Day 0 OSCP | The Path to Offensive Security Certified Professional

Reading Time: ( Word Count: )

December 5, 2020
Nextdoorsec-course

Hello friend,

I wanted to start with the basics of Kali Linux. But before that, I would like to show you where we are as ethical hackers in the cybersecurity realm.

 

Cybersecurity domains v1.

Image Credits: https://www.linkedin.com/pulse/map-cybersecurity-domains-version-20-henry-jiang-ciso-cissp | I’ve recreated it & changed some things for myself.

With time, I want to cover all of the significant subdomains, but for now, I will stick to Risk Assessment.

A penetration test can be further broken down to Red & Blue teaming. 

The red team is the ethical hackers in the company trying to identify & exploit the system in a stealthy way, just like in a real-world scenario.

The blue team is the company’s cybersecurity personnel, also referred to as SOC (Security Operations Centre). They’re the ones actively defending the company, by adding their human intelligence to the automated tools and technologies. They’re the people with secure application development skills. 

Purple Team is more of a concept rather than a function within the company. It may consist of senior security personnel that analyzes how the red and blue team work together and provide feedback.

As penetration testers, we need to have an understanding of all cybersecurity domains on the image above, because our task is to exploit them, by making them do things they’re not supposed to do. The more you know, the more creative you become. 

As you can see, we’re just a small part of the cybersecurity industry, but in my opinion, we have the most significant impact.

 

To dive even deeper

Now that we have explored the red and blue teaming concept. Let us go further into the Filesystem Hierarchy Standard (FHS) of Linux Foundation. It’s a hierarchy for file and directory placement under UNIX-like operating systems. The place where we’ll spend most of our time, therefore, it’s a good idea to get familiar with it.

In case you’re willing to know more about this FHS, here’s the link to the source of my infographic’s data with further details.

 

Aydan Arabadzha

Aydan Arabadzha

Author

Aydan, a cybersecurity ace and AI visionary, thrives on the frontlines of offensive security. His passion birthed NextdoorSec, a groundbreaking cybersecurity firm. A relentless pioneer, Aydan is persistently pushing boundaries, shaping the future of the digital world one byte at a time.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...
0 Comments

Trackbacks/Pingbacks

  1. Cybersecurity Vs Network Engineer - Top 3 Differences You Should Know - NextdoorSec - […] Check out our free OSCP course: Day 0 OSCP | The Path to Offensive Security Certified […]

Submit a Comment

Your email address will not be published. Required fields are marked *