Hello, dear friends! This morning I became interested in information security (mostly web, reversing not interested) and want to get as much knowledge as possible in a short period of time, therefore, constitute the plan that will work. I would like your advice, where better to start, what to pay more attention. Ask not for hype, I want to hear as many advices of the collective mind, so that nothing is missed and put in my head. Welcome links to resources, useful tools, personal opinion, but in General all that relates to the topic. How would you approach the study of information security?
At the moment I know: programming languages C++ and Python (+ a General understanding of programming, so learning new languages is not a problem), just basic knowledge of XSS and SQLinj mechanisms, OllyDbg+IDAPro (used for debugging), Linux know at the level of the experienced user.
Here's a list of what you need to know and understand, add please:
- PHP (Laravel/Yii2/Symfony);
- SQL Injection, XSS;
Device network network protocols;
Well, since 60% of the web is php, I think you should start with him.
Then all sorts of SQL and SQL injection
sadie_Hop answered on June 5th 19 at 22:05
With the paranoia. First you have to learn to look for places where they can hide problems. SQL injection is one of them with its own name. As a consequence, learn to close them, or change your code to SQL injection not climbed, or analysis of interface and data processing, so as not climbed any parameter in the wrong place, and so on.
Katelin_Greenholt77 answered on June 5th 19 at 22:07