DEV Community: Boni Yeamin

Linux Commands Cheat Sheet

Boni Yeamin — Mon, 05 Feb 2024 11:11:13 +0000

Linux Commands Cheat Sheet
Did you know that there are hundreds of Linux commands? Even on a bare-bones Linux server install there are easily over 1,000 different commands.

The interesting thing is that most people only need to use a very small subset of those commands. Below you’ll find a Linux “cheat sheet” that breaks down some of the most commonly used commands by category.

To get your own PDF and printable copy, scroll to the bottom of the page.

Enjoy!
1 – SYSTEM INFORMATION

Display Linux system information

uname -a

Display kernel release information

uname -r

Show operating system information such as distribution name and version

cat /etc/os-release

Show how long the system has been running + load

uptime

Show system host name

hostname

Display all local IP addresses of the host.

hostname -I

Show system reboot history

last reboot

Show the current date and time

date

Show this month's calendar

cal

Display who is online

Who you are logged in as

whoami
2 – HARDWARE INFORMATION

Display messages in kernel ring buffer

dmesg

Display CPU information

cat /proc/cpuinfo

Display memory information

cat /proc/meminfo

Display free and used memory ( -h for human readable, -m for MB, -g for GB.)

free -h

Display PCI devices

lspci -tv

Display USB devices

lsusb -tv

Display DMI/SMBIOS (hardware info) from the BIOS

dmidecode

Show info about disk sda

hdparm -i /dev/sda

Perform a read speed test on disk sda

hdparm -tT /dev/sda

Test for unreadable blocks on disk sda

badblocks -s /dev/sda
3 – PERFORMANCE MONITORING AND STATISTICS

Display and manage the top processes

top

Interactive process viewer (top alternative)

htop

Display processor related statistics

mpstat 1

Display virtual memory statistics

vmstat 1

Display I/O statistics

iostat 1

Display the last 100 syslog messages (Use /var/log/syslog for Debian based systems.)

tail -100 /var/log/messages

Capture and display all packets on interface eth0

tcpdump -i eth0

Monitor all traffic on port 80 ( HTTP )

tcpdump -i eth0 'port 80'

List all open files on the system

lsof

List files opened by user

lsof -u user

Display free and used memory ( -h for human readable, -m for MB, -g for GB.)

free -h

Execute "df -h", showing periodic updates

watch df -h
4 – USER INFORMATION AND MANAGEMENT

Display the user and group ids of your current user.

Display the last users who have logged onto the system.

last

Show who is logged into the system.

who

Show who is logged in and what they are doing.

Create a group named "test".

groupadd test

Create an account named john, with a comment of "John Smith" and create the user's home directory.

useradd -c "John Smith" -m john

Delete the john account.

userdel john

Add the john account to the sales group

usermod -aG sales john
5 – FILE AND DIRECTORY COMMANDS

List all files in a long listing (detailed) format

ls -al

Display the present working directory

pwd

Create a directory

mkdir directory

Remove (delete) file

rm file

Remove the directory and its contents recursively

rm -r directory

Force removal of file without prompting for confirmation

rm -f file

Forcefully remove directory recursively

rm -rf directory

Copy file1 to file2

cp file1 file2

Copy source_directory recursively to destination. If destination exists, copy source_directory into destination, otherwise create destination with the contents of source_directory.

cp -r source_directory destination

Rename or move file1 to file2. If file2 is an existing directory, move file1 into directory file2

mv file1 file2

Create symbolic link to linkname

ln -s /path/to/file linkname

Create an empty file or update the access and modification times of file.

touch file

View the contents of file

cat file

Browse through a text file

less file

Display the first 10 lines of file

head file

Display the last 10 lines of file

tail file

Display the last 10 lines of file and "follow" the file as it grows.

tail -f file
6 – PROCESS MANAGEMENT

Display your currently running processes

Display all the currently running processes on the system.

ps -ef

Display process information for processname

ps -ef | grep processname

Display and manage the top processes

top

Interactive process viewer (top alternative)

htop

Kill process with process ID of pid

kill pid

Kill all processes named processname

killall processname

Start program in the background

program &

Display stopped or background jobs

Brings the most recent background job to foreground

Brings job n to the foreground

fg n
7 – FILE PERMISSIONS
Linux chmod example
PERMISSION EXAMPLE

     U   G   W
    rwx rwx rwx     chmod 777 filename
    rwx rwx r-x     chmod 775 filename
    rwx r-x r-x     chmod 755 filename
    rw- rw- r--     chmod 664 filename
    rw- r-- r--     chmod 644 filename

NOTE: Use 777 sparingly!

    LEGEND
    U = User
    G = Group
    W = World

    r = Read
    w = write
    x = execute
    - = no access

8 – NETWORKING

Display all network interfaces and IP address

ip a

Display eth0 address and details

ip addr show dev eth0

Query or control network driver and hardware settings

ethtool eth0

Send ICMP echo request to host

ping host

Display whois information for domain

whois domain

Display DNS information for domain

dig domain

Reverse lookup of IP_ADDRESS

dig -x IP_ADDRESS

Display DNS IP address for domain

host domain

Display the network address of the host name.

hostname -i

Display all local IP addresses of the host.

hostname -I

Download http://domain.com/file

wget http://domain.com/file

Display listening tcp and udp ports and corresponding programs

netstat -nutlp
9 – ARCHIVES (TAR FILES)

Create tar named archive.tar containing directory.

tar cf archive.tar directory

Extract the contents from archive.tar.

tar xf archive.tar

Create a gzip compressed tar file name archive.tar.gz.

tar czf archive.tar.gz directory

Extract a gzip compressed tar file.

tar xzf archive.tar.gz

Create a tar file with bzip2 compression

tar cjf archive.tar.bz2 directory

Extract a bzip2 compressed tar file.

tar xjf archive.tar.bz2
10 – INSTALLING PACKAGES

Search for a package by keyword.

yum search keyword

Install package.

yum install package

Display description and summary information about package.

yum info package

Install package from local file named package.rpm

rpm -i package.rpm

Remove/uninstall package.

yum remove package

Install software from source code.

tar zxvf sourcecode.tar.gz
cd sourcecode
./configure
make
make install
11 – SEARCH

Search for pattern in file

grep pattern file

Search recursively for pattern in directory

grep -r pattern directory

Find files and directories by name

locate name

Find files in /home/john that start with "prefix".

find /home/john -name 'prefix*'

Find files larger than 100MB in /home

find /home -size +100M
12 – SSH LOGINS

Connect to host as your local username.

ssh host

Connect to host as user

ssh user@host

Connect to host using port

ssh -p port user@host
13 – FILE TRANSFERS

Secure copy file.txt to the /tmp folder on server

scp file.txt server:/tmp

Copy *.html files from server to the local /tmp folder.

scp server:/var/www/*.html /tmp

Copy all files and directories recursively from server to the current system's /tmp folder.

scp -r server:/var/www /tmp

Synchronize /home to /backups/home

rsync -a /home /backups/

Synchronize files/directories between the local and remote system with compression enabled

rsync -avz /home server:/backups/
14 – DISK USAGE

Show free and used space on mounted filesystems

df -h

Show free and used inodes on mounted filesystems

df -i

Display disks partitions sizes and types

fdisk -l

Display disk usage for all files and directories in human readable format

du -ah

Display total disk usage off the current directory

du -sh
15 – DIRECTORY NAVIGATION

To go up one level of the directory tree. (Change into the parent directory.)

cd ..

Go to the $HOME directory

Change to the /etc directory

cd /etc
16 – SECURITY

Change the current user's password.

passwd

Switch to the root account with root's environment. (Login shell.)

sudo -i

Execute your current shell as root. (Non-login shell.)

sudo -s

List sudo privileges for the current user.

sudo -l

Edit the sudoers configuration file.

visudo

Display the current SELinux mode.

getenforce

Display SELinux details such as the current SELinux mode, the configured mode, and the loaded policy.

sestatus

Change the current SELinux mode to Permissive. (Does not survive a reboot.)

setenforce 0

Change the current SELinux mode to Enforcing. (Does not survive a reboot.)

setenforce 1

Set the SELinux mode to enforcing on boot by using this setting in the /etc/selinux/config file.

SELINUX=enforcing

Set the SELinux mode to permissive on boot by using this setting in the /etc/selinux/config file.

SELINUX=permissive

Set the SELinux mode to disabled on boot by using this setting in the /etc/selinux/config file.

SELINUX=disabled
17 – LOGGING AND AUDITING

Display messages in kernel ring buffer.

dmesg

Display logs stored in the systemd journal.

journalctl

Display logs for a specific unit (service).

journalctl -u servicename

Empower Your Cybersecurity Strategy with These 20 Free SOC Tools

Boni Yeamin — Wed, 05 Jul 2023 03:17:26 +0000

Introduction:
In today's interconnected world, maintaining a robust cybersecurity posture is vital for organizations of all sizes. Security Operations Centers (SOCs) play a crucial role in monitoring, detecting, and responding to security incidents. However, building an effective SOC can be costly, especially for smaller businesses. Fortunately, there are several free SOC tools available that can help strengthen your cybersecurity defenses without straining your budget. In this article, we will explore 20 free SOC tools that can enhance your security operations on a platform like LinkedIn. Let's dive in!

Security Onion:
Security Onion provides a suite of open-source tools for network security monitoring and intrusion detection. It includes tools like Suricata, Zeek, and Elasticsearch, making it a valuable asset for SOC teams.

Wireshark:
Wireshark is a widely-used network protocol analyzer. It helps SOC analysts inspect network traffic and identify potential security threats.

Snort:
Snort is an open-source network intrusion prevention system. It detects and prevents various types of attacks, including network-based exploits and malware.

OSSEC:
OSSEC is an open-source host-based intrusion detection system. It monitors logs and alerts SOC teams about potential security incidents on individual systems.

OpenVAS:
OpenVAS (Open Vulnerability Assessment System) is a comprehensive vulnerability scanner. It scans your network, identifies vulnerabilities, and provides detailed reports.

Wazuh:
Wazuh is an open-source security monitoring platform. It combines OSSEC with advanced analytics and threat intelligence capabilities.

ELK Stack:
The ELK Stack (Elasticsearch, Logstash, and Kibana) is a powerful log management and analysis platform. It enables SOC teams to collect, analyze, and visualize log data efficiently.

Moloch:
Moloch is a large-scale, open-source packet-capturing and indexing tool. It assists in the analysis and storage of network traffic data for future investigations.

Suricata:
Suricata is a high-performance, open-source intrusion detection and prevention system. It detects and alerts SOC teams about suspicious network activity.

MISP:
MISP (Malware Information Sharing Platform) is an open-source threat intelligence platform. It allows SOC teams to share and collaborate on threat intelligence data.

TheHive:
TheHive is an open-source incident response platform. It helps SOC teams manage and investigate security incidents effectively.

Cuckoo Sandbox:
Cuckoo Sandbox is an open-source malware analysis system. It allows SOC analysts to safely execute suspicious files and observe their behavior in a controlled environment.

OpenIOC:
OpenIOC (Open Indicators of Compromise) is a format for sharing threat intelligence indicators. It enables SOC teams to exchange and utilize actionable intelligence.

MISP-Dashboard:
MISP Dashboard provides a visual representation of threat intelligence data from the MISP platform. It helps SOC teams gain insights into current and emerging threats.

Cyphon:
Cyphon is an open-source incident management and response platform. It centralizes and streamlines the incident response process for SOC teams.

Aanval:
Aanval is a free and open-source intrusion detection and prevention system. It provides real-time threat intelligence and comprehensive reporting capabilities.

Snorby:
Snorby is a web-based interface for managing Snort intrusion detection system alerts. It simplifies the analysis and reporting of network security events.

Suricata-Update:
Suricata-Update automates the process of updating Suricata rules. It ensures that your intrusion detection system remains up to date with the latest threat intelligence.

Wazuh Ruleset:
Wazuh Ruleset is a collection of rules for the Wazuh security monitoring platform. It enhances the detection capabilities of Wazuh by incorporating additional threat intelligence.z

BRO IDS:
BRO IDS (Intrusion Detection System) is an open-source network security monitor. It provides real-time visibility into network traffic and helps SOC teams identify potential threats.

Conclusion:
Building a strong SOC doesn't have to be an expensive endeavor. These 20 free SOC tools provide a solid foundation for enhancing your cybersecurity capabilities on a limited budget. From network monitoring to incident response and threat intelligence, each tool brings unique functionality to bolster your defense against cyber threats. Incorporate these tools into your SOC arsenal, and leverage the power of open-source software to protect your organization's critical assets. Remember, cybersecurity is a continuous process, and regularly updating and evolving your SOC toolset is essential to stay ahead of emerging threats.

How To Become A Cybersecurity Engineer ?

Boni Yeamin — Tue, 16 May 2023 02:08:37 +0000

Becoming a cybersecurity engineer involves acquiring a combination of education, skills, and experience. Here are the general steps you can follow to pursue a career in cybersecurity engineering:

Obtain a formal education: Earn a bachelor's degree in computer science, information technology, cybersecurity, or a related field. A degree provides a strong foundation in the principles of computer systems, networks, and security.

Gain foundational knowledge: Acquire a solid understanding of computer systems, networking, operating systems, programming languages, and databases. Familiarize yourself with concepts like encryption, secure coding practices, risk management, and vulnerability assessment.

Pursue specialized certifications: Earning industry-recognized certifications can enhance your credibility and demonstrate your expertise. Consider certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), and CompTIA Security+.

Develop technical skills: Acquire proficiency in various technical areas relevant to cybersecurity engineering. These may include network security, application security, cloud security, cryptography, incident response, penetration testing, and security assessments.

Gain practical experience: Look for opportunities to gain hands-on experience in cybersecurity. Consider internships, entry-level positions, or volunteer work in IT or security departments. Participate in Capture the Flag (CTF) competitions and join cybersecurity clubs or organizations to further develop your skills.

Stay updated with the latest trends: Cybersecurity is a rapidly evolving field, so it's important to stay informed about the latest threats, vulnerabilities, and security technologies. Follow industry news, attend conferences, and engage with online communities to stay up to date.

Build a professional network: Networking is crucial in any career. Attend cybersecurity events, join professional associations, and connect with industry professionals. Networking can lead to job opportunities and provide mentorship from experienced cybersecurity engineers.

Consider advanced degrees: Pursuing a master's degree or higher in cybersecurity or a related field can enhance your knowledge and open up higher-level positions in the field. Advanced degrees often provide specialized knowledge in areas like digital forensics, secure software development, or network security.

Develop soft skills: Effective communication, problem-solving, and teamwork are essential in a cybersecurity career. Work on developing these skills along with critical thinking, attention to detail, and the ability to handle pressure.

Apply for cybersecurity positions: Start applying for cybersecurity engineer roles once you have developed the necessary skills and qualifications. Tailor your resume and cover letter to highlight your relevant experience and certifications. Consider building a portfolio showcasing your projects and contributions to the cybersecurity field.

Remember, the path to becoming a cybersecurity engineer requires continuous learning and adapting to new technologies and threats. It's important to stay proactive, hone your skills, and remain passionate about cybersecurity to excel in this field.

Linux Commands Cheat Sheet

Boni Yeamin — Tue, 16 May 2023 02:02:57 +0000

1. cd — Change directory

ls — List directory contents
pwd — Print working directory
cat — Concatenate and display files
touch — Create an empty file
cp — Copy files and directories
mv — Move or rename files and directories
rm — Remove files and directories
mkdir — Create a new directory
rmdir — Remove an empty directory
cut — Cut out sections of a file
gzip — Compress or decompress files using gzip
gunzip — Decompress files compressed with gzip
find — Find files and directories matching a pattern
grep — Search for a pattern in a file
awk — Pattern scanning and processing language
sed — Stream editor for filtering and transforming text
head — Display the first few lines of a file
tail — Display the last few lines of a file
sort — Sort lines of a file
uniq — Remove duplicate lines from a file
wc — Count lines, words, and characters in a file
diff — Compare two files line by line
patch — Apply a patch to a file
chmod — Change permissions of files and directories
chown — Change the owner of a file or directory
chgrp — Change the group ownership of a file or directory
ps — List running processes
top — Display system resource usage and process information
kill — Send a signal to a process to terminate it
du — Display disk usage of files and directories
df — Display free disk space on the file system
mount — Mount a file system
umount — Unmount a file system
ping — Test connectivity to a network host
ssh — Secure shell remote login and command execution
scp — Secure copy files between hosts
rsync — Remote file and directory synchronization
curl — Transfer data from or to a server using various protocols
wget — Retrieve files from the web using various protocols
ftp — File Transfer Protocol client
sftp — Secure File Transfer Protocol client
telnet — Telnet client
nslookup — DNS lookup utility
dig — DNS lookup utility
netstat — Display network connections and statistics
ifconfig — Configure network interfaces
route — Display or modify the routing table
iptables — Firewall and packet filtering utility
hostname — Display or set the hostname of the system
date — Display or set the system date and time
timedatectl — Control the system date and time
uname — Display system information
whoami — Display the current user ID
id — Display user and group information
su — Switch user to become another user
sudo — Execute a command with superuser privileges
passwd — Change the password of a user account
useradd — Create a new user account
userdel — Delete a user account
usermod — Modify a user account
groupadd — Create a new group
groupdel — Delete a group
groupmod — Modify a group
finger — Display information about users on the system
last — Display information about recent logins
history — Display command history
echo — Print a message to the terminal
printf — Format and print data
lshw — Displays hardware information
lspci — Displays information about PCI buses and devices.
lsusb — Displays information about USB buses and devices.
hwinfo — Displays detailed hardware information.
free — Displays memory usage.
vmstat — Displays system memory, processor, and I/O statistics.
iostat — Displays CPU and disk I/O statistics.
uptime — Displays system uptime and load averages.
journalctl — Displays the system journal.
dmesg — Displays the kernel ring buffer.
crontab — Schedules recurring tasks.
at — Schedules a one-time task.
service — Manages system services.
systemctl — Controls system services in systemd-based distributions.
traceroute — Traces the network path to a remote host.
bzip2 — Compresses files using the bzip2 algorithm.
unzip — Extracts files from a ZIP archive.
tee — Redirect output to multiple files
chroot — Change the root directory for a process
ps aux — Display information about all running processes
less — Display file contents in a paginated format
more — Display file contents one page at a time
ln — Create links between files
realpath — Print the resolved absolute path of a file
watch — Execute a command periodically and display the output
cal — Display a calendar
tar -xzvf — Extract files from a compressed archive
tar -czvf — Create a compressed archive
whereis — Locate the binary, source, and manual page files for a command
locate — Find files by name
which — Display the full path to an executable
21

📝 Ansible for Blue Team - Use Cases💥

Boni Yeamin — Fri, 12 May 2023 17:06:04 +0000

🟢 FREE Resources
📌 FREE COURSE - Security Analyst Career - 90 days Blueprint
🔗 https://lnkd.in/de_ZVvQc
📌 Zero to CyberHero: Security Analyst Career Guide
🔗 https://lnkd.in/dC-nkQfu

🟢 Pre-requisites
📌 Basics of Ansible in 10 points https://lnkd.in/diZv4cei
📌 Ansible Security Ecosystem https://lnkd.in/d9KBWJiB

🟢 Ansible Popular Use Cases(Playbooks)
📌 Ansible for Cisco ASA https://lnkd.in/dwGPVvtE
📌 Ansible for CyberArk https://lnkd.in/d84bnCyv
📌 Ansible for IBM QRadar https://lnkd.in/dRYK8gvQ
📌 Ansible for Palo Alto Networks https://lnkd.in/dHxsUDJ2
📌 Ansible for Splunk https://lnkd.in/dGTGu6vT
📌 Ansible for Snort IPS https://lnkd.in/dbzhPyww
📌 Ansible for Barracuda WAF https://lnkd.in/drUpNNpS

Open source Network Monitoring Tools for Home-Lab

Boni Yeamin — Sun, 07 May 2023 18:13:27 +0000

👉🏼When it comes to network monitoring tools for your home lab, open-source options provide great flexibility, customization, and cost-effectiveness. Here's a list of open-source network monitoring tools that can help you monitor and manage your home network effectively:

🟢 Pre-requisites
📌 What is SNMP? https://lnkd.in/dQ_NbxDH
📌 Download VMware https://lnkd.in/d6gGFUYA

🎯Nagios Core: Nagios is a popular and powerful network monitoring tool. Nagios Core is the open-source version that allows you to monitor network services, hosts, and their availability. It provides alerting, notification, and reporting features, making it an excellent choice for monitoring your home lab.
🔗 https://lnkd.in/dXmGUSkm

🎯Zabbix: Zabbix is a feature-rich network monitoring solution that offers real-time monitoring, alerting, and visualization capabilities. It can monitor various network devices, servers, applications, and services. Zabbix has a user-friendly interface and provides extensive reporting options.
🔗 https://lnkd.in/d8-qTMa5

🎯Cacti: Cacti is a web-based network monitoring and graphing tool. It uses the Simple Network Management Protocol (SNMP) to monitor and graph network devices' performance. Cacti offers customizable templates and can generate visual graphs and reports for network bandwidth utilization, CPU load, memory usage, and more.
🔗https://www.cacti.net/

🎯LibreNMS: Built on the foundations of Observium, LibreNMS is an open-source network monitoring and autodiscovery tool. It can monitor a wide range of devices, including routers, switches, servers, and wireless controllers. LibreNMS offers intuitive dashboards, alerting, and graphing capabilities.
🔗 https://lnkd.in/dQZucJar

🎯Icinga: Icinga is a scalable and extensible open-source monitoring tool. It provides monitoring for hosts, services, and network components. Icinga offers advanced features like distributed monitoring, parallelized service checks, and robust alerting capabilities.
🔗 https://lnkd.in/dFrHrMSR

🎯NetXMS: NetXMS is a comprehensive network and infrastructure monitoring system. It offers performance monitoring, event management, and fault management capabilities. NetXMS supports agentless monitoring, SNMP, and customs agent deployment for monitoring various devices and services.
🔗https://netxms.com/

🎯Observium: Observium is an SNMP-based network monitoring and management platform. It provides automatic discovery, visualization, and monitoring of network devices, servers, and applications. Observium offers a user-friendly interface and includes advanced features like billing integration and traffic analysis.
🔗https://www.observium.org/

🎯OpenNMS: OpenNMS is a feature-rich enterprise-grade network management and monitoring platform. It offers fault management, performance measurement, and event correlation capabilities. OpenNMS supports various protocols and can monitor a wide range of devices and services.
🔗https://www.opennms.com/

🎯Prometheus: Prometheus is a popular open-source monitoring and alerting toolkit. It focuses on time-series-based monitoring, providing powerful querying and alerting capabilities. Prometheus is highly customizable and can be integrated with other tools and frameworks.
🔗https://prometheus.io/

🎯Grafana: Although not a network monitoring tool itself, Grafana is a widely used open-source platform for visualizing and analyzing monitoring data. It can integrate with various monitoring systems, including many of the tools mentioned above. Grafana provides customizable dashboards and advanced data visualization options.
🔗https://grafana.com/

These open-source network monitoring tools offer a wide range of features and capabilities to monitor and manage your home lab effectively. Choose the one that aligns with your requirements, skill set, and preferences, and enjoy the benefits of robust network monitoring in your home environment.

Top 6 websites to practice hands-on Cybersecurity

Boni Yeamin — Mon, 13 Mar 2023 11:11:47 +0000

Here are 6 websites to practice hands-on Cybersecurity.

1.) Letsdefend -
🔗 https://letsdefend.io/
LetsDefend helps you build a blue team career with hands-on experience by investigating real cyber attacks inside a simulated SOC.

2.) TryHackMe -
🔗 https://tryhackme.com/
TryHackMe provides virtual labs and challenges that simulate real-world scenarios and cover various topics such as penetration testing, web application security, and more.

3.) HackTheBox -
🔗 https://tryhackme.com/
HackTheBox - Dr. AITH offers a range of challenges that simulate real-world scenarios and cover various topics such as cryptography, steganography, reverse engineering, and more.

4.) CyberDefenders -
🔗 https://lnkd.in/dffH8AgY
CyberDefenders is an online platform that provides hands-on experience in various areas of cybersecurity such as web application security, network security, and more. It offers virtual labs and challenges that simulate real-world scenarios .

5.) Hacker101 -
🔗 https://www.hacker101.com/
Hacker101 provides various hands-on exercises and challenges related to web application security, network security, and cryptography.

6) PentesterLab -
🔗 https://pentesterlab.com/
PentesterLab is a platform that offers various exercises and challenges to help users learn web application security. It provides hands-on experience in identifying and exploiting vulnerabilities in web applications.

Learning Path! Cybersecurity .

Boni Yeamin — Wed, 21 Dec 2022 06:08:24 +0000

Nowdays, Cyber Security, Ethical Hacking, Application Security, Penetration Testing, Bug Bounties, etc., these career options are blooming and becoming popular among teenagers, scholars, experienced professionals, etc. globally. The reason for this popularity is surely the growing community, increased attacks, and need for skilled professionals.

In the beginner the common questions facing Where should I start from? What should I learn first?

The above mindmap breaks down Cyber Security career options in three major domains Offensive, Defensive & Research.

Defensive

Security Operation CEnter (SOC)
Blue Teamer
Cyber Forensics
Cyber Compliance & Risk Activitices
Secure Software Developer
Security Acchicture
Inciednt Response (IR)

** Defensive **

Application Security Expart
Red Teamer
Penetration tester
Bug Hunter
Cloud Auditor
Code Reviewer

Research

Threat Analylysist
Malware analysis
Security Trend Analysis
Zero day & Expolit

Offensive Cyber Security Career Path
When we talk about getting started into Offensive Cyber Security, there are many domains such as Application Security, Red Teaming, Penetration Testing, Code Reviews, Cloud Audits, etc. However, there are always some initial requirements and at the end of the day, everything is linked somehow.

Pre-requisite:

Good understanding of how Computer System Works
Good understanding of how the Internet works and how to use it
Mindset & Rythm — You must enjoy what you are doing!!!

Resources to learn about Operating Systems:

Linux Basics: https://linuxjourney.com/
Android Basics: https://www.educba.com/android-operating-system/
Windows Basics: https://www.educba.com/introduction-to-windows/
Operating System Basics: https://www.tutorialspoint.com/operating_system/index.htm

Learning about Computer Networks
As a security professional, you must know basic concepts of networking which include knowing how Routing, Firewalling, SSL, TLS, Ports, Protocols, IP, TCP, UDP, MAC, and other important network security features work. Why this knowledge is required doesn’t need any explanation itself, it’s essential, that’s all.

Resources to learn Computer Networks

https://www.tutorialspoint.com/data_communication_computer_network/index.htm
https://www.tutorialspoint.com/network_security/index.htm
Cryptography & Network Security (McGraw-Hill Forouzan Networking)

Learning about Web Applications

Resources to learn Basic Concepts

About HTTP: https://developer.mozilla.org/en-US/docs/Web/HTTP
HTTP Headers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
HTTP Security: https://developer.mozilla.org/en-US/docs/Web/Security
Content-Security Policy: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
HTTP Cookies: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#Secure_and_HttpOnly_cookies
Web Security Cheatsheet: https://infosec.mozilla.org/guidelines/web_security
Cross-Origin Resource Sharing: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Understanding Common Security Frameworks

OWASP Web Top 10: https://owasp.org/www-project-top-ten/
OWASP API Top 10: https://owasp.org/www-project-api-security/
OWASP Mobile Top 10: https://owasp.org/www-project-mobile-top-10/
OWASP ASVS: https://owasp.org/www-project-application-security-verification-standard/

Getting Started with Web Application Security
At this point, we will talk about how to get started in Web Application Security. There are tons of resources out there in the wild and it is not possible to learn/read all of them, however, choosing the best ones is also a difficult task. I am sharing some of the good resources to follow in order to get a good hold:

OWASP Testing Guide explaining a wide range of security issues and how to test for them. This should be the initial reference guide to know and explore various security vulnerabilities.
PortSwigger Web Security Academy is the practical version of Web Application Hacker’s Handbook. You will get good learning resources (short and crisp) followed by Labs to master the things you are learning.
Bugcrowd Vulnerability Rating Taxonomy talks about multiple security issues and an associated severity with them. This is also a helpful resource to know multiple security issues.
OWASP Juice Shop is a real-life application and gives you a flavor to test multiple security vulnerabilities ranging from Injection, Access Control to XXE.
Cobalt.io Vulnerability Wiki is yet another great resource that includes a brief explanation, proof of concept, and risk ratings for various security issues based on OWASP ASVS.
PayloadAllTheThings is an open-resource GitHub Repository that contains a huge list of payloads for all security issues and this is a good resource to know some of the new security issues as well.
Learn365 is my own GitHub Repo which contains all the learning resources I am following in my #Learn365 challenge, these include various attack vectors including Web, Mobile, Network, Cloud, etc.
HackTricks GitBook is a great collection of resources about various Network, Mobile & Web Attack vectors.
InfoSec Writeups, PentesterLand & HackerOne Disclosures are great resources for looking at the Bug Bounty Writeups and learn how various hackers approach different bugs and different applications.

Getting Started with Network Security
HackTheBox: An online platform to test and advance your skills in penetration testing and cybersecurity.
VulnHub: To provide materials that allow anyone to gain practical ‘hands-on’ experience in digital security, computer software & network administration.
OffensiveSecurity ProvingGrounds: Practice your Pentesting skills in a standalone, private lab environment with the additions of PG Play and PG Practice to Offensive Security’s Proving Grounds training labs.
**TryHackMe: **TryHackMe is an online platform that teaches Cyber Security through short, gamified real-world labs. We have content for both complete beginners and seasoned hackers, incorporating guides and challenges to cater to different learning styles.
**HackTricks GitBook **is a great collection of resources about various Network, Mobile & Web Attack vectors.

Damn Vulnerabilities List Lab

Boni Yeamin — Tue, 13 Sep 2022 05:37:50 +0000

Damn Vulnerabilities List Lab

AWSGoat : A Damn Vulnerable AWS Infrastructure

https://lnkd.in/dq2cYPG2

AzureGoat : A Damn Vulnerable Azure Infrastructure

https://lnkd.in/dKMMrESA

Webpentest: A Damn Vulnerable Web Application

https://lnkd.in/dNJxX-Fe

API: A Damn Vulnerable Web Sockets

https://lnkd.in/dMbJgP5h

Mobile: Damn Vulnerable Hybrid Mobile App

https://lnkd.in/dSMZMuzZ

cybersecurity #redteam #blueteam #bugbounty

These notes come from 9 books I'm planning on reading that pertain to the topic of Ethical Hacking:

Boni Yeamin — Thu, 28 Oct 2021 15:57:01 +0000

01.The Pentester Blueprint: Starting a Career as an Ethical Hacker
BY: Phillip L. Wylie and Kim Crawley

02.Social Engineering -- The Art of Human Hacking
BY: Christopher Hadnagy

03.Basic Security Testing with Kali Linux
BY: By Daniel W. Dieterle

04.Metasploit Penetration Testing Cookbook
BY: Abhinav Singh

05.The Hacker Playbook
BY: Peter Kim

06.RTFM: Red Team Field Manual
BY: Ben Clark

07Gray Hat Python -- Python Programming for Hackers and Reverse Engineers
BY: Justin Seitz

08.Malware Analysts Cookbook -- Tools and Techniques for Fighting Malicious Code
BY: Michael Hale Ligh, Steven Adair, Blake Hartstein, and Matthew Richard

09.Inside Cyber Warfare
BY: Jeffrey Carr