Cyber Security; Web penetration testing

Hello! I want to learn ethical hacking and new in this field. For the moment I know some HTML and the basics of C#. I’m interested in the Information Security Certification program of freecodeacademy, but I think I need more programming knowledge. That’s why I thought about firstly participating for the JavaScript course of freecodeacademy before participating for the Information Security Course. Because I want to spezialise on web penetration. Can anyone give an advice whether my path sounds good or not? An explanation which skills are required for the Information Security Course would be very helpful!

In short, everything before it

Career cybersecurity guy and software engineer here…

Cybersecurity is a big field. More on that in a moment.

Regarding penetration testing, the best specialists in that area tend to have a firm grounding in networking and systems. It’s hard to understand a SYN flood or ARP poisoning if you don’t know TCP/IP, DNS, Ethernet, etc. Similarly, it’s hard to understand buffer overflows, how to cause them, and how to exploit them if you don’t understand stack frames and the rest of the memory model.

So, in my opinion, you want to be a pretty good systems administrator and a pretty good programmer. Now, I’m old and I cut my teeth as a systems programmer on high-performance Unix systems a long time ago, so I’m biased. Your mileage may vary.

For web penetration testing in particular, you definitely want to know how the web works. That is, what actually happens when you send a GET or PUT request to a server? What does the server do with it when it receives it? How can all of that go wrong?

Also, as I mentioned at the start, cybersecurity is a big field and if you just want to work in it, there’s some dirty secrets. First, you don’t have to be that good at hacking or penetration testing to get a job. Most of cybersecurity consists of compliance checks and paperwork. Second, what’s going to get you hired are certifications. Specifically, Security+.

Hope this helps.

3 Likes