Cyber Security, Information Security, Ethical Hacking… these are all the different words for a pretty much same thing. In reality, Security or say “Hacking” is not so glamorous like what we watch in fancy Hollywood Movies & Seasons but indeed it is the most dynamic, exciting, challenging and emerging field in the world and getting an entry level cyber security job is easier than you think. Unlike some other areas of Information Technology, there is unmet demand of Information security professionals in industry which is increasing day by day. According to some industry experts there will be more job vacancies in Information Security than in any other field in future. So its a good career option for you whether you’re a student, developer, sysadmin or whatever, as long as you’re passionate, excited and hard working folk, you’ll find it a creative, rewarding and fulfilling career option.
Areas in Cyber Security
Security is a broad field. There is need for people that build secure systems, people that hack systems, people that build solutions for security industry and a lot others. There are some major key roles described below according to the need of the industry. You need to look into yourself and find out which role fits for you the most.
Offensive Security
Offensive security experts are the Ethical Hackers who try to break into softwares, websites, computer networks, security solutions etc. They include Penetration testers, Red Teamers, Bug bounty hunters, Reverse Engineers and Vulnerability researchers. They have the mindset of a Black Hat Hacker with approach to find vulnerabilities and security loop hole of a system.
Penetration testing, Red teaming or reverse engineering are authorized offensive approaches to identify vulnerabilities and possible threats to a target system or a network. The target system may be a server, website or a web application. The final goal of penetration test is to gain access to the target system or network to provide a clear picture of how an unauthorized person can get access to your system.
A penetration tester tries to simulate real world attacks against the target system to find possible security holes. It can also be used to test an organization’s security policies and its employees’ security awareness. This process can be done manually or by using automated tools and vulnerability scanners. In short, Pentesters try to play the role of hackers and attempt to breach the target network, if breach is successful, they’ll report your system’s weaknesses, hence stopping black hat hackers from compromising or stealing your intellectual property.
Defensive Security
On the other hand, defensive security is about securing & patching the security loop holes identified by offensive operations. It involves Blue Teaming, SOC (Security Operation Center), Disaster recovery, threat mitigation, Secure Programming, Forensics Investigation etc. Their responsibility is to detect, identify the attacks and prevent it from happening by patching the vulnerabilities.
Defensive security analyst deploy defensive solutions like IDS/IPS, Firewalls, defenders and monitor their logs regularly. If they identify any attack, they report it and patch it immediately. Afterwards, their responsibility is to clean any malware or backdoor and perform Forensics to analyze the potential of the attack.
Courses and Certification
You’ll find a lot of website, Udemy courses and YouTube videos offering you to become an Ethical Hacker in one day but that’s not how it works. It takes months and years to become a true Cyber Security Professionals that knows ins and outs of the industry. Anyway, you should start with covering the basics of TCP/IP Networking, Routing, Web Programming, Databases, C/C++, Kali Linux, Bash and Python. After you gain some knowledge, try playing some beginner CTFs, breaking into Metasploitable, Damn Vulnerable Web Application (DVWA), Multidae and other resources offered by Rapid7 and OWASP.
Some free Resources
I recommend watching free tutorials of Metasploit and Security basics by Bucky Roberts (his YouTube channel link https://www.youtube.com/user/thenewboston). After you get some familiar with it there are some great Mega Premiers by Vivek Ramachandran (https://www.pentesteracademy.com/) which offer high quality educational content. If you have money, then you can buy some Udemy courses or you can go for a beginner certification.
Some Great Books
Here are some great books that you can find on Amazon or in form of pdf on the internet
- Hacking – The Art of Exploitation
- The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
- Mastering Kali Linux with Advanced Penetration Testing
- The basics of Hacking and Penetration Testing: Hacking and Penetration Testing made easy
- Google Hacking for Penetration Testers
- Mastering Wireless Penetration Testing for Highly Secured Environments
Certifications
Certifications aren’t always necessary but they’re good if you want to go to a specific organization, they also help you stand out from the crowd. There are loads of certifications out there making it kind of confusing for people which one they should take. Here, we’ll review some famous & valuable certification available in the market, their requirements and their pros and cons.
CEH
CEH a beginner level certification followed by CEH courseware which includes theory, lab manuals and some videos. It teaches you about basics of Pentesting, Malwares, Social Engineering, Cryptography, Cloud Computing and DOS attacks.
Pre-Requisites: Nothing
Sponsors: Ec-Council
Pros: Its a general certification which gives you a whole overview of both offensive and defensive aspects of Cyber Security.
Cons: Its all theory, v10 got some practicals but that’s not sufficient enough to make you a Cyber Security Professional.
SECURITY+
Its another entry level certification like CEH but is more easy.
Pre-Requisite: Nothing
Sponsors: COMPTIA
Pros: Fairly simple and costs much less
Cons: Its more entry level than CEH
OSCP
Offensive Security Certified Professionals (OSCP) is a renown Offensive Security Certification followed by a course PWK (Penetration Testing with Kali). It teaches you all about Penetration testing and its methodologies. Its exam is 100% practical and consists of 5 machines that you have to hack, you need at least 70 out of 110 points to pass the certification.
Pre-Requisite: Basics of TCP/IP and Linux, Knowledge of a programming language like Python is a plus
Sponsors: Offensive Security
Pros: Its a difficult certification which needs hands on practice to pass it. It teaches you real world enumeration and exploitation techniques.
Cons: Its more oriented towards Network Pen-testing and less focuses on Web Application vulnerabilities.
CISSP
Certified Information Systems Security Professional (CISSP) is an expert level certification. It is undoubtedly a gold standard for Cyber Security Industry. Anyone who wants to grow his career in Security industry is expected to have this certification
Pre-Requisite: 4-5 years prior experience in Security industry is required
Sponsors: ISC2
Pros: It is the most recognized certification of Cyber Security, it gives you a broad overview of Cyber Security with some technical twists.
Cons: Every one holding this certification has a broad knowledge of the field but he can’t expected to be a master of the industry.
Capture The Flags – Hackers’ Playgrounds
Capture the Flags (CTF) are Cyber Security competitions usually organized at Cyber Security Conferences or hosted at websites. They have varies type of challenges (tasks) like Reversing, Crypto, Forensics, Pwn, Steganography, Web Application with varying levels of difficulties, a flag (usually some test or a hash) hidden somewhere is expected to submit at the completion of the challenge. If you have got some basic knowledge about security and want to learn some practical skills like Bash or web pwning, get your hands dirty with beginner level CTFs like Pico CTF (https://picoctf.com/) and Over The Wire. Also HackTheBox and VulnHub have mixed collection of CTF machines which is a good practice resource for both beginners and experts. Upcoming CTF events are regularly listed at CTF TIME. Some other good Resources for CTFs are
https://www.alienvault.com/blogs/security-essentials/capture-the-flag-ctf-what-is-it-for-a-newbie
https://security.stackexchange.com/questions/3592/what-hacking-competitions-challenges-exist
https://wheresmykeyboard.com/2016/07/hacking-sites-ctfs-wargames-practice-hacking-skills/
https://ctfs.github.io/resources/
Kali Linux
Kali Linux previously known as “BackTrack” is an open source GNU/LINUX distribution made for Penetration Testers, Forensics Investigators and security researchers. If you get into security then you’ll often hear of it because it is equipped with all the softwares and tools that are needed for security testing. It is based on “Debian Testing” and is used mainly for Penetration Testing and Security Auditing. You can use Kali Linux in virtual environments like Virtualbox and VMware or you can dual boot it with your existing Operating system. For more help, please refer to Kali Linux official documentation here. Kali Linux also has an open source penetration platform for Android devices called NetHunter. It has scripts and tools that are helpful in Penetration Testing, like Wireless Attacks, Evil Access Point Attacks, HID attacks, Bad USB attacks etc.
Some similar distributions in this category are Parrot Security OS, DracOS and Black Arch Linux.