A restart is never a start from scratch. The interesting thing about knowing different realities is that
we can compare both and get valuable conclusions. I can say I met a time with poor avaliability of
knowledge in so many areas, and an actual one, with abundancy, specially on technology. For those of you
that are willing to learn, there are so many sources avaiable, including whole training programs (with
the possibility of getting a job) and so many good people willing to share. But, what should you learn
first?
Sometimes I am a little old fashion, but I will let down my opinion, and maybe this can help those who
are starting in this area. The first thing that I think you should do is ask yourself about your goal.
The answer for this question will be important to direct your actions, expectations and results. As an
example, when I did this same question to myself, the answer was that I wanted to learn. But what about
job, money and results? In my case, they are important aspects, but are not my main motivation.
A warning: cybersecurity is not a simple area and, so, don't expect to get on the top without any
effort. You will need to learn about networks, protocols, servers, operational systems, programming
logic, and the so called soft skills, because if you want to develop it will be inevitable that you will
need to talk to clients, work with others, maybe leading teams, and prepare reports and presentations.
It is a passionate universe, where you will always have something new to learn, even when you thing you
already know all.
Going direct to the point, I would suggest that you learn the following items to start: Hardware,
Operacional Systems, Network, Programming Logic, English. Believe me, it seems to be just a little, but
it is not. And, most important, is to have the mentality to go into details, respecting your limitations
(that will rise with time). I have seen too many people focusing on automating everything, learning
dashboards, already made tools and scripts, and packet solutions. But, and when something do not work?
If you do not know the basics and don´t know how to search for solution, you will freeze. And, of
course, into this mentality of searching for solutions, don´t be afraid to search for others with same
problems and use their solution, but trying to understand how it works.
Hardware: Learn how the physical part works, be it on computers or network devices. How does it
work, what each part do, the commom problems and solutions. If possible, get your hnds dirty. It is
possible to buy second hand parts for a reasonable price.
Operacional Systems: This is the parte that makes the hardware work. It is the OS that will
allow the computer to be online. In order to exploit it or defend the attacks, you will have to know it.
Windows, Linux, OpenBSD, DOS and others. Explore the manuals, and put your mouse aside. Try using shell
and learn the basic commands.
Networks: How do the networks work? What is a protocol? What is OSI? What are ports? It may look
unecessary to know that, but if you don't know the basic, as I said before, when you need to go deep, be
it for attacking or defending, you will limit yourself to the tools, or you will not even be able to use
them right. You have to understand that, in general, automated tools are just executing the basic, but
with a friendly interface.
Programming Logic: Why I did not said programming language? It is simple. I thing that before
learning how to code, you should understand what the program do. Be it coding a bash script, an Assembly
program, or a web interface, written in Java, the first stage of every program is, or should be, to come
with a solution, with a step by step that will be passed to the comuter through a programming language.
If you know programming language, you will more easily understand the codes used in the tools or scripts
that you will use.
English: I live in Brazil, and today we have already so many good content translated, but I
still thing that not knowing English is a step behind. Not every content is translated, and so many good
things are still in English. Manuals, books, courses in audio and video, certifications exams. Besides
that, with Internet, you get a chance of working worldwide. Knowing English will open doors. In the
begging it could be a basic just for reading, and you can improve it latter. I have been using Duolingo
everyday for training, and a post like this make me practice also.
My content suggestions:
- YouTube: so many good tutorials and courses;
- NetAcad and SkillsForAll (CISCO): very good quality content, with so many courses translated;
- Learn Microsoft: many content about Windows and tools;
- TryHackMe: sites with so many good content and practice labs;
- INE e TCM Security;
- Sites from tools and programs, like nmap, burp suite and others.
That's all folks! I hope that this can help you! In case you want to share informations, I am
avaiable for contact.