How To Deep Dive Into Cyber Security | Master Offensive Security

Table of Contents

So guys my name is Masaud Ahmad and this is going to be a complete article on how Deep dive into Cyber Security & can learn offensive security from scratch to an advanced level. But before jumping into the field of cyber security, there are certain requirements that you need to cover. These requirements are known as pre-security. It is compulsory to fulfill these pre-security requirements because without them, you won’t have a clear understanding of certain aspects of cyber security.

Table of Contents

To continue this article you much have an account on tryhackme.

Pre-Security | Deep Dive Into Cyber Security

You can learn pre-security from TryHackMe. It covers the basics of cyber security, including an introduction to offensive security, defensive security, and careers in cyber security. TryHackMe also provides hands-on experience, which helps you understand the concepts better.

Once you have covered the basics of cyber security in pre-security, the next step is to focus on Networking basics and weaknesses. This section, known as Network Fundamentals, covers topics such as What is Networking?, Introduction to LAN, OSI Model, Packets and frames, and Extending your network.

Network Fundamentals is a part of pre-security and will be covered in this section.

Now, on the third step, we have The web and common attacks that you need to cover.

In “How the Web Works,” you will learn about DNS in detail, along with HTTP, how websites work, and putting it all together.

Section 4 will focus on “Learn to use the Linux operating system,” where you will gain a detailed understanding of both Windows and Linux concepts.

PRE-SECURITY IS DIVIDED INTO FOUR SECTIONS:

  1. Cyber security basics
  2. Networking basics and weaknesses
  3. The web and common attacks
  4. Learn to use the Linux operating system

NOW LET’S MOVE ON TO THE MAIN TOPICS OF CYBER SECURITY.

  1. Introduction to Cyber Security
  2. Learn about different careers in cyber
  3. Hack your first application
  4. Defend against a live cyber attack
  5. Explore security topics in the industry

Introduction To Cyber Security | Deep Dive Into Cyber Security

Introduction to cyber security is also divided into four sections. The first section, which is already covered in pre-security, is called “Introduction to Cyber Security.” You need to start from section 2.

Section 2 includes “Introduction to Offensive Security,” where you will learn about web application security. After that, you will study operating system security, followed by the network section.

Section 3 focuses on “Defensive Security,” where you will learn about digital forensics and system operations.

Introduction to cyber security is based on these three sessions. So far, we have covered two modules, which are pre-security and introduction to cyber security.

Now, let’s move on to our third module, which we will cover.

Web Fundamentals | Deep Dive Into Cyber Security

In this module, we are provided with a pathway that allows us to cover web security in great detail. We learn about basic web attacks, how to find and exploit vulnerabilities, and understand how web works. One important tool covered in this module is Burp Suite, which is widely used by professional pentesters for testing web security. Additionally, hands-on experience labs are provided for practical application.

THIS MODULE COVERS FOUR MAJOR AREAS:

  1. Understanding web fundamentals
  2. Explaining major vulnerabilities
  3. Learning industry-used tools
  4. Web application assessments

In Section 1, we learn about “How The Web Works.” This includes DNS, HTTP, and how the web functions. If you have already covered this in pre-security, you can skip this section.

In the 2nd session, we delve into “Introduction to Web Hacking.” Here, we explore different vulnerabilities, learn how to find and exploit them. Major vulnerabilities covered include SQL injection, command injection, XSS, SSRF, file inclusion, IDOR, authentication bypass, subdomain enumeration, and content discovery. This section provides a wealth of knowledge.

Section 3

Section 3 focuses on a comprehensive understanding of the Burp Suite tool. Burp Suite is a powerful automation tool extensively used for web security. You will cover the basics of Burp Suite and then proceed to learn about repeater, intruder, other modules, and extender. All of these are crucial for your understanding.

SECTION 4

Section 4, the “Web Hacking Fundamentals” section, provides hands-on experience labs. You will be guided step by step to complete these labs. The first three rooms, which cover “how websites work,” HTTP, and Burp Suite, are already covered. Apart from these, additional rooms are provided for you to explore and learn from.

Additionally, I would like to provide you with written resources. If you wish to master web security in-depth, you can visit our website, where I have covered server-side and client-side vulnerabilities from basic to the most advanced level. This resource will greatly help you in understanding web security in-depth.

SO, BASICALLY, WE CAN COVER THREE MODULES IN TOTAL.

  • pre security
  • cyber security
  • web Fundamentals

Now, after covering these three modules/paths, you are good to go to become a junior penetration tester.

The most important phase is starting now because this module will take you to the next level.

In This Module, You Can Learn The Following Skills:

  • Develop the abilities required to begin a career as a penetration tester.
  • Pentesting techniques and strategies.
  • Listing, exploiting, and reporting.
  • Exercises in practical hacking.
  • Study the security tools utilized in the sector.

To Become A Junior Penetration Tester, We Have Eight Sections Available:

  1. Introduction to Cyber Security
  2. Introduction to Pentesting
  3. Introduction to Web Hacking
  4. Burp Suite
  5. Network Security
  6. Vulnerability Research
  7. Metasploit
  8. Privilege Escalation

We have already covered the first four sections in our previous modules. So, let’s start with the fifth section, which is Network Security.

In Network Security, you will learn in detail about passive and active reconnaissance, Nmap live host discovery, basic and advanced port scans, and protocols and servers. Additionally, there will be a challenge in the form of a Capture the Flag (CTF).

Section 6

Vulnerability Research ke seccion main ap ko vulnerabilities ko find karna sikhaya jaaya ga, find karna ka bad ap exploit kar skty hain un vulnerabilities ko or be is mai ma ap bhut kuch sikhaya jaya ga.

Section 7

you will learn about Metasploit. Starting from the basics, you will progress to exploitation and meterpreter.

The final section, Section 8, covers Privilege Escalation. You will learn about shell, Windows and Linux privilege escalation in detail.

By covering these modules, you can become a proficient junior penetration tester. Ensure that you cover them well and gain hands-on experience from here.

Cover Up Advanced Offensive Security | Deep Dive Into Cyber Security

No matter where you are, being a penetration tester requires specific skills and knowledge. You need to understand different aspects of information security, such as networks, web applications, and even assembly code. Knowing these things is important because it helps you find and exploit weaknesses.

The goal of this learning path is to get you ready for real-world penetration testing. It will guide you through a step-by-step process of finding weaknesses in computer systems and teach you how to use the same tools that experts use. Once you complete this program, you’ll be well-prepared for job interviews and opportunities as a penetration tester. To successfully finish this program, you should have a basic to medium level of understanding of computing.

Get ready for actual penetration testing in the real world.

  • use tools that are common in the sector
  • Study actual attack scenarios
  • learn offensive security tactics
  • activities and resources to support

The Offensive Security section consists of four rooms. You need to solve tasks step by step in these rooms, where you will find vulnerabilities in machines and then exploit them.

Section 2

focuses on Advanced Exploitation, where you will learn how to compromise different machines. You will be guided through a step-by-step procedure provided by TryHackMe.

Section 3

Section 3 covers Buffer Overflow Exploitation, where you will learn about buffer overflow from basic to advanced levels, provided by TryHackMe.

You can comfortably cover these labs/rooms/paths one by one.

In Section 4 or Section 5, there are several rooms related to Active Directory and Extra Credit. By covering them, you can gain hands-on experience. After learning all of this, you will have the ability to work as a pentester in the industry.

I hope you have understood all of this.

Pro Tips:

There are some additional resources that can help you further enhance your skills.

If you want to prepare for OSCP, I highly recommend checking out @rana__khalil’s notes, available at: [link].

You can also explore the hacktricks website.

this hacktricks will also help you a lot.

click here for link

If you find all of this challenging, we offer paid mentorship in cyber security. In this mentorship program, we can train you from basic to advanced levels within six months. All classes will be conducted live on Google Meet.

You can contact me on WhatsApp: +447391871290.

Feel free to follow me on Twitter and Facebook with the username @masaudsec.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

× How can I help you?