Get Started with Cybersecurity

In this page we will see what you need to have to try Cybersecurity hands-on

Everything is Open Source, so you can find all the tools you need for free.

Technology you need:

  • Computer (Windows or Linux) (Note: i have no experience in MAC devices)
  • Internet
Linux is recommended, but you can use Windows without any problems.

Virtual Machines:

If you are running a Linux Operative System (OS), there are no problems with the commands and the software (~apps) we will use.

If you are running Windows there are two options:

Syllabus

I will not cover in details complicated arguments like cryptography and networking, but I will try to give the most important concepts.
  • Introduction: why cybersecurity is important
    • Jobs
    • Real-world examples of cyber attacks
    • Basic concepts: confidentiality, integrity, availability
    • Common threats: malware, phishing, social engineering
  • Types of Cybersecurity
    • Network Security
    • Network Analysis
    • Application Security
    • Cryptography
    • Hacking / Ethical Hacking
    • Penetration Testing
  • Search Skills: using web to gather information
    • Using search engines effectively
    • Identifying credible sources
    • Advanced search techniques
  • Linux Fundamentals
    • Basic Linux commands
    • Package management
    • SneakPeek of useful commands for cybersecurity
  • Windows Fundamentals
    • Basics
    • Command Line Interface (CLI): CMD and Powershell
  • Networking Basics
    • Understanding IP addresses and subnets
    • Common network protocols (HTTP, HTTPS, FTP, DNS)
    • Understanding firewalls and VPNs
  • Networking Tools
    • Wireshark and tcpdump for network analysis
    • Network scanning tools (Nmap, Netcat)
  • Cryptography
    • Basic concepts: encryption, decryption, hashing
    • Common cryptographic algorithms (AES, RSA, SHA)
  • Cryptography tools
    • OpenSSL for encryption and decryption
    • Hashcat for password cracking
  • Web Security
    • OWASP
    • Common web attacks (XSS, CSRF, SQL Injection)
  • Web Security Tools
    • Burp Suite for web application testing
  • Hacking and Penetration Testing
    • CVE (Common Vulnerabilities and Exposures)
    • Exploits and payloads
    • Post-exploitation techniques
  • Hacking and Penetration Testing Tools
    • Metasploit Framework for exploit development
  • Defensive Security
    • Intrusion Detection Systems (IDS)
    • Firewalls
    • Security Information and Event Management (SIEM)
    • Security Operations Center (SOC)
  • Defensive Security Tools
    • ufw (Uncomplicated Firewall)
    • fail2ban for intrusion prevention
    • Snort for network intrusion detection
    • Splunk for log analysis
    • SW that implements SIEMs : Wazuh