Cybersecurity - index

I decided to learn more about areas of web development I don’t know a lot about, especially:

• fundamentals
• web security
• linux command line
• I’ll share what I learn here on my blog
• please keep in mind that I’m a beginner concerning these topics.

Resources I use (see resources page)

• Feross Aboukhadijeh’s CS253 Web Security lecture

Operating Systems #

Linux & command line #

• Linux
• Terminal
• Commands
• Users & permissions
• Common directories
• Processes
• Automation

Resources to learn #

Books

• The Linux Command Line A Complete Introduction by William E. Shotts Jr.
• Linux Basics for Hackers Getting Started with Networking, Scripting, and Security in Kali by OccupyTheWeb
• How Linux Works, What Every Superuser Should Know by Brian Ward

Internet #

• How the internet works

• HTTP https://www.cloudflare.com/en-gb/learning/ddos/glossary/hypertext-transfer-protocol-http/

• Domain names

  • root domains
  • top-level domains (TLD)
    • part on the right of a domain name
    • 2 types of TLDs
      • gTLD: general top level domain (.com, .org, .edu)
      • ccTLD: country Code (.fr, .au, ...)
    • here is the full list: https://data.iana.org/TLD/tlds-alpha-by-domain.txt
  • second-level domains limited to 63 characters + tld
  • subdomain
    on the left-hand side

• DNS

  • Means Domain Name System
  • Thanks to it, we don't have to remember IP addresses, we can just remember words (we're better at that)
  • Julia Evans' comic Life of a DNS query

• How do browsers work

• IP addresses

  • An IP address looks like 104.26.10.229:
    • 4 sets of digits
    • ranging from 0 - 255
    • separated by a period
  • Every computer on the internet has an IP address

• What happens when we request a domain name in the browser

  1. Local cache
     Browser checks local cache to see if the address requested has been looked up recently, if the address is not found in the cache, a request is made to the Recursive DNS Server (how, by who?) Practical: how to check the local cache of my browser for that ?
  2. Recursive DNS Server what is a recursive DNS server?
  • Usually provided by your ISP, but you can also choose your own.
  • (Companies such as Google and OpenDNS also control recursive servers)
  • Google recursive DNS server: 8.8.8.8 and 8.8.4.4
  • has a local cache of recently looked up domain names. if not found → request to Root DNS Servers

Web #

• HTML
• CSS
• Javascript

Networking #

• OSI model and encapsulation
• TCP/IP model (similar to OSI but less layers)

Application Security #

Cryptography #

• ROT13

CTFs #

• Next: Sites I like
• Previous: Cybersecurity curriculum