Hello, I’m Jay Chou.
Next, I will write a series of articles to organize the detailed learning steps of network security and recommend learning resources.
Today’s topic is Web Security.
Web security is a very important part of network penetration. Today, we talk about how to master Web security from zero basis in three months.
The first month
Week 1: HTML+CSS, learn basic webpage format, learn to write basic webpage and form, learn to use browser F12 to check elements and view source code
Recommended places to study:
HTML: www.runoob.com/html/html-t…
CSS: www.runoob.com/css/css-tut…
Week 2: Basic JavaScript, basic web programming, combined with week 1 knowledge
Recommended learning location: www.runoob.com/js/js-tutor…
Week 3: Learn HTTP protocol, understand the working principle of Web, and use Wireshark to capture packets and learn HTTP
Recommended study books:
HTTP:
Wireshark:
Week 4: Learn about Web servers, Nginx and Apache, learn to deploy and build a static website, learn to view Web logs.
Recommended places to study:
Nginx: www.w3cschool.cn/nginx/
Apache:www.yiibai.com/apache_http…
By the end of this first month, you have a basic knowledge of the Web front end.
The second month
Week 5: Understand the difference between dynamic Web technology, CGI/ fast-CGI /PHP, and start to touch PHP programming, learn to handle simple Web requests.
Recommended places to study:
CGI:www.awaimai.com/371.html
PHP:www.w3school.com.cn/php/index.a…
Week 6: Learn PHP backend development comprehensively, master basic request processing, learn MySQL usage, learn interface development, learn PHP framework and common CMS
Recommended places to study:
PHP:www.w3school.com.cn/php/index.a…
Week 7: Learn Cookie, Session, JWT and other technologies in Web development, front-end Storage, what is cross-domain, what is CORS.
Recommend learning address: www.cnblogs.com/l199616j/p/…
Blog.csdn.net/weixin_4389…
Week 8: learn about other Web backend development languages and frameworks, Python(Django/Flask), Java(SSM), C#
Recommended places to study:
Django:www.runoob.com/django/djan…
Flask: www.w3cschool.cn/flask/
By the end of this second month, you have a basic knowledge of the Web back end.
The third month
Week 9: Learn Linux operating system, system log, rights management, user management, firewall
Recommended study books:
Week 10: Learn Web security core technologies: SQL injection, XSS attack, CSRF, file upload, one-word Trojan horse, WebShell
Recommended study books:
Week 11: Learn about classic Web frameworks and Web application vulnerability attacks, social work, Google Hacking, and intelligence gathering
Week 12: Learn penetration testing framework and common tools MetaSploit, Cobalt Strike, NMAP, SQLMap…
Recommend learning address: MetaSploit: video full www.bilibili.com/video/BV1MM…
Cobalt Strike: blog.csdn.net/qq_26091745…
Nmap: www.cnblogs.com/php09/p/105…
Sqlmap: www.cnblogs.com/php09/p/104…
By the end of the third month, you have the basics of a basic Web security novice.
In the above, you may be wondering: A week to learn this?
For example, learning Linux, we focus on the use of Linux operating system, as for the underlying technical knowledge, what memory management mechanism, process thread principle, at this stage do not need to expand temporarily.
For example, PHP learning, really want to learn seriously, three months into all is enough to learn, but we can not do so, learn basic grammar, can develop simple back-end programs, understand PHP back-end development is how the thing, how the working principle is on the line.
In short, at the beginning of learning, avoid by all means, into the details, but from the overall situation of the overall grasp, otherwise it is easy to get lost, and then be persuaded to quit.
What else would you like to see learning routes and resource recommendations, or any confusion, please let me know in the comments section, the most popular will be arranged in the next tweet.
welfare
[Hd PDF version of this book]
Collection and collation is not easy, welcome to support the likes and forwarding, I thank you in advance.