What sites/resources/advice would you give someone who's interested in learning about cybersecurity. Every other day there's a new breach announced and there's an increasing demand for security engineers
You need to roughly know desktop security (especially memory corruption, C/C++ insecurities), web application security, mobile application and networking security. Those are (again, roughly) the domains.
If you want cybersecurity with web application testing (with overlap to mobile application testing), begin with The Web Application Hacker's Handbook. Best single treatise on the subject.
I also highly recommend the OSCP (Penetration Testing with Kali Linux) course and Cody Brocious' (daeken's) course called Breaker101, at breaker101.com.
How about, if I can add to the question without changing it, ideas/paths to marketable skills and/or certs? What would a potential employer look for as essential foundations (before any obvious specialty offshoots)?
5 comments
[ 2.4 ms ] story [ 16.2 ms ] threadIf you want cybersecurity with web application testing (with overlap to mobile application testing), begin with The Web Application Hacker's Handbook. Best single treatise on the subject.
You should look through this entire thread:
https://www.reddit.com/r/netsec/wiki/start
I also highly recommend the OSCP (Penetration Testing with Kali Linux) course and Cody Brocious' (daeken's) course called Breaker101, at breaker101.com.
Good luck.
For a little more complete reference I point folks to 'tptacek's list at http://amzn.to/cthr46
https://www.hackthissite.org
http://www.enigmagroup.org/
For offensive computer security:
http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lec...
This is a very nice reddit comment that explains some of the various foundational, necessary knowledge and where to learn more about them.