Skip to content

Simple Cyber Security Roadmap created by the Cyber Blockhain Club of Symbiosis Institute of Technology, Pune

Notifications You must be signed in to change notification settings

SIT-Cyber-Blockchain-Club/Cybersecurity-Roadmap

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 

Repository files navigation

Cybersecurity-Roadmap

Index

  1. Linux
  2. Computer Networks
  3. Security Features and Vulnerabilities
  4. Encryption, Authentication, and Access Control
  5. Metasploit and Wireshark
  6. SQL Injection and XSS
  7. Controlled Simulation Labs to try pentesting

1. Linux Operating System


2. Networking/OSI


3. Security Features and Vulnerabilities

  • The security measures and techniques used in order to prevent any kind of cyber attacks are the security featurs of that perticular system or sofware. A critical security feature of any technology is the ability to turn it off, undo it, deactivate it, or otherwise separate the harm it might cause from those it might harm.

  • Resources

  • Tasks:

    • Understand the overview and concept
    • Try to find out the tools used for these purposes
    • Make a list of the tools and solve access control labs using burpsuite
  • Labs to solve


4. Encryption, Authentication, and Access Control.

  • Encryption is the process by which a readable message is converted to an unreadable form to prevent unauthorized parties from reading it. Decryption is the process of converting an encrypted message back to its original (readable) format. The original message is called the plaintext message. Authentication is the process of verifying who a user is, while authorization is the process of verifying what they have access to. Authentication collects information from the user or entity in the form of text (e.g., passwords), unstructured data (e.g., image of the user's face), or an access token. Authorization requires a token proving that the entity is authenticated and additional information about the entity to apply access rules

  • Resources

  • Tasks:

    • Try to use Burpsuite and learn how different tools can be used for this purpose
    • Learn the commands
    • Upload the screenshot of the solved lab here
  • Labs to solve


5. Metasploit and Wireshark

  • Metasploit is the world’s leading open-source penetrating framework used by security engineers as a penetration testing system and a development platform that allows to create security tools and exploits. The framework makes hacking simple for both attackers and defenders. Wireshark is a software tool used to monitor the network traffic through a network interface. It is the most widely used network monitoring tool today. Wireshark is loved equally by system administrators, network engineers, network enthusiasts, network security professionals and black hat hackers. The extent of its popularity is such, that experience with Wireshark is considered as a valuable/essential trait in a computer networking-related professional.

  • Resources

  • Tasks:

    • Watch the video and make a note of the steps.
    • Learn the commands.
    • Solve the kioptrix level one and attach the snapshot of captured shell.

6. SQL Injection and XSS

  • SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details. Cross-site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website. Attackers often initiate an XSS attack by sending a malicious link to a user and enticing the user to click it.

  • Resources

  • Tasks:

    • Watch the video and make a note of the steps
    • Learn the commands
    • Upload the md file that you make, attach the snapshots for the same labs that you solve.
  • Labs to solve:


7. Controlled Simulation Labs to try pentesting

Labs for you to solve for better understanding

  1. SQL-Injection Labs
  1. XXE labs
  1. Authentication

Submissions

  1. Fork this repo
  2. Fetch changes
  3. Make changes, upload your tasks completed according to the tasks mentioned, in PDF, or script format
  4. Make a pull request with relevant commit message