DEV Community

Cover image for Seven Things a Cyber-Security Enthusiast Should Know
Scofield Idehen for Hackmamba

Posted on • Edited on • Originally published at hackmamba.io

Seven Things a Cyber-Security Enthusiast Should Know

This post was originally published on Hackmamba

Cyber security knowledge is fantastic to acquire and largely sort after. Many have gotten inspiration from most Hollywood movies which are knavery of truth and pure fiction.

Movies have sold many enthusiasts a lifestyle and freedom to live and do the impossible. However, today, I will outline seven things you must know as a Cyber-security enthusiast.

  • Cyber-Security is broad

Most people associate a career in cybersecurity with penetration testing, but cybersecurity has many branches, including Cyber-Security Technicians, IT auditors, Analysts, Consultants, Penetration Tester, engineers, and many others. The paths become more diverse and complex as you advance.

  • Networking Knowledge

As a Cybersecurity noob, understanding how networking works is the most critical skill.

Many newbies try to skip this step as they feel software networking is tedious and sometimes complicated

Understanding how networking works will give you an edge and better prepare you for the penetration testing or auditing path.

You can get started with Networking using some of the following resources.

  1. CompTIA INFOSEC UDEMY
  2. Google free course on Coursera
  • Trouble-Shooting

Analyzing threats, accessing them, and measuring how high or low they are is crucial to cyber security professionals.

Most of the time, you will spend hours and days studying threats from hackers.

Trouble-shooting skills are crucial and more important than any tool you will ever use. The best people in this field can see what everyone has overlooked, and that is a skill you must learn.

To become more skilled at troubleshooting, you must practice using virtual learning platforms like

to find bugs in vulnerable servers and also learn more about malware and their signatures.

  • Research

Tools amount to 20% and research 80%. As cyber security is a continuously growing field, new threats are evolving daily.

As a Cyber-security enthusiast, you should research websites such as

These websites give you insight into the latest vulnerability and recommend patches. However, you must be familiar with different vulnerabilities and their attack model. The more you know about a threat, the better informed you are at resolving and protecting your infrastructure against them.

Research skills will give you an edge and enable you to learn what tools to use in certain situations and how to use them more efficiently.

  • Tools

When starting, you might encounter so many tools, and they might get you overwhelmed. The following tools are the essential and recommended tools used over time

  1. Kali Linux: Kali is the go-to for every starter. The OS(Operating System) consists of some fantastic tools that come pre-installed and give you a starter pack to get you started.
    You can install Kali Linux as a direct OS(bare metal) or through a Virtual box which is advisable if you are getting started.
    Get Kali here.

  2. Snort IDP/IPS: Snort is an open Intrusion Detection and Prevention tool used for analyzing network traffic.

    It is used for preventing or stopping an attack by comparing the packet of a known attack network.

  3. Metasploit: Metasploit offers various tools to test applications, servers, and networks system security. Some professionals call Metasploit "the tools of warfare."

  4. Nmap: Nmap is a scanner; it is one of the few open-source and powerful tools you must have.
    Nmap can work on many operating systems as it allows you to map out vulnerable areas of the network.
    Nmap should be the first tool you must begin with as it helps you see who your target is and what structure they are operating.
    Get Nmap here.

  5. Burp Suite is a robust tool that I love for its detailed scan of systems and revealing real-time vulnerabilities.
    Burp has three versions, Community, professional, and enterprise. For starters, you can use the Community as this version is free.
    The professional is robust, but the free version has enough to get you going until you can scale. Get burp suite here.

  • Documentation

Documentation is essential as a starter. Most of the time, you would be scanning multiple ports simultaneously, and the need to have good documentation skills and tools is pivotal to your success.

Here are some quite helpful documentation tools

  1. Cherry
  2. OneNote
  3. Notion.so
  4. Joplin
  • Keep Backups

As a cyber security enthusiast, you may be trying new software and programs that turn unstable and can crash your system. Keep backups of your files and digital assets. Pay extra attention to avoid installing malicious software.

Creating custom programs and tools has proved effective in mitigating personal attacks and threats. You’ll learn and develop this along the way.

Cyber-security is a fantastic path, and it is one of the fastest-growing industries with rewarding and flexible opportunities.

Let’s do a recap.

  • Summary

You have gone through seven things every cybersecurity enthusiast should know, from understanding how broad cyber-security is to how software networking plays an important role.

You looked at some personal skills like Trouble-shooting and researching skills that give you an edge while learning.

You reviewed how building your toolset and knowing what works for you is critical and why documentation is a skill to cultivate.

Finally, creating backups and setting up virtual machines or sandboxes are good practices to avoid ransomware or corrupted drives.

  • Resources

To learn more about cybersecurity and how to get started, check out the following resources:

Top comments (1)

Collapse
 
justpages profile image
justpages • Edited

The need for personal cybersecurity will continue to grow - the further we go, the more we become "fused" with our gadgets. People are so integrated with their phones that they don't even realize it. A lot of info can be gleaned at dod terminology. Our phone is food, movement, maps, weather, sleep, health, etc. Everything about identity and chips is getting closer to the body, closer to the brain and eyes, to the muscles and literally to the "guts" of people. This means that there`s a great risk that cyber-attacks can someday touch the physical state of a person.