This post was originally published on Hackmamba
Cyber security knowledge is fantastic to acquire and largely sort after. Many have gotten inspiration from most Hollywood movies which are knavery of truth and pure fiction.
Movies have sold many enthusiasts a lifestyle and freedom to live and do the impossible. However, today, I will outline seven things you must know as a Cyber-security enthusiast.
- Cyber-Security is broad
Most people associate a career in cybersecurity with penetration testing, but cybersecurity has many branches, including Cyber-Security Technicians, IT auditors, Analysts, Consultants, Penetration Tester, engineers, and many others. The paths become more diverse and complex as you advance.
- Networking Knowledge
As a Cybersecurity noob, understanding how networking works is the most critical skill.
Many newbies try to skip this step as they feel software networking is tedious and sometimes complicated
Understanding how networking works will give you an edge and better prepare you for the penetration testing or auditing path.
You can get started with Networking using some of the following resources.
- CompTIA INFOSEC UDEMY
- Google free course on Coursera
Analyzing threats, accessing them, and measuring how high or low they are is crucial to cyber security professionals.
Most of the time, you will spend hours and days studying threats from hackers.
Trouble-shooting skills are crucial and more important than any tool you will ever use. The best people in this field can see what everyone has overlooked, and that is a skill you must learn.
To become more skilled at troubleshooting, you must practice using virtual learning platforms like
to find bugs in vulnerable servers and also learn more about malware and their signatures.
Tools amount to 20% and research 80%. As cyber security is a continuously growing field, new threats are evolving daily.
As a Cyber-security enthusiast, you should research websites such as
These websites give you insight into the latest vulnerability and recommend patches. However, you must be familiar with different vulnerabilities and their attack model. The more you know about a threat, the better informed you are at resolving and protecting your infrastructure against them.
Research skills will give you an edge and enable you to learn what tools to use in certain situations and how to use them more efficiently.
When starting, you might encounter so many tools, and they might get you overwhelmed. The following tools are the essential and recommended tools used over time
Kali Linux: Kali is the go-to for every starter. The OS(Operating System) consists of some fantastic tools that come pre-installed and give you a starter pack to get you started.
You can install Kali Linux as a direct OS(bare metal) or through a Virtual box which is advisable if you are getting started.
Get Kali here.
Snort IDP/IPS: Snort is an open Intrusion Detection and Prevention tool used for analyzing network traffic.
It is used for preventing or stopping an attack by comparing the packet of a known attack network.
Metasploit: Metasploit offers various tools to test applications, servers, and networks system security. Some professionals call Metasploit "the tools of warfare."
Nmap: Nmap is a scanner; it is one of the few open-source and powerful tools you must have.
Nmap can work on many operating systems as it allows you to map out vulnerable areas of the network.
Nmap should be the first tool you must begin with as it helps you see who your target is and what structure they are operating.
Get Nmap here.
Burp Suite is a robust tool that I love for its detailed scan of systems and revealing real-time vulnerabilities.
Burp has three versions, Community, professional, and enterprise. For starters, you can use the Community as this version is free.
The professional is robust, but the free version has enough to get you going until you can scale. Get burp suite here.
Documentation is essential as a starter. Most of the time, you would be scanning multiple ports simultaneously, and the need to have good documentation skills and tools is pivotal to your success.
Here are some quite helpful documentation tools
- Keep Backups
As a cyber security enthusiast, you may be trying new software and programs that turn unstable and can crash your system. Keep backups of your files and digital assets. Pay extra attention to avoid installing malicious software.
Creating custom programs and tools has proved effective in mitigating personal attacks and threats. You’ll learn and develop this along the way.
Cyber-security is a fantastic path, and it is one of the fastest-growing industries with rewarding and flexible opportunities.
Let’s do a recap.
You have gone through seven things every cybersecurity enthusiast should know, from understanding how broad cyber-security is to how software networking plays an important role.
You looked at some personal skills like Trouble-shooting and researching skills that give you an edge while learning.
You reviewed how building your toolset and knowing what works for you is critical and why documentation is a skill to cultivate.
Finally, creating backups and setting up virtual machines or sandboxes are good practices to avoid ransomware or corrupted drives.
To learn more about cybersecurity and how to get started, check out the following resources: