WANNA GET STARTED WITH CYBERSECURITY BUT DON’T KNOW WHERE TO BEGIN?
Like always, I was checking around the Try Hack Me website for my daily dose and came across a new room PRE SECURITY, which was completely untouched and was never seen before. If you are looking forward to starting your fantastic journey in cybersecurity, I would recommend this room with my 100% confidence that you will not regret doing it. The PRE-SECURITY Pathway is a perfect start and a confidence booster. This pathway is also great for revising the concepts that most cybersecurity enthusiasts forget over a period of time.
CONTENTS OF THE PATHWAY
This learning path mainly focuses on the prerequisite knowledge required for cybersecurity and computer networking if one wants to attack or defend themselves on the internet war that they should know how all the cool tech works.
This Learning Path consists of 15 great rooms focusing on all the different aspects of computer networking, web attacks, Basics of Linux, other basics, which are further categorized under five distinct sections.
SECTION 1: Cyber Security Introduction.
Tag Line: Understand why learning the technical fundamentals is important to succeed in your cyber security learning journey.
This section consists of one room ( Learning Cyber Security. )
In this room, for Task1, you will learn a few excellent stuff like hacking a dummy BookFace account using the Bruteforce technique, in which we try running all the possible passwords one by one through various tools. For Task 2, a case study on “How Target got hacked and had 110M credit cards stolen” made a loss of 300 Million Dollars by exploiting Air Conditioners of stores through an interactive website simulation.
SECTION 2: NETWORK FUNDAMENTALS
Tag Line: Learn the core concepts of how computers communicate with each other and types of network weaknesses.
This Section consists of five highly interactive rooms. They are filled with a lot of fun stuff like games, interactive web simulations for understanding topologies, firewalls, arranging things in order, and a lot more. After completing this section, one gains knowledge regarding most of the networking stuff. Adding cherry to the cake, you will earn the badge of networking nerd after completing this Section.
ROOM 1 is “What is Networking?”. This room focuses on networking fundamentals that how messages work; what is the Internet?; identifying devices on the network, how to ping devices? And some concepts of MAC spoofing.
ROOM 2 is “Intro to LAN.” In this Room, you learn about some of the technologies and designs that power private networks.
In this room, you get to learn in brief about the basic networking terminologies of devices used as the router, switches, and LAN Topology, an idea about what subnetting is, and The DHCP Protocol. This room is also filled with lots of simulations and activities for a deep understanding of the concepts like room one.
ROOM 3: “OSI MODEL. " In this room, you will learn about the most fundamental thing of the entire Internet: the OSI Model. The OSI model is explained with a fun game.
ROOM 4: “Packets & Frames.”, In this room, you will understand how data is divided into smaller pieces and transmitted across a network to another device. Task 1 talks about “What Packets and Frames are” and goes into a deep discussion on it. After this, in Task 2, you will learn the famous “The three-way Handshake,” i.e., TCP/IP. This room illustrates how secure connections are made among various devices. Following this task, Task 3 provides the practical task of how the three-way connection. Task 4 and Task 5 give you rich knowledge of UDP/IP and ports 101, respectively, where you embrace how the direct connections are made and what areas are used.
ROOM 5, the last room of Section 2, focuses on stuff like Introduction to port forwarding, Firewalls, VPN basics, LAN Networking devices, and their hands-on exercise with their excellent simulators.
SECTION 3: HOW THE WEB WORKS
Tag Line: To become a better hacker it’s vital to understand the underlying functions of the world wide web and what makes it work.
This Section consists of four Rooms with many interactive activities, focusing on the working of the Websites. In this section, you can learn the following content: DNS in detail, HTTP in detail, how websites work, and how to manage them all together.
ROOM 1: DNS in detail
This room deals with topics like What is DNS?; Domain Hierarchy, Record types, Making a Request, and practical implementation for the last task.
In Task1, you will learn about DNS in a detailed manner, followed by which Task2 is focused on the Domain Hierarchy. It illustrates different domains like TLD (Top level domain), Second-level Domain, and Subdomain.
Task 3: Record Types, In this task, following this, task 2 coverups the concept of Requests and responses. In task 2, you can learn what a URL is? And important terminologies like scheme, user, host, port, Path, Query String, and Fragments.
ROOM2: HTTP in Detail.
TryHackMe covers a detailed journey of HTTP (HyperText Transfer Protocol) and HTTPS (HyperText Transfer Protocol Secure) in this room. In Task1 and Taask2, you will learn in brief about HTTP and HTTPS and the Requests and Responses.
Example Response:
HTTP/1.1 200 OK
Server: nginx/1.15.8
Date: Fri, 09 Apr 2021 13:34:03 GMT
Content-Type: text/html
Content-Length: 98<html>
<head>
<title>TryHackMe</title>
</head>
<body>
Welcome To TryHackMe.com
</body>
</html>
Task 3 and Task 4 deal with HTTP methods and HTTP Status Codes. HTTP methods are a way for the client to show their intended action when making an HTTP request. And the HTTP Status codes are the various codes you see when something wrong happens to the website, either from your side or the backend. Codes look like this:
Task 5, 6, 7 teach about Headers, Cookies, and Making Requests with practical Hands-on.
ROOM 3: HOW WEBSITES WORK
This room is a masterpiece. It covers distinct topics like HTML-based websites, Javascript-based websites, How the website works, Sensitive Data Exposure, and HTML Injection.
Task1: How Website Works; the topic itself tells what you will learn in this task and the upcoming ones. This whole task is based on website basics and important terminologies.
Task2 & Task3: HTML & Javascript. In these two tasks, you learn the basics of constructing websites using two different languages HTML and Javascript. You will learn how to add images to a website and much more.
Task4 and Task5, you learn how by reading the back-end code, you can find out critical data exposed due to the neglect of security. Along with this how you can use HTML Injection (it is a vulnerability) for your benefit.
ROOM4: PUTTING IT ALL TOGETHER.
This room consists of a quiz that helps you test your knowledge earned in this section. Along with this, in Task 2, you can learn more about Components like Load balancers, CDN (Content Delivery Networks), Databases, WAF (Web Application Firewall).
In Task3 of this room, you will learn about How Web servers Work. It will cover the following topics: What is a web server?; Virtual hosts, Static v/s Dynamic Content, scripting, and backend languages.
You will also earn a badge- World Wide Web after completing this Section.
SECTION 3: LINUX FUNDAMENTALS
Tag Line: Many servers and security tools use Linux. Learn how to use the Linux operating system, a critical skill in cyber security.
Okay, This is the most challenging Section in the whole pathway, but we should not forget that difficult the task, the more we learn.
This Section is divided into three rooms, but these rooms are a continuous part of each other with increasing complexity. So, instead of treating them as different, we can concentrate on all the amazing stuff. If you don't even know a bit about Linux, this section is a perfect kickstart.
Starting with the fundamental part 1, it talks about the background of Linux, Interaction with terminal, commands for playing with the filesystem in which you learn commands like ls, la, cd, su. Moving forward, the next topic covered in task 6 is searching for files through the terminal, and the commands learned are find, locate, and grep. After this, there is an introduction to shell operators.
Fundamental part 2 covers more practical stuff like accessing the machine using SSH(Secure Shell); SSH has been covered in great depth, covering the topics like what SSH is and how it works. After this, there is an introduction to flags and switches and how to disclose hidden files using ‘ls -a’. Following this interaction with files is continued from fundamental part1, you will learn commands like cp, mv, rm, touch, mkdir, note. In task 5, there is a brief discussion between Users & Groups. Following this for the end of this room, there is a deep discussion of common file directories like /etc, /tmp, /var, /root.
For the finale of fundamentals of Linux, the things in this room go to some advanced uses of Linux. Terminal text editor, i.e., use on nano for editing files without actually opening them. After this, you learn useful utilities like ‘wget’ to download files over an SSH connection and transfer files from the host to the connected machine. In task 5, the focus is on process monitoring, managing processes, and how to start or end a process. After this, you come across the concept of automation for maintaining access using commands like cron/ crontabs. Following this, there is an introduction of Packages & Software Repos and maintaining your system logs.
You will achieve another badge on completing this section- Linux privEsc
SECTION 4: WINDOWS FUNDAMENTALS
Tag line: Get hands-on access to Windows, and it’s security controls. These basics will help you in identifying, exploiting, and defending Windows.
This Section consists of advanced uses of Windows covering various topics in two Rooms Windows Fundamentals 1 & Windows Fundamentals 2.
ROOM1: Windows Fundamentals 1
You will learn concepts like the Windows desktop, the NTFS file system, UAC, and the Control Panel in this room. Task 2starts with a discussion of Windows Editions like windows XP, Windows 7/ 8, and Windows 10.
For Task3 and Task4, you will learn about basic features of the Desktops and the File System. There is a brief about the desktop(GUI) variations as the updates rolled out for Windows. Following this, you will learn that The file system used in modern versions of Windows is the New Technology File System or simply NTFS and various NTFS features. The further topics covered in this room are How can you view the permissions for a file or folder?
Task5 covers The Windows\System32 Folders as they are a crucial source for cybersecurity experts and are very important for Windows itself as this folder is the source.
Following this for Task 6 and Task 7, you will learn about User Accounts, Profiles, Permissions, and User Access Control. On a local system, the users can be of two types: Administrator & Standard User. This decides the amount of access the user has. If a user is an admin, he can perform critical actions like modifying system files and much more. UAC (User Access Control) was introduced with the short-lived windows vista; its main purpose is to protect the local user with privileges.
For Task 8 & Task 9, there is a deep discussion on Settings, Control Panel, and Task Manager, where for the settings and control panel, their roles and functions are discussed. In the case of task manager, various roles and functions that can be performed are explained, and some short-cuts for performing the task quickly are given.
ROOM 2: Windows Fundamentals 2 is a continuation of Part 1. You will learn a lot about advanced Windows uses like System Configuration, UAC Settings, Resource Monitoring, the Windows Registry, and more in this room.
For the starter in task2, you will learn about the command ‘msconfig’ used in advanced troubleshooting. Its main purpose is to help diagnose startup issues and the various methods to launch System Configuration.
In Task3, you will be again handling UAC at an advanced level, like changing its settings.
From Task4, you will learn about system management. The Computer Management (compmgmt) utility has three primary sections: System Tools, Storage, and Services and Applications.
Task 5 and Task 6 deal with other useful functions of the computer management Interface like system Information and Resource Monitor. System information describes info about various parts of your system and your OS. In contrast, the Resource Monitor displays all the resources used while running certain services for a certain section of time.
Moving toward the end, the last task of the room and the PRE SECURITY PATHWAY, Task8, In this task, you can learn about a crucial tool of the system configuration. The Windows Registry (per Microsoft) is a central hierarchical database used to store information necessary to configure the system for one or more users, applications, and hardware devices.
Congratulations and best of luck with your cybersecurity journey. On Completion of this room, you have not only solved 238 Questions but have also earned a precious certificate for your profile. After this can proceed with the complete beginner pathway.
The Certificate will look like this.
Connect with me:
LinkedIn: https://www.linkedin.com/in/prasan-singh-13ba15198/
Twitter: https://twitter.com/parsan26
Join The Community:
LinkedIn: https://www.linkedin.com/company/cyber-junk
Discord: https://discord.gg/ZmCmkw2enz
Support my HackClub: https://bank.hackclub.com/donations/start/cyber-junk
