New guy, total noob asking for help

I am a college student, CS branch, i have been fascinated by hacking for quite some time. I have been searching for hacking tutorials on internet but I didn’t found anything good, I know there are good courses available but I don’t have money to pay for them and I have been desperately trying to find someone to point me in the right direction and give me some basic knowledge.
So anyone here can help me?

Also my English isn’t very good, so plz ignore the grammatical mistakes

Welcome.

First you have to define what you’re most interested in. There are many areas within a network that people target. These areas all have their own specializations. Do you want to learn about web apps? Software? Operating Systems? etc.

If you want to know the foundation of IT knowledge that will help you with whatever “hacking” you get into, or to help you decide, you may want to consider the following:

Network+ level of networking (Route/Switch concepts, IP scheming, etc.)
Basic Windows architecture (Active Directory, LDAP, File structure, Registry keys, etc.)
Basic Linux architecture and commands
Basic Web concepts (HTTP response codes, How a webapp interacts with its server, how databases work, how sessions are handled, etc)
Basic scripting/programming (PHP, Python, Javascript)

Once you feel comfortable describing these technologies in a simple manner to someone else, you’ll be able to get a feel for what you want to focus on first when it comes to their security.

I know a lot of people in the OffSec realm are pretty elitist about certifications and like to hate on CompTIA (which is understandable)… however Network+, Security+, etc are great foundational certs if you’re just breaking into IT, let alone cyber security. I really recommend at least being familiar with their content.

2 Likes

I found CompTIA Network+, Security+, CySA+, Pentest+ to be great foundational skills for anyone inspiring to get into IT or Security. It’s important to have a solid foundation in IT. It will make your learning curve for cyber security far easier. I am also a big fan of hands-on-labs. The more you are actually exposed to what you think you want to do the better decisions you can make about your future. Not everyone enjoys pentesting, or programming or forensics. You want to find your niche that lights you up. Here are some labs off the top of my head, there are a ton more out there though.

Labs you can buy:
https://nexus.isaca.org/products/133
https://www.pentesteracademy.com/
https://www.pentesterlab.com/
https://www.hacking-lab.com/index.html

Free labs - With a little more work


https://github.com/IoT-PTv/IoT-PT (IoT pentesting)
https://pentestlab.blog/
http://www.gh0st.net/
https://www.vulnhub.com/series/exploit-exercises,11/
https://exploit-exercises.lains.space/

Resources - Threat detection

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.