Scribd Logo
Upload

Welcome to Scribd!

  • 129 views

    Learn Cyber Security

    Uploaded by

    PHẠM MINH TRÍ
    The document discusses various topics related to cyber security including networking, Linux, Windows server, cloud platforms, security standards, cryptography, red teaming, web penetration testing, learning resources, security operation center roles, and the OODA loop model for cyber security. References are provided for cyber hunting, career pathways, capture the flag platforms, hacking training sites, vulnerability labs, and bug bounty programs. Different techniques are mentioned for information gathering, system attacks, privilege escalation, and web application attacks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Learn Cyber Security

    Uploaded by

    PHẠM MINH TRÍ
    129 views1 page
    The document discusses various topics related to cyber security including networking, Linux, Windows server, cloud platforms, security standards, cryptography, red teaming, web penetration testing, learning resources, security operation center roles, and the OODA loop model for cyber security. References are provided for cyber hunting, career pathways, capture the flag platforms, hacking training sites, vulnerability labs, and bug bounty programs. Different techniques are mentioned for information gathering, system attacks, privilege escalation, and web application attacks.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses various topics related to cyber security including networking, Linux, Windows server, cloud platforms, security standards, cryptography, red teaming, web penetration testing, learning resources, security operation center roles, and the OODA loop model for cyber security. References are provided for cyber hunting, career pathways, capture the flag platforms, hacking training sites, vulnerability labs, and bug bounty programs. Different techniques are mentioned for information gathering, system attacks, privilege escalation, and web application attacks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    129 views1 page

    Learn Cyber Security

    Uploaded by

    PHẠM MINH TRÍ
    The document discusses various topics related to cyber security including networking, Linux, Windows server, cloud platforms, security standards, cryptography, red teaming, web penetration testing, learning resources, security operation center roles, and the OODA loop model for cyber security. References are provided for cyber hunting, career pathways, capture the flag platforms, hacking training sites, vulnerability labs, and bug bounty programs. Different techniques are mentioned for information gathering, system attacks, privilege escalation, and web application attacks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 1

    ‎Coding

    ‎network ‎network security

    ‎Linux

    ‎Operation ‎windows server

    ‎Cloud aws/azure

    ‎Cyber killchains/ MITRE ATT&CK

    ‎Attacks techniques

    ‎ISO27001

    ‎Security standard ‎PCI/DSS


    ‎security foundation
    ‎Basic
    ‎SOC2

    ‎Encryption

    ‎Cryptography ‎Encoding

    ‎Hashing

    ‎English

    ‎Note

    ‎https://www.cyberhuntingguide.net/

    ‎References ‎https://www.cyberseek.org/pathway.html?

    ‎CTFtime, whitehat, sv ATTT

    ‎Technical Infrastructure

    ‎Role ‎Simulating attacks ‎Social Engineering

    ‎Physical Intrusion

    ‎Set objectives

    ‎Gather intellence

    ‎Network

    ‎Process ‎application
    ‎Simulating attacks

    ‎physical assets

    ‎people

    ‎Report

    ‎Scanning - nmap

    ‎Information Gathering ‎vulnerability scanning - nessus,openvas

    ‎Osint - shodan
    ‎Red team

    ‎brute force

    ‎buffer overflow
    ‎System attack

    ‎null session
    ‎Study
    ‎ARP spoofing

    ‎privilege escalation

    ‎Pivoting

    ‎Active directory pentest

    ‎Evasion

    ‎https://tryhackme.com/

    ‎https://hackthebox.com/

    ‎https://www.vulnhub.com
    ‎Reference

    ‎ ttps://www.offensive-security.com/labs/
    h
    ‎individual/

    ‎Ctf boot to root/ attack-defense

    ‎ eb programming: html,css, javascript,


    W
    ‎python,..

    ‎Database

    ‎XSS

    ‎Injection
    ‎Owasp top 10
    ‎Study
    ‎SSRF

    ‎...

    ‎Read writeup bug bounty

    ‎Hackerone

    ‎Join bug bounty ‎Bugcrowd


    ‎Web pentester
    ‎Synack

    ‎ ttps://www.youtube.com/watch?v=
    h
    ‎YCCrVtvAu2I&list=
    ‎PLBf0hzazHTGO3EpGAs718LvLsiMIv9dSC

    ‎https://portswigger.net/web-security

    ‎https://pentesterlab.com
    ‎Learn Cyber ‎References

    ‎CTF web
    ‎Security
    ‎Dvwa, webgoat,..

    ‎First responds to attacks

    ‎monitoring 24x7
    ‎SOC tier 1 - triage

    ‎provides security issue

    ‎decides whether there is attack

    ‎Investigate the cause of the attack


    ‎Specialist
    ‎SOC tier 2 - Incident Responder ‎Evaluate the impact of the attack

    ‎Recovery plan
    ‎Roles

    ‎Malware detection

    ‎Analysis of malware
    ‎SOC tier 3 - Threat Hunter

    ‎Detecting anomalies

    ‎Hunts unknown vulnerabilities

    ‎SOC manager

    ‎OODA loop ( observe–orient–decide–act)

    ‎Preparation

    ‎Detection and Analysis


    ‎Incident Response Life Cycle
    ‎Incident Response Methodology
    ‎Containment, Eradication, and Recovery

    ‎Post-Incident Activity

    ‎Tactics, techniques and procedures (TTPs)

    ‎Digital Evidence Collection

    ‎Digital forensics ‎Windows Investigations


    ‎Study
    ‎Blue team
    ‎Linux Investigations

    ‎Firewall - pfsense

    ‎WAF - ModSecurity

    ‎IDS: snort, suricata

    ‎Siem: splunk, elk,..

    ‎EDR/XDR: wazuh
    ‎Hands-on

    ‎SOAR: shuffler

    ‎Threat Intelligence: MISP

    ‎Hardening

    ‎Automation

    ‎packet analysis - wireshark

    ‎https://blueteamlabs.online/

    ‎References ‎https://letsdefend.io/

    ‎https://cyberdefenders.org/

    ‎Network security

    ‎Malware analyst

    ‎Cloud security

    ‎Application Security/ devsecops

    ‎Automotive security engineer


    ‎other

    ‎Iot security

    ‎Block chain security

    ‎Exploit development

    ‎GRC - governance risk compliance

    ‎CISO

    ‎linkedin

    ‎github, blog

    ‎ ttps://pauljerimy.com/security-
    h
    ‎Certificate ‎certification-roadmap/

    ‎Jeopardy
    ‎Get a job
    ‎CTF
    ‎Attack/defend

    ‎Research

    ‎Apply CV

    You might also like