preface

Recently see a lot of security white in asking how to learn security, how to start penetration testing and other issues. Suddenly feel hair, think of oneself at that time from small white step by step toward the growth of hacker big man.


With the development of the Internet and the rise of the network economy, more and more enterprises put their services or trading platforms on the Internet, and these network application services are more closely related to the revenue of enterprises, and even closely related to the fate of enterprises. However, these resources exposed on the Internet are often weak in defense. Increasing the investment in hardware can not significantly improve the safety level of enterprises. Under such a bottleneck, enterprises have more and more urgent needs for penetration safety engineers who understand penetration testing, so the salary of penetration safety engineers is also rising.

What is Penetration Test?

The Penetration Test (Pen Test for short) is a method to evaluate the security of computer network system by simulating the attack methods of malicious hackers. This process includes an active analysis of any weaknesses, technical flaws, or vulnerabilities in the system from a possible location where an attacker is in a position to proactively exploit a security vulnerability. It’s important to note here that the core is testing, not attack or defense. It is a process, not a tool, not a skill or a knowledge point. To understand penetration testing, you need to expand one dimension from a “process” perspective, and then expand from one dimension to the other.

As a penetration safety test engineer with 10 years of experience, I have grown up from Xiaobai through hardships all the way, and I would like to give some suggestions to the novice Xiaobai now. The scope of penetration security is actually very broad to learn things, such as system security, mobile security, wireless security, Web security and many other directions. As a small white, it is suggested that you can start with Web security, Web security field is relatively good to get started, for a small white, the entry is relatively friendly. When I just started, I also started from Web security. What is the knowledge of Web security? I will give you a simple comb of the knowledge outline.

Second, the Web security foundation to learn what knowledge?

1. For the operation of the system, such as Windows system, Linux system, and the most popular hacker Kali system

2. Database learning (for SQL injection in Web vulnerabilities), such as: the basic operation of MySQL database

3. Web security penetration, it is necessary to understand the principle of Web vulnerabilities, Web common vulnerabilities are SQL injection, XSS vulnerability, CSRF, SSRF, file upload, arbitrary file download, weak password, logic vulnerabilities, etc., Especially the principle of OWASP Top 10 vulnerability, the discrimination method, the use method, the understanding of the firewall bypass method, Understand CDN technology, load balance technology, DNS technology, MVC framework, to understand the characteristics of the mainstream server software vulnerabilities, Linux, URL coding, common encryption and decryption technology, directory explosion, subdomain explosion, background explosion, SSL and so on

4. Use skills of various search engines: the use skills of Google, Fofa, Shodan, Zoomeye and other search engines to collect assets are very important when collecting infiltration information in the early stage.

5. Before learning Web penetration, it is necessary to have a simple understanding of the following languages HTML5, CSS3, PHP, these languages are very helpful for understanding Web security vulnerabilities

6. To master the basic use of several hacking tools: AWVS, AppScan, NMap, BurpSuite, SQLMap, Xray, Metasploit, browser agent, various languages of the small horse, Ant sword and other tools to use

7. Have a certain understanding of the basic framework of some websites: TP, DZ, WP, Dream Weave, Empire, Structs, Ecshop and other common website frameworks

8.Linux penetration advanced knowledge: Manual Trojan hunting and killing process under Linux – the audit method of using rootkit to hide traces, mainly including code auditing to simulate the Trojan pathogen and make the Trojan program run automatically, the principle and defense method of real-time monitoring of the Trojan horse by the Trojan horse parent process, and the principle and defense method of creating a Trojan that cannot be deleted by the root user. Learn how to prevent active communication between trojans and external data, use rootkit to hide Trojan parent process and Trojan files audit method, use rkhunter rootkit hunter to check the rootkit, There is also the principle of manual rights under Linux – hijacked account and password audit and defense methods -Tripwire file inspection.

9. There’s also wireless security and some shell tricks to avoid killing

The above 9 knowledge points give you a general introduction to the concept of Web security penetration. Here I will give you a look at my summary of the more comprehensive mind map of Web penetration. We can take a detailed look at the specific technical knowledge points required by Web penetration testing.



conclusion

The above Web penetration security related knowledge points, to introduce you to learn those knowledge, the world is full of fascinating problems to be solved, to be a hacker is a lot of fun, but it takes a lot of effort to get these fun. These forces require motivation. Great athletes derive motivation from strengthening their bodies and pushing their physical limits. Similarly, as a hacker, you must derive basic pleasure from solving problems, honing your skills, and exercising your intelligence. I hope you are engaged in infiltration security of the small white people, as soon as possible advanced hacker boss.

Pay attention to ‘little god’ not lost every day for you continue to update different technology dry goods