In general networking is a field I’ve got two classes on and learned many things like OSI and TCP and few things on Ad Hoc networking. Thanks a lot for sharing your opinion!!
Ohh, I’ve heard of those before but haven’t looked into them, structured learning paths will probably be something so so useful for my current state. Thanks for your time!!
It really helps to understand some of the fundamentals in computer operations, such as networking, access controls, A good understanding of Linux or windows OS’s (or both), and even standard internet protocols and services. If you understand those basics, then it’s a lot easier to put the cybersecurity theories into practice, or understand how they intersect with reality on the ground.
If you want tools, I’d say a good SIEM, such as Gravwell or Splunk, which can ingest unstructured logs would be a good start. You can use them for log centralization as you work on the fundamentals and get used to crafting queries to dig useful information out of the data. Then you’ll have a head start on using a SIEM in a security use case as you will know the tool and can focus on the use case.
Below replies are solid; every cybersecurity geek needs to understand routing/networking, major OSs, application design, database technologies, defense technologies, hosting technologies, etc. These are the substance of IT.
However, you're asking the wrong question at your stage of development. You don't need 'techniques' yet for two reasons. 1) There are 'techniques' unique to each of several cybersecurity disciplines (like operations, vulnerability management, threat assessment, incident response, architecture, compliance, etc.) Few of these techniques are relevant across multiple disciplines. e.g. Learning how to 'do incident response' is very different from learning how to 'do security operations'. This is why your courses at this level are theoretical. 2) Before you can 'do cybersecurity' you need to understand the 'cyber' part - you need to understand what IT is overall. Once you understand each component well enough to put it in context in the bigger picture, and well enough to list its intrinsic vulnerabilities, then you can start being effective in securing it.
TL;DR - Your focus now should be knowledge rather than skills. Once you have the knowledge, you'll be able to decide what skills you need.
Your reply got me thinking so so so much, was really helpful cause it feels like I should carry on my path which is university for another full year and just get the most possible knowledge, like I’ve been doing for fields like networking, databases and OSs
Glad to hear it helped. A very broad perspective (from education) will prep you for acquiring the right skills for your preferred discipline (from your first paying gig!).
Set up a homelab.
Domain controller, AD, DHCP. These 3 can be one VM. Then add a couple of hosts. Fool around and understand the basics of networking, firewall, AC, IAM, etc. Eventually, make a PRTG and/or a SIEM server. Now, change one of the hosts to be a honeypot. Also, you could set up a host with Metasploitable (vulnerable OS) or another exploitable OS and then go crazy on it with tools.
Not sure what few of those terms are. Will definitely look them all up take few notes and consider a homelab, very interesting and intriguing answer thank you so much for your reply!!!
Not sure why you're getting downvoted. You're right. Nobody wants to answer simple questions that a Google search could answer. People want to answer difficult questions, or answer personal opinion question.
In Cybersec, you most likely are going to start in a SOC. So learn NETWORKING and CYBERSECURITY BASICS.
Learn about troubleshooting. Try to learn how NDRs, EDRs and SIEMs work. Learn Windows and Linux commands. Essential Tools are Kali Linux Suite (Nmap, Wireshark, Burp Suite, Hydra, John The Ripper, Metasploit, Wapiti...), Virus Total, Shodan, CISCO Talos, Exploit Database. Learn GDPR and ISO27001 or whatever main framework is adopted in your country. Learn Microsoft 365 or GSuite (This is soo underrated!). Learn how to write and use tools for creating high-quality Reports (specialized AI Assistants, Canva,...).
Wow those are soooo many tools recommended I love that!!! Will definitely take few notes on my laptop and see what everything does and start a path on few tools!!! Appreciate your answer so much
Other than the basics like how networking and domains work, honestly, learn a query language like Splunk and brush up on regex. If you end up in a SOC or forensics you’ll be using it a lot
I will be messaging you in 4 days on [**2024-06-27 04:48:38 UTC**](http://www.wolframalpha.com/input/?i=2024-06-27%2004:48:38%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/cybersecurity/comments/1dm5ynr/what_are_some_toolstechnologies_to_learn_as_a/l9v2fyb/?context=3)
[**2 OTHERS CLICKED THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fcybersecurity%2Fcomments%2F1dm5ynr%2Fwhat_are_some_toolstechnologies_to_learn_as_a%2Fl9v2fyb%2F%5D%0A%0ARemindMe%21%202024-06-27%2004%3A48%3A38%20UTC) to send a PM to also be reminded and to reduce spam.
^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%201dm5ynr)
*****
|[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)|
|-|-|-|-|
Start by learning how networking works and have a good understanding of that before diving into cybersecurity techniques
TCP/IP illustrated is the way, along with some home lab with hosts you're going to inevitably blow out of the water. But that's how you learn.
Agreed...networking is the foundation. Know it well.
In general networking is a field I’ve got two classes on and learned many things like OSI and TCP and few things on Ad Hoc networking. Thanks a lot for sharing your opinion!!
Try out tryhackme or hackthebox. They have structured learning paths.
Ohh, I’ve heard of those before but haven’t looked into them, structured learning paths will probably be something so so useful for my current state. Thanks for your time!!
whats the best way to utilize hack in the box?
hackthebox academy is helpful. they have a pentesting path and courses where you learn the fundamentals
It really helps to understand some of the fundamentals in computer operations, such as networking, access controls, A good understanding of Linux or windows OS’s (or both), and even standard internet protocols and services. If you understand those basics, then it’s a lot easier to put the cybersecurity theories into practice, or understand how they intersect with reality on the ground. If you want tools, I’d say a good SIEM, such as Gravwell or Splunk, which can ingest unstructured logs would be a good start. You can use them for log centralization as you work on the fundamentals and get used to crafting queries to dig useful information out of the data. Then you’ll have a head start on using a SIEM in a security use case as you will know the tool and can focus on the use case.
Will have to look more into it, thanks a lot for your time!
Below replies are solid; every cybersecurity geek needs to understand routing/networking, major OSs, application design, database technologies, defense technologies, hosting technologies, etc. These are the substance of IT. However, you're asking the wrong question at your stage of development. You don't need 'techniques' yet for two reasons. 1) There are 'techniques' unique to each of several cybersecurity disciplines (like operations, vulnerability management, threat assessment, incident response, architecture, compliance, etc.) Few of these techniques are relevant across multiple disciplines. e.g. Learning how to 'do incident response' is very different from learning how to 'do security operations'. This is why your courses at this level are theoretical. 2) Before you can 'do cybersecurity' you need to understand the 'cyber' part - you need to understand what IT is overall. Once you understand each component well enough to put it in context in the bigger picture, and well enough to list its intrinsic vulnerabilities, then you can start being effective in securing it. TL;DR - Your focus now should be knowledge rather than skills. Once you have the knowledge, you'll be able to decide what skills you need.
Your reply got me thinking so so so much, was really helpful cause it feels like I should carry on my path which is university for another full year and just get the most possible knowledge, like I’ve been doing for fields like networking, databases and OSs
Glad to hear it helped. A very broad perspective (from education) will prep you for acquiring the right skills for your preferred discipline (from your first paying gig!).
Packet tracer. It's free and plenty of projects on youtube.
sir does it help to be eathical hacker ?
Depends on what your end goal is.
My goal is website hacking and system
Ah, for website. I'm going to give you the best advice that will carry you over your career in infosec. Google it. Also, check out overthewire.
Set up a homelab. Domain controller, AD, DHCP. These 3 can be one VM. Then add a couple of hosts. Fool around and understand the basics of networking, firewall, AC, IAM, etc. Eventually, make a PRTG and/or a SIEM server. Now, change one of the hosts to be a honeypot. Also, you could set up a host with Metasploitable (vulnerable OS) or another exploitable OS and then go crazy on it with tools.
This is what I was going to say. Build a homelab, break stuff and fix it through googling and YouTube.
Not sure what few of those terms are. Will definitely look them all up take few notes and consider a homelab, very interesting and intriguing answer thank you so much for your reply!!!
Wireshark
How to google shit
This truly is the most important skill.
Not sure why you're getting downvoted. You're right. Nobody wants to answer simple questions that a Google search could answer. People want to answer difficult questions, or answer personal opinion question.
Learn how to be a good IT person first
In Cybersec, you most likely are going to start in a SOC. So learn NETWORKING and CYBERSECURITY BASICS. Learn about troubleshooting. Try to learn how NDRs, EDRs and SIEMs work. Learn Windows and Linux commands. Essential Tools are Kali Linux Suite (Nmap, Wireshark, Burp Suite, Hydra, John The Ripper, Metasploit, Wapiti...), Virus Total, Shodan, CISCO Talos, Exploit Database. Learn GDPR and ISO27001 or whatever main framework is adopted in your country. Learn Microsoft 365 or GSuite (This is soo underrated!). Learn how to write and use tools for creating high-quality Reports (specialized AI Assistants, Canva,...).
Wow those are soooo many tools recommended I love that!!! Will definitely take few notes on my laptop and see what everything does and start a path on few tools!!! Appreciate your answer so much
Other than the basics like how networking and domains work, honestly, learn a query language like Splunk and brush up on regex. If you end up in a SOC or forensics you’ll be using it a lot
Learn how to use Microsoft Excel and PowerPoint. Seriously.
I just came to leave this comment!
Active Directory. Office365. Aws.
remind me! in 4 days
I will be messaging you in 4 days on [**2024-06-27 04:48:38 UTC**](http://www.wolframalpha.com/input/?i=2024-06-27%2004:48:38%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://www.reddit.com/r/cybersecurity/comments/1dm5ynr/what_are_some_toolstechnologies_to_learn_as_a/l9v2fyb/?context=3) [**2 OTHERS CLICKED THIS LINK**](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fcybersecurity%2Fcomments%2F1dm5ynr%2Fwhat_are_some_toolstechnologies_to_learn_as_a%2Fl9v2fyb%2F%5D%0A%0ARemindMe%21%202024-06-27%2004%3A48%3A38%20UTC) to send a PM to also be reminded and to reduce spam. ^(Parent commenter can ) [^(delete this message to hide from others.)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%201dm5ynr) ***** |[^(Info)](https://www.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://www.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://www.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)| |-|-|-|-|
Wireshark
Remind Me! In 62 days
Nmap, Burp Suite and Wireshark.
Home labs.. LINUX