cybrary.it/ and I studied for my CompTIA certifications using their free courses. They have some decent (albiet, very long and in-depth) courses on many subjects in the Cyber Security field. Check them out, see if that helps you!
download vmware player for free. download newest version of centos and play! cybrary.it also has a free linux+ course
when you get it installed save a fresh snapshot of the vm so when you break it you can always revert back to it
Penetration testing is just one sub-section of the entire field of cyber-security, which is growing at a rapid rate. There's currently a massive shortage of (trained) professionals for the field, with Forbes estimating 1 million openings this year.
Beyond penetration testing, you can do:
- Risk analysis
- Incident response
- Digital Forensics
- E-discovery
- Cyber law
- System construction
- Threat and Vulnerability management
- Security software engineer
- Malware analysis
- Web app security
- Security Operations Center Analyst
- and more...
The great thing about the growing field is often times companies will train you on the job, both public and private sector, if they choose to hire you. There simply aren't that many colleges or schools providing training. If you have the money and time, you can check out SANS courses; otherwise, there are tons of resources out there like cybrary (I haven't tried this yet - heard about it from a friend) or hackthissite.org. If you're currently in college, your school probably might have at least one intro security course.
On another note, if you speak english and read/write fluently in mandarin, Japanese, Russian, or other eastern europe/asia languages, companies will bend over backwards to hire and train you. Very valuable skill when a lot of attacks come from that area.
Really surprised this is so far down this list...
> Also Cybrary has some free videos - https://www.cybrary.it
Thanks for the link, that seems to be a really cool site. :-)
This http://imgur.com/a/rrNlX is fucking annoying though. And FF's inspector mode is really slow sometimes, unfortunately.
So this subreddit is more for hacking news, your question is more suited for /r/HowToHack but I'll give a go at answering it anyway.
I might not be too much help(I just started learning my self) but this course seems pretty good, it's free too. Also this guide (although rather blunt) may be of use.
p.s. A lot of people will just say google it but tbh that's not much use if you don't know what to google so don't get disheartened, everyone started somewhere.
Hope this helped and good luck.
> Topics include: Intro to social engineering, exploitation lifecycle, digital information gathering, targeting, digital profile reduction, psychology of social engineering, elicitation, pretexting, cold calling, bypassing physical security, post exploitation, binary evasion and more. > > Tools include: Kali Linux, Social Engineering Toolkit (SET), Google, Maltego, Scythe Framework, Recon-NG Framework, Creepy, Portable Virtual Box, Metasploit, Hyperion & Veil
I don't generally read books as I learn more from watching/doing but I would look at https://www.cybrary.it/ - I've recently found out about it and I keep returning to watch more. It is really great for all sorts of certification.
https://www.cybrary.it/, https://www.udemy.com/learn-the-basics-of-ethical-hacking-and-penetration-testing are the first two that come to mind for very basics. If you can afford it, SANS and Offensive-Security are top tier. You can start running yourself through scenarios and build your own lab and get vulnerable VMs up to test. Get a few books and just start learning by doing. Try to get involved in as many CTF events as possible to get practice. Other than that, I can't think of any type of local schools. Charleston ISSA (http://www.charlestonissa.org/) has had training sessions in the past at a cost, and holds monthly meetings as well. Good Luck!
Great, if you want learn you are going to have to put the work in to do it. This isn't something that can be taught to you quickly, it is a multi year process, and you are going to need to figure out how to teach yourself. With that being said. A lot of people come at this the wrong way, and I think it makes it hard to be successful in your learning goals. The advice I give is that in the beginning don't focus on the hacking part. Focus on learning how systems work, are administered, and how they talk to each other. Once you have a solid grasp of these fundamentals learning to hack will come much more naturally.
You need to learn the basics first. Networking, Computer Administration, and some programming.
Start here.
Retired USAF, in order of helpfulness
- Kelly Handerson Cybrary videos (Free) https://www.cybrary.it/
- Boson Exam Simulator ($100, but you can normally find a coupon) https://www.boson.com
- Mind Palace, a summary of the 8 domains (Free) https://docs.wixstatic.com/ugd/dc6afa_8c67473616554dde87c53cc036bc170b.pdf
- Sybex online test (link can be found in Sybex book, possibly in Safari in AF Portal)
- CISSP Discord server
- IT Dojo youtube vids
As far as the military doing things differently, not so much and many things are exactly how the military tries to do them. The level you are in the enterprise probably plays a large part in that statement but please feel free to ask about how a subject relates to the military.
How about you learn something about networking instead of focusing on how to be a dick in video games? Although learning the aforementioned information will actually give you the answer to your question.
A lot of it does come down to tinkering. You do learn a lot about how to navigate various softwares (e.g. getting a feel for how task bars work, there's a lot of overlap) and how to solve some basic problems on your computer. That's certainly a first step. Think about the baby boomer generation, for example, they sometimes do not have the same internalised instinct millenials have to look for the 'settings' tab, etc, to try and sort out whatever is going on.
Other than that, there are some great resources out there to learn more about hardware, software, hacking skills, web security, etc. Here's my fave resource for that: Cibrary
> though that I should start by trying to get into a security camera that’s just a couple meters away from.
Not a great place to start, focus on the fundamentals first.
Sure. I'll play along. Start here.
You had it right, aggregation is pulling the data together, essentially asking all of the questions that you can. Inference comes when you use that information to come to a conclusion. Basically, in the context of aggregation/inference, if you're coming to a conclusion, it's inference. If it's gathering data, it's aggregation. You'd need to provide more info on the payroll question, neither of those are really an attack. Aggregation and inference are threats to databases/information.
Check out Kelly H's video if you haven't seen it, she shows a good way of understanding inference/aggregation with the talk of her friend figuring out another was pregnant:
https://www.cybrary.it/s3ss10n/aggregation-inference-and-polyinstantiation/
Cool. Start here.
You'll be wasting your time. You've got RHCAS/CCNA and some Python - you're ready for OSCP.
If you want to overprepare, buy a HTB VIP membership and blast through as many boxes as you can, taking detailed notes as you go (ideally using a report template). If you want basic outline of the course material, check out Georgia Weidman's free course: https://www.cybrary.it/course/advanced-penetration-testing/
You can buy books if you want, but if you are a total beginner you need to study the fundamentals first. Start here.
Cool Start here.
I recommend cyberdegrees website.
There are dozens of factors when it comes to college. Location, financial status, interest in research, employment opportunities, courses, etc. We can recommend you any college, but it's up to you to figure out which one is perfect for your individual needs.
Cyberdegrees also lists off career paths. Take this security engineer example. It lists skills, what education you need, certifications, etc.
What interests you? Breaking into systems? Investigating crimes? Analyzing where an attack came from? Digging through hard drives? Programming tools? Malware analysis?
Your interest will change a lot from now until graduation. You might end up pursuing pure CS instead.
The best place to start would be cybrary and seeing which of the courses you like. Combine that with learning more coding and working on projects.
This course - https://www.cybrary.it/course/advanced-penetration-testing/ - covers how to attack from the web using cross-site scripting, SQL injection attacks, remote and local file inclusion and how to understand the defender of the network you're breaking into to. You'll also learn tricks for exploiting a network.
Best place to start is the retired machines and following ippsec's tutorials
As a free user, you get access to the two most recently retired machines for a week, and since ippsec promptly posts videos as soon as a machine retires, you can learn the process that way.
Other than that, this Advanced Penetration Testing course from Cybrary introduces most of the same concepts as the PWK course. You can also download a vulnerable VM like metasploitable2 and use that to practice your attacks
If you're really interested, have you heard of Cybrary?
Free video courses, including some awesome security courses for beginner, intermediate and advanced levels. You can even get certifications. They have a payed Pro subscription with some benefits like a mentor and labs and also some payed courses so you're not paying with your privacy to keep it alive. Have a look. They're pretty well know afaik.
There is a brand new series. There's a cost though.
https://www.cybrary.it/cybrary-live/isc2-cissp-certification-course/
​
The one i used / have been using is CCNA Cisco Certified Network Associate Study Guide. It covers the fundamentals and goes deep into important concepts. Otherwise you can also use Cybrary. (https://www.cybrary.it/). This is also an excellent resource for beginners. I would start of with Cybrary because the courses are free. you can go through the networking one. Once you have done that, read the book while learning terminal. this will give you the necessary fundamentals to get into kali linux. Its gonna be a rough road but once you master basic concepts, the rest just builds on them.
Hacking is often portrayed as a cool stunt where you do the clickety clack on the keyboard, put on some shades, and boom hack into the FBI or something. In actuality, its usually just finding a vulnerability in someones "defenses" and exploiting it for your own purposes. Real life hackers sometimes don't even use a computer but rather aim for the people using the computer. Even if someone has an "unhackable" system, its worthless if you can trick some guy into giving you the password.
If you just want to impress your friends, and they know literally nothing about hacking, you could just learn to manipulate command prompt. Something I did back in highschool when I was an edgelord was open CMD, use color0a to change the font to green, use title hack_root or some other edgy title for more effect, then do something like dir /s to make text scroll really fast. For 10/10 memes I would also add in /p to make it so when I pressed a key more text would scroll.
If you actually want to make a career out of it, and trust me you certainly can, I would suggest heading over to a cite like https://www.cybrary.it/ to begin to learn cyber security.
Cybrary.it is a great, free place to go for security training. They have a Nessus Fundamentals course that can be found here: https://www.cybrary.it/skill-certification-course/nessus-fundamentals-certification-training-course
As far as documentation goes, I would stick with the latest vendor documentation: https://docs.tenable.com/Nessus.htm
I have used Kali Linux in one of my Cyber Security classes. It has some really great tools to learn. If you are serious about learning Kali Linux I would look into buying an Ethical Hacking Study Guide. You can also look into https://www.cybrary.it and there is one youtube video that is worth looking into is https://www.youtube.com/watch?v=vg9cNFPQFqM
I really like cybrary.it for basics of network/computer security, and the courses are designed by skill level and goals (CompTIA, ethical hacking, etc). I haven't done any of the certification exams, but used them for baseline knowledge to help me with my degree and help focus my interests in CS.
Just about any field of IT can be self taught. And in my experience, self-learning is both a requirement and usually results in better techs. There are a lot of websites which offer free training and can get you moving in the right direction. If you are interested in Linux, you might try something like Cybrary Linux+ Course which should get you a good start. I'd also recommend setting up some virtual machines and just playing with it. If your organization is willing to allow it, you might try Oracle's VirtualBox and spin up a VM or three to play with during your down time.
I know this might not be much but I am proud that you are still pursuing what you believe to be right. This situation shows you are strong.
Do you have any friends that live on their own? In the situation you are in, you could easily apply to FAFSA and improve both your and their quality of life.
Face this as well. Many people with degrees are underemployed. The reason it is important to put your all into something is that it creates a passion since it is getting harder to find experience in the job or direction you want to go.
If you need money soon, check at your high school if it offers A+ certification though stressful (and sometimes you find yourself in the ridiculous situation like someone using a disk drive as a cupholder) would potentially give you the ability to move out as IT support. You could use this free resource: https://www.cybrary.it/
I am not sure what you should do otherwise. Maybe military? It has always been a route out of poverty and the minimum is a high school diploma. These are only ideas. I am not sure how your parents would react to you applying for the FAFSA. You could say you need the information for a job or something along the lines of the limited scope they accept. That is the reason I see IT or military as a way out for you. Hope this helps.
this is the book i bought but couldnt make it past 1 chapter. a LOT of the material is common sense. i mostly just looked through some random practice tests and notes that people had put online
there is also a set of cybrary videos on itil but once again they were so dry i couldnt make it past a couple of minutes
here are the notes i used: https://www.dropbox.com/s/2bbkcpp6bix983s/ITIL%20Cram1.docx?dl=0 (i will only leave this up a day or two at most)
Currently working my way through the MCSA 2016 and its rather informative.. Therefore I would suggest 2016. Plus check out https://www.cybrary.it/ and https://www.udemy.com/ for some video classes. Cybrary is free Udemy has courses that are paid.
Yeah, I definitely understand where you are coming from. The book has quite a lot of advanced content in it.
There is a lot we could discuss here! Cyber Security has a lot of breadth and depth involved in it, when it comes to learning. You could take many different paths. You could try searching for whatever concept you are trying to learn about while reading Black Hat Python; that might save you the most money. Or you could:
- Look at Hacking, 2nd Edition, if reading works best for you.
- Check out some of what Udemy has to offer, if watching video tutorials works best for you.
- Go to a university and look into a BS degree in cyber security (very expensive and long process).
- Check out Cybrary. The good thing about this is that it's free.
Whatever you decide to go with, all of those options are a good place to start. My personal recommendation would be to read Hacking, 2nd Edition by Jon Erickson. It is how I got my foundation in CS and it has just about everything you need to get started. I wish you the best of luck in whatever option you choose! You picked a great field to learn about and if you keep up with it, you'll be able to land a job without a hitch.
I'm doing the same thing. I've started taking some courses here. I'm planning on starting college courses in the spring but I figured that this was a good way to get started.
I couldn't afford schooling, but was still interested in an IT/Security career because I was fluent with computers and I knew there would be a growing market for such jobs as technology improved. I recommend you check out Cybrary.it It has free online courses and give you the links to get all your IT certifications without needing to pay for school. (you'll still need to pay for the cost to take the certification tests but that pales in comparison to school costs imo) Even if you decide to go to school, this will let give you a good idea if you grasp the material well enough or not. I'm currently using it while working my barely above minimum wage job to pay rent and internet to take the classes. Hope it helps!
I worked for a consulting company in NYC. Did one pen test and a lot of other shit. The pen testers got burnt out because it is highly repetitive and often requires long hours of recon before you can find the gaps. The benefit is they usually fly you all over the country and you see some cool shit. Good luck.
Side tip: go here and you can do the CEH training for free.
>Cybrary Comptia Linux+ https://www.cybrary.it/course/comptia-linux-plus/
This one is nearly useless. I've posted about it multiple times because I tried following along with it. The guy has a number of problems including best practices problems (recommends logging in as root immediately in your shell), preparedness (doesn't have traceroute installed when he intends to show it), and script (he's literally reading from the man pages).
I can't speak to anything else even on Cybrary, but I don't want anyone else to fall into the time pit that I found that course to be. If you want Linux+ (which I do recommend!) I would recommend the Sybex book. I was reading it and it explained general computing things to me that I had never even known before (e.g. why "deleted" data can sometimes still be recovered- answer: inodes).
My main source was the CompTIA Linux+ Study Guide: Exam LX0-103 and Exam LX0-104
However just make sure you know all of your commands/command line tools as well as the popular switches used with them. (Memorize them)
As well I went thru the Cybrary Course though it really doesn't have much content, it's just a quick overview of things.
I studied the Exam Objectives of the LPIC-1 101 and 102 on LPI since LPI and CompTIA came together on this cert I figured it would help. In which it did.
I used only QAE and https://www.cybrary.it/course/cism/.
The Cybrary course was not super good due to especially technical errors wrt. ordering, but I did learn some ok stuff from it. A few lessons covered material outside the current curriculum.
I think you can actually watch everything and get a refund within X days (which is reasonable given that at some point the ordering is messed up - but that helps you to get overview of the content, bc. you need to read up on some stuff to find the correct order).
The labs are irrelevant.
There's a great section in the Cybrary training for the MITRE ATT&CK Defender SOC Certification (training is free on Cybrary at https://www.cybrary.it/course/mitre-attack-defender-mad-attack-for-soc-assessments/) that speaks to translating marketing jargon into data sources to help infer coverage.
https://www.cybrary.it has some good video courses on to get you started. What is your network knowledge like, knowing how computers comunicate should be your first step, some level of programming knowledge will help as well.
Not right now. For me it's easy to get distracted by the amount of great books and courses you can find nowadays so I try to commit to one book from beginning to end making sure I understand all the concepts. Anyway I may enroll in this course:
https://www.cybrary.it/course/assembly/
As well as buy this two books, the second being more for reference:
- Daniel Kusswurm Modern X86 Assembly Language Programming: 32-bit, 64-bit, SSE, and AVX
- Tom Shanley x86 Instruction Set Architecture
Although I may change my plan an focus more on learning ARM.
Okay -- I got it...
For those struggling like I was, this is the website that finally made things click for me:
https://www.cybrary.it/blog/0p3n/howto-manually-sql-injection-using-union-select-method-guide/
It will time out after about 10-15 seconds and ask you to login. What I did was screen cap my screen so that I could read it slowly and digest everything.
Following this, together with reading the assignment in Immersive Labs and following it step-by-step, I was able to do the correct syntax in order for some results to come up.
This was very difficult for me, but I finally got it. Thank you so much for your time and effort to help.
A lot of people come at this the wrong way, and I think it makes it hard to be successful in your learning goals. The advice I give is that in the beginning don't focus on the hacking part. Focus on learning how systems work, are administered, and how they talk to each other. Once you have a solid grasp of these fundamentals learning to hack will come much more naturally.
A lot of people come at this the wrong way, and I think it makes it hard to be successful in your learning goals. The advice I give is that in the beginning don't focus on the hacking part. Focus on learning how systems work, are administered, and how they talk to each other. Once you have a solid grasp of these fundamentals learning to hack will come much more naturally.
- As mentioned above start with a CompTIA cert, Security+ isn't too expensive roughly $350 (if I can remember). Being help desk isn't a bad start as an analyst you need to be familiar with multiple areas. It IS possible to get entry level, typically prescribed playbooks and analysis on events/incidents. Great way to learn.
A little program does help, there are a ton of free ways to learn. Definitely focus on powershell first. You can actually do fun stuff on your home PC.
https://www.cybrary.it/ is a great start as well.
I've never heard of CEP, I assume you mean CEH right?
If this is the case and you're planning to purchase the voucher make sure you pass the eligibility criteria, which is a proven 2 years experience or taking the official training and it will cost you more.
https://www.cybrary.it/course/ethical-hacking/
Check this course and search in pluralsight.com and see if this suits you.
Anyways I'm not sure that the above link can be considered as an "official" preparation so don't quote me on that, it's just a materials.
cybrary It advertises that they train you to be SOC analyst. You could look at their site, im not pushing you to pay for that , but in their training, they list preparing you to get the Sec+,Net+ an Linux+... so those might be a consideration.
https://www.cybrary.it/catalog/career-path/soc-analyst-level-1.
Well, now I dont see Linux+ listed, but that page should give you a lot to consider.
click this link take a short course in network engineering and see i you like it. The best thing is you have time on your side I would suggest start building your online portfolio by doing projects as hobbies have fun exploring the field
Pot sa-ti recomand ceva pe partea de cyberops care nu e facultate, sa faci in paralel cu facultatea. Cursuri CCNA luate de pe net sau facute la academii. Retelistica are o oarecare importanta. E si un modul de cybersecurity. https://www.cybrary.it/course/comptia-security-plus/ Comptia security + e un certificat foarte bun de entry level in domeniu. Ti-am atasat un fel de tutorial care acopera toate modulele. Stiu ca nu raspunde la partea cu facultatea, dar astea s-ar putea sa fie foarte utile pt ce te intereseaza.
There are thousands of pathways but I understand that's not helpful, so here is one:
Forget repairs and help desk, start up-skilling in security topics through online self education^ and reading (if your employer won't cover courses) ; now work your way into a SOC somewhere. A good guide to where to start your education might be to grab some job advertisements, work out what skills they're after, and start teaching yourself 50-75% of them. Forget certifications for now, hit up bookdepository and Amazon^^. After you have some basics, I can recommend one cost-effective but excellent online tutorial provider but I won't do it here as I'm not sure how the guidelines are around recommending paid activities - dm me.
^ https://www.cybrary.it/ it's not perfect but it's a start.
^^ Honestly for me paper works much better for study.
You want CISSP. Definitely get Sec+ first but your questions on the bigger picture are addressed exactly by CISSP.
You don't have to get the test yet but learning the material will be very helpful. And in fact will help you a lot by immersing you in that thinking for a long time before you test, which will make the test easier foryou.
Buy the Shon Harris All In One guide it's fantastic.
Also watch the free course from Cybrary by the amazing Kelly Handerhan: https://www.cybrary.it/course/cissp/
That course is so good that /r/cissp universally recommends watching it first before studying anything else as it puts you in the right mindset, then watching it again before the test. It's just so damn good. Watch it. Especially the first few modules which are on governance and risk management and the business case for security e.g. how to value breaches and justify defense costs.
Trust me. Do it.
And having bluetooth running all the time is a security risk.
https://www.cybrary.it/2018/07/bluetooth-security-risks/
https://www.lawtechnologytoday.org/2016/05/bluetooth-how-secure-is-it/
These are called Google dorks
>A Google Dork query, sometimes just referred to as a dork, is a search string that uses advanced search operators to find information that is not readily available on a website
using the eternelblue exploit to upload self replicating malware (such as cryptolocker) onto unpatched windows computers takes about 10 minutes , I have no idea how anyone could come to the conclusion that this attack must have been performed by state level actors, literally anyone who is adept with a computer can perform such an attack, there is absolutely no reason why the CIA would perform an attack on a private network when they have the capability to setup realistic training/simulation networks for the malware they develop, EternalBlue is old news as well, it has been in the public domain for almost 5 years now.
https://www.cybrary.it/0p3n/hack-windows-eternalblue-exploit-metasploit/
Just start here, this will give you some basic fundamentals you will need anyway. You can get more detailed after you learn the basics.
It really depends on what area of IT you like. I highly recommend you check out https://www.cybrary.it/ they offer a lot of free IT training and offer tracks. They do a good job in preparing you to take certification exams in IT. It is something I wish were available when I started as I basically had to fiddle around and figure it out all alone.
Personally I started out on the hardware side and got a few CompTia Certs. I learned a little sql and shifted to software because I like it better and it’s more money to be made. I became a business analyst for a healthcare company and then fell in love with project management and studied and became a certified project manager and now I’m an independent healthcare IT PM consultant. I have friends that took the software development track. If you do that their are many different options in languages to learn, business segments for instance healthcare, banking, backend of websystems and they offer the ability to work from home. A good friend just travels the world and works from wherever he is coding.
It just really depends on what part of IT you like. I hope I’ve helped and was able to somewhat answer your question.
Networking.
Sounds like you are already headed down that road.
The best thing about IT certifications is that you study the material and take the test as quick as you want. No school, no assignments and no BS. If you are super dedicated you can knock it out fast.
https://www.cybrary.it/0p3n/5-best-entry-level-certifications/