Skip to content

Instantly share code, notes, and snippets.

@5stars217
Last active June 30, 2024 22:44
Show Gist options
  • Save 5stars217/236bab5d1d8d50e9785a4136aca8cf20 to your computer and use it in GitHub Desktop.
Save 5stars217/236bab5d1d8d50e9785a4136aca8cf20 to your computer and use it in GitHub Desktop.

Getting started

An assortment of resources which may help you on your journey. There are so many areas to security that you can specialise in including web, mobile, network, cryptography, satellites, wifi, forensics, incident response, detection engineering, red teaming ... the list goes on. Take an opportunities to try a few different verticals and see which one capitvates you.

AI/Machine Learning:

It all begins with notebooks!

These are environments which can run python code, and are powerful, flexible and easy to use, it's used all across the industry by engineers and researchers.

You should learn how to use jupyter notebooks, there's a lot great experiments and projects written in notebooks, many of which are not 'implemented' in a paid capacity and are still experimental. -- Create opportunities for you to make your mark.

Step 0: https://www.learnpython.org/ Learn a little python You can do step 0 and 1 basically at the same time.

Step 1: https://www.kaggle.com/code/jhoward/jupyter-notebook-101

Step 1a: use an LLM like anthropic claude or chatGPT to help you learn python as you go. 

When you've done a bit of that, make a start on this course. It's the best AI course there is almost all of it is free. Everyone I know recommends it.

Step 2: https://fast.ai

Use your knowledge to do all sorts of things, like playing with security datasets, or exploring cybersecurity data:

Step 3: explore cybersecurity datasets: follow this series https://mundruid.github.io/post/mlsec1/

Step 3a: play with security datasets: https://github.com/OTRF/Security-Datasets

Web Security

Web security is a great, alternate place to start aside from the aforementioned ML. It's how I got my start.

The best lab and certification for web security is by Portswigger. The labs are free, and the certification is $99!

Step 1: https://portswigger.net/web-security/learning-paths

Many companies run 'bug bounty programs' - if you find a security but, they'll pay you for it! A great thing to do when you get a little web security experience under your belt.

Step 2: https://docs.hackerone.com/en/articles/8365227-hacker-success-guide

explore / learn / hack

This section is about free resources which providing you 'hacking playgrounds'. AI Related:

awesome ai ctf: https://crucible.dreadnode.io/

https://paper.hackaprompt.com/

General security - hack the box is used from beginners all the way to pros, and the content inside varies to meet that. Youll want a little experience under your belt before you try this.

https://www.hackthebox.com/

Sign up for this ASAP, its a primer on AI security from a great company.

https://www.lakera.ai/ai-security-guides/introduction-to-ai-security

Biz things

https://paulgraham.com/google.html

Meet others in your area

there are lots of local and regional security conferences going on in your area, for instance google 'bsides $cityname' and you'll likely find something! As well as 2600 meetup groups, lockpicking and special interest groups.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment