Day 0 OSCP | The Path to Offensive Security Certified Professional

Reading Time: ( Word Count: )

December 5, 2020

Hello friend,

I wanted to start with the basics of Kali Linux. But before that, I would like to show you where we are as ethical hackers in the cybersecurity realm.

 

Image Credits: https://www.linkedin.com/pulse/map-cybersecurity-domains-version-20-henry-jiang-ciso-cissp | I’ve recreated it & changed some things for myself.

With time, I want to cover all of the significant subdomains, but for now, I will stick to Risk Assessment.

A penetration test can be further broken down to Red & Blue teaming. 

The red team is the ethical hackers in the company trying to identify & exploit the system in a stealthy way, just like in a real-world scenario.

The blue team is the company’s cybersecurity personnel, also referred to as SOC (Security Operations Centre). They’re the ones actively defending the company, by adding their human intelligence to the automated tools and technologies. They’re the people with secure application development skills. 

Purple Team is more of a concept rather than a function within the company. It may consist of senior security personnel that analyzes how the red and blue team work together and provide feedback.

As penetration testers, we need to have an understanding of all cybersecurity domains on the image above, because our task is to exploit them, by making them do things they’re not supposed to do. The more you know, the more creative you become. 

As you can see, we’re just a small part of the cybersecurity industry, but in my opinion, we have the most significant impact.

 

To dive even deeper

Now that we have explored the red and blue teaming concept. Let us go further into the Filesystem Hierarchy Standard (FHS) of Linux Foundation. It’s a hierarchy for file and directory placement under UNIX-like operating systems. The place where we’ll spend most of our time, therefore, it’s a good idea to get familiar with it.

In case you’re willing to know more about this FHS, here’s the link to the source of my infographic’s data with further details.

 

Other interesting articles

How Many Types of Penetration Testing are There?

How Many Types of Penetration Testing are There?

A penetration test is a deliberate attack on a software or hardware system with the goal of exposing security ...
5 Types of Social Engineering Attacks and How to Prevent Them

5 Types of Social Engineering Attacks and How to Prevent Them

The term "social engineering" refers to a wide range of malevolent behaviours carried out through human ...
What are Some Risks and Benefits of Performing Penetration Testing?

What are Some Risks and Benefits of Performing Penetration Testing?

In the world of cyber security, various methods and tests are conducted to ensure the security barrier of a ...
How to Hire the Best IT Security Consultant: 4 Simple Tips

How to Hire the Best IT Security Consultant: 4 Simple Tips

Whether you run an online business or an offline store, your business needs to be secure. You might be surprised, ...
0 Comments

Trackbacks/Pingbacks

  1. Cybersecurity Vs Network Engineer - Top 3 Differences You Should Know - NextdoorSec - […] Check out our free OSCP course: Day 0 OSCP | The Path to Offensive Security Certified […]

Submit a Comment

Your email address will not be published. Required fields are marked *

error: Alert: Content is protected !!