After learning in these confusion for a period of time, the question gradually becomes:
? The knowledge points are relatively scattered, how to connect them together?
? How to use these technologies in reality?
For friends who have just come into contact with network security, most of the above problems should be well understood.
So I summarized two common self-learning mistakes for beginners in the process of self-study to help you:
1. The misunderstanding of self-study based on programming.
Behavior: learn from programming, front-end and back-end, communication protocols, everything.
Disadvantages: it takes too long and there is not much key knowledge available after the actual transition to security. A lot of security function knowledge or even nouns are not understood.
2. The misunderstanding of self-study in the direction of hacker skills and interests.
Behavior: frantically search for security tutorials, join a variety of small circles, go down every resource, watch every video, as long as it is related to hackers.
Disadvantages:? Even after considering the quality of resources, the knowledge points that can be learned are very scattered and highly repetitive. The code is not understood, the explanation is not understood, and a little knowledge occurs from time to time. After spending a lot of time to understand, I found that the content of this video is actually the same as other knowledge points I watch.
So how to get started quickly and effectively?
Three-step entry white hat hacker
The route I have mapped out is a systematic learning system for big hackers with zero foundation.
The first step for a novice with zero foundation should be:
Understanding of the basic communication principles between the front and back end of Web and the server. (the front and back end refers to H5, JS, PHP, SQL, and the server refers to WinServer, Nginx, Apache, etc.)
The second step: the principle and utilization of current mainstream loopholes
At this time, we should learn the principle and utilization of mainstream vulnerabilities such as SQL, XSS, CSRF and so on.
The third step: the excavation of current mainstream loopholes and audit reproduction.
Learn the idea of 0day dug by our predecessors, and repeat it, try the same audit.
These three-step learning methods are enough for beginners to become small.
If you want to improve your skills, but because of the online hacker basic introduction to a wide range of resources, the quality of good and bad, self-learning efficiency is not high. Is there a quick and in-depth tutorial that can be put into practice?
Here's your chance.
Control the security college & Tencent classroom launched the "3-day hacker quick training camp"!
Suitable for people: zero foundation, novice rookies, network security professionals want to improve skills, Internet workers, operation and maintenance staff, computer-related students in school employment, programming development and other network security enthusiasts.
The welfare of our fans: you can register for 0 yuan.
Press the scan code for a long time to add a teacher to receive the course
After adding, you can also get:
(1) get the network security mind map for free
(2) participate in the training camp and get the preview materials
(3) participate in live courses and draw lottery free of charge.
Full set of penetration tools, learning videos,
Technical documentation, learning route
Attend the course on time, five services are waiting for you.
1. Simple and practical-full combat video, easy to learn technology?
two。 Homework monitoring-put what you have learned into practice and provide timely feedback and guidance?
3. Tutor and Supervisor-accompany you to improve your learning self-control ability?
4. Quality community-people who learn, grow and make progress together?
5. Matching shooting range-after-school shooting range practice, faster promotion?
? If you sign up, you can get the history questions bank of the big factory for free, which will give you a hand!
You can get the course by scanning the code.
Valid for 48 hours, remember to scan the code first and add it!
In case you need it, you don't have to look for resources.
If you sign up successfully, you will send a welfare gift package and a chain of sealed Shentai shooting range.
True evaluation of students
Swipe up and down to see more
Swipe up and down to see more?
q. Do you have no response to add TA Wechat after joining the group?
A: if there are too many teaching assistants at once, there may be a delay. Students can just wait patiently.
q. Is it really free? Is it a lie?
A: Tencent classroom subsidy, 3-day training camp real price and time-limited free ha! The School of Security Control is an officially certified security school in Tencent classroom, which has trained thousands of security talents and is absolutely officially reliable!