Azid's InfoSec Journey

During my preparation for the CEH, I used one resource that was very useful, Practical Ethical Hacking by Heath Adams on Udemy . This was such a good course. While studying for the CEH, I watched only the first few modules which covered the basics which I needed. Watching how the tools worked and how people use it was very useful in learning the methodology and the workings of the tool. After I passed the CEH, I decided to complete the Practical Ethical Hacking course because I really enjoyed it and learnt a lot while doing it. So I continued doing it and it is one of the best resources I have used to learn. The course covers the following: Networking Linux Python Information Gathering Reconnaissance Scanning & Enumeration Exploitation Post Exploitation Web App Penetration Wireless Penetration Exploit Development(Buffer Overflows) Active Directory There was a small refresher on Networking, I didn't have a problem with that as I already knew everything from studying for the CCNA

On July 10th I passed the CEH with 105/125 questions right and this is the write up to the exam and certification. I got really interested in the CEH because it was a well known certification and the syllabus really interested me. I also had a ton of recommendations online and from people in this industry saying that the CEH was a really good beginner level security certification. Details about the exam and course: I bought the course from the EC-Council website. There are certain requirements if you want to take this certification. You should either have 2 years experience or buy their online iClass to attempt the exam. As I did not have the required experience I bought the online course. The EC-Council website and how everything works with them is very confusing and I got very confused at times. But thankfully, the customer support answered all my questions and guided me through the buying process and the registration. The course costs $1100 USD in India but I bought the course durin

I knew C before I learnt Python. There are differences between the languages, but, it is very easy if Python is your second language. Why learn Python? C has tens of lines of codes which could be done within one line with the help of Python Libraries. Python is just easier and equally powerful. It is also a great scripting language if you wanted to learn a scripting language. If you have a programming background, Python is pretty straightforward to pick up. The most onerous task is learning the libraries and idioms. You already know how programs work and you might have an idea about programming methodology. This makes learning Python a simple process. If you're learning Python and want to do it fast, I recommend this: Learn X in Y minutes(Python) This will teach you the keywords and syntax in a matter of minutes. Most people don't know this, but the official Python docs are a goldmine. It is very well written and is as good as any book. Already knowing how

Reddit is a very useful website for discussions about everything. For cybersecurity and hacking too, it has useful subreddits, in which, you will learn a lot of things you previously had no knowledge of. So, I have compiled a list of security related subreddits. 1. Active and Most helpful subreddits: /r/netsec /r/AskNetsec /r/netsecstudents These three are pretty much it. They have very active communities and are very helpful. I, personally use  /r/netsecstudents a lot because I'm still in the process of learning and that subreddit(if you look properly) will tell you how to make a career in every security field. 2. Security Certification Subreddits: r/CompTIA (for Security+) r/ccna (for CCNA and CCNA Security, also r/ccnp for CCNP) r/CEH (for CEH) r/cissp (Certified Information Systems Security Professional) r/oscp (Offensive Security Certified Professional) Really helpful if you're doing any of these Certs. 3. Other

So, this is what I did to learn IT fundamentals.  I knew that Comptia A+ was a really good cert which has a lot of topics and covers the basics of IT, so I decided to study for COMPTIA A+. I used Professor Messer's video's on YouTube. They were really helpful. Also, I used Cybrary . I didn't really get certified, I studied just for the knowledge. Thanks for reading! AZID

1. Hak5 This is one of the best channels out there which will teach you overall skill of how to hack! There are hundreds of videos of various topics which covers almost all skills including Linux , Webapps , Languages etc. Very active channel. 2. DEFCONConference , Christiaan008 , Black Hat You might know these as they are official channels of DEFCON and BlackHat Conferences. They have some great talks and you should definitely check out their popular uploads. These channels post only during a certain time. 3. LiveOverflow  This is a great channel if you want to dive into CTF's and penetration testing . This channel also has videos that will motivate you to pursue InfoSec. Very active channel. 4. John Hammond , IppSec , GynvaelEN These are CTF channels that post walk-throughs from well known websites. Very important if you're into CTF's. 5. JackkTutorials ,  DemmSec Jack has some brilliant tutorials on penetration testing.  DemmSec also has som

Information security is a very broad field.  No one is an expert in everything (i.e., risk management, application security, security awareness, policy development, etc.)  How quickly one becomes an expert also depends deeply on how much of a background one has in computer science, information technology, business management, and other related fields.  So the title is 5 Year Path To Success in InfoSec: The Basics of Becoming an InfoSec Expert in 5 years! This amazing web cast (TL;DR below) shows you the basics of becoming an expert in 5 years, I recommend you to watch it. But, for the lazy: tl;dr: Year one: Focus on core concepts (OS, networking, etc) Networking: Simulators . Get some gear, etc. Learn bash. Learn Python . Year two: start projects, learn PowerShell Year three: year of web apps PHP and ASP.Net Develop something Year four: start hacking Learn IDA and Immunity Pick a protocol and dive into it Online challenges Y