当前位置:网站首页>Analysis of penetration test learning and actual combat stage
Analysis of penetration test learning and actual combat stage
2022-07-06 13:48:00 【One call yyds】
Initial contact stage
Many little partners who have just come into contact with the penetration testing industry when you walk out of the gate of the College , Sometimes I feel very confused , I don't know the plan for the future after learning penetration testing .
According to my analysis for many years , Come up with a set of my own ideas and opinions .
The first step is , Of course, first learn the basic knowledge of penetration testing .
The second step , It belongs to the advanced stage , Constantly summarize what content of penetration testing in the process of the project is the most helpful to us through actual combat .
The third step , Constantly learn from the practical experience of our predecessors , Thus, it can be flexibly applied to actual combat .
Step four , Analyze simply , Technical expertise , Go back to the source .
Step five , Mining and analyzing the most primitive elements , Discover the latest 0day Loophole .
I think the cognitive level should also be constantly improved , The cognitive side represents your height , Knowledge represents the current height .
Learning penetration testing must have their own ideas , Just like setting goals , What to do first, then what to do , Don't mess up the rhythm .
Here is a share of my learning and practical experience .
I am a rookie with dreams ,
The first stage , Of course, it is to understand the market of the network security industry , And development trend 、 The work done .
The second stage , So I began to look for ways to learn , Method , Ask Baidu if you don't understand , Baidu has also given me many methods of predecessors . So we choose the learning method that suits us to start learning .
I just started to learn PHP programing language , Secondly, I revisited MySQL database , Then learn how to collect information , Then learn about loopholes , Basic loopholes .
The third stage , It is to apply knowledge to actual combat , This stage is a small breakthrough stage , At first, I was digging some unprotected sites , Put the knowledge learned on the real website , So I chose src, Digging holes in actual combat is a stage of the formation of self thinking , Every penetration testing engineer should have his own ideas and methods of vulnerability mining , Bring everyone together , What is digested is what belongs to you .
Goals matter , In the actual combat stage, I plan to be on the list at least , So I studied some methods of vulnerability fast mining .
The fourth stage , It is the extension stage , Continue to expand the scope of our possible attacks , Or the way of defense .
Whatever it is , It is helpful for our attack , This will let us know how the target defends , In order to make better use of countermeasures . To achieve our goal of attacking target vulnerabilities .
The fifth stage , Analyze the origin of the vulnerability , Learn reverse thinking , No killing thought , Penetration testing technology , Programming technology , Network knowledge , Development integration and other knowledge , Think about what kind of problems it will produce , Try to explore new bug.
Maybe the idea is like this , After that, I will continue to publish my technical articles , Welcome to Europe !
边栏推荐
猜你喜欢
[during the interview] - how can I explain the mechanism of TCP to achieve reliable transmission
Read only error handling
Differences among fianl, finally, and finalize
Nuxtjs快速上手(Nuxt2)
PriorityQueue (large root heap / small root heap /topk problem)
4. Branch statements and loop statements
canvas基础1 - 画直线(通俗易懂)
C language Getting Started Guide
Pit avoidance Guide: Thirteen characteristics of garbage NFT project
Have you encountered ABA problems? Let's talk about the following in detail, how to avoid ABA problems
随机推荐
Mortal immortal cultivation pointer-1
[面試時]——我如何講清楚TCP實現可靠傳輸的機制
深度强化文献阅读系列(一):Courier routing and assignment for food delivery service using reinforcement learning
【九阳神功】2022复旦大学应用统计真题+解析
5月27日杂谈
【九阳神功】2018复旦大学应用统计真题+解析
【九阳神功】2021复旦大学应用统计真题+解析
[中国近代史] 第五章测验
这次,彻底搞清楚MySQL索引
ABA问题遇到过吗,详细说以下,如何避免ABA问题
3.猜数字游戏
. Net6: develop modern 3D industrial software based on WPF (2)
扑克牌游戏程序——人机对抗
撲克牌遊戲程序——人機對抗
[graduation season · advanced technology Er] goodbye, my student days
使用Spacedesk实现局域网内任意设备作为电脑拓展屏
[the Nine Yang Manual] 2021 Fudan University Applied Statistics real problem + analysis
(原创)制作一个采用 LCD1602 显示的电子钟,在 LCD 上显示当前的时间。显示格式为“时时:分分:秒秒”。设有 4 个功能键k1~k4,功能如下:(1)k1——进入时间修改。
hashCode()与equals()之间的关系
4.二分查找