mirror of
https://github.com/kamranahmedse/developer-roadmap.git
synced 2026-03-12 17:51:53 +08:00
chore: sync content to repo (#9703)
Co-authored-by: kamranahmedse <4921183+kamranahmedse@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
committed by
GitHub
GitHub
parent
4e6b7b6b32
commit
b788750ef1
@@ -1,12 +1,10 @@
|
||||
# Authentication vs. Authorization
|
||||
|
||||
Authentication verifies *who* a user is, confirming their identity using credentials like usernames and passwords. Authorization, on the other hand, determines *what* a user is allowed to access after they've been authenticated. In essence, authentication proves you are who you say you are, while authorization dictates what you can do.
|
||||
Authentication verifies who a user is, confirming their identity using credentials like usernames and passwords. Authorization, on the other hand, determines what a user is allowed to access after they've been authenticated. In essence, authentication proves you are who you say you are, while authorization dictates what you can do.
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@article@Two-factor authentication (2FA)](https://authy.com/what-is-2fa/)
|
||||
- [@article@Biometrics (fingerprint, facial recognition, etc.)](https://me-en.kaspersky.com/resource-center/definitions/biometrics)
|
||||
- [@article@Security tokens or certificates](https://www.comodo.com/e-commerce/ssl-certificates/certificate.php)
|
||||
- [@article@Role-based access control (RBAC)](https://en.wikipedia.org/wiki/Role-based_access_control)
|
||||
- [@article@Access Control Lists (ACLs)](https://en.wikipedia.org/wiki/Access-control_list)
|
||||
- [@article@Attribute-based access control (ABAC)](https://en.wikipedia.org/wiki/Attribute-based_access_control)
|
||||
- [@article@Role-based access control (RBAC)](https://en.wikipedia.org/wiki/Role-based_access_control)
|
||||
@@ -7,5 +7,4 @@ Visit the following resources to learn more:
|
||||
- [@roadmap@Visit Dedicated AWS Roadmap](https://roadmap.sh/aws)
|
||||
- [@course@AWS Complete Tutorial](https://www.youtube.com/watch?v=B8i49C8fC3E)
|
||||
- [@official@AWS](https://aws.amazon.com)
|
||||
- [@article@How to create an AWS account](https://grapplingdev.com/tutorials/how-to-create-aws-account)
|
||||
- [@video@AWS Overview](https://www.youtube.com/watch?v=a9__D53WsUs)
|
||||
@@ -5,6 +5,6 @@ Bash (Bourne Again Shell) is a widely-used Unix shell and scripting language tha
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@roadmap@Visit the Dedicated Shell/Bash Roadmap](https://roadmap.sh/shell-bash)
|
||||
- [@official@Bash](https://www.gnu.org/software/bash/)
|
||||
- [@course@Beginners Guide To The Bash Terminal](https://www.youtube.com/watch?v=oxuRxtrO2Ag)
|
||||
- [@course@Start learning bash](https://linuxhandbook.com/bash/)
|
||||
- [@course@Start learning bash](https://linuxhandbook.com/bash/)
|
||||
- [@official@Bash](https://www.gnu.org/software/bash/)
|
||||
@@ -1,4 +1,4 @@
|
||||
# `dd` for Incident Response and Discovery
|
||||
# dd for Incident Response and Discovery
|
||||
|
||||
`dd` (data duplicator) is a command-line utility used primarily for copying and converting data. It operates at a low level, reading and writing data block by block. This makes it extremely useful for creating exact bit-by-bit copies of storage devices, such as hard drives or memory sticks, and creating forensic images in raw or other formats.
|
||||
|
||||
|
||||
@@ -7,5 +7,4 @@ Visit the following resources to learn more:
|
||||
- [@course@TryHackMe's room on Path Traversal & File Inclusion](https://tryhackme.com/r/room/filepathtraversal)
|
||||
- [@course@HackTheBox Academy's module on File Inclusion & Path Traversal](https://academy.hackthebox.com/course/preview/file-inclusion)
|
||||
- [@official@OWASP's article on Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal)
|
||||
- [@article@Portswigger's guide on File Path Traversal](https://portswigger.net/web-security/file-path-traversal)
|
||||
- [@article@Acunetix's article on directory traversal](https://www.acunetix.com/websitesecurity/directory-traversal/)
|
||||
- [@article@Portswigger's guide on File Path Traversal](https://portswigger.net/web-security/file-path-traversal)
|
||||
@@ -4,5 +4,5 @@ Data Loss Prevention (DLP) refers to a set of strategies, tools, and processes u
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@article@What is DLP (data loss prevention)?](https://www.cloudflare.com/es-es/learning/access-management/what-is-dlp/)
|
||||
- [@article@What is DLP (data loss prevention)?](https://www.cloudflare.com/en-gb/learning/access-management/what-is-dlp/)
|
||||
- [@article@What is Data Loss Prevention (DLP)?](https://www.techtarget.com/whatis/definition/data-loss-prevention-DLP)
|
||||
@@ -1,6 +1,6 @@
|
||||
# DNS
|
||||
|
||||
The Domain Name System (DNS) is like the internet's phonebook. It translates human-readable domain names, like "google.com," into IP addresses, like "172.217.160.142," which computers use to identify each other on the network. Without DNS, we'd have to remember and type in long strings of numbers to access websites, making the internet much less user-friendly.
|
||||
The Domain Name System (DNS) is like the internet's phonebook. It translates human-readable domain names, like "[google.com](http://google.com)," into IP addresses, like "172.217.160.142," which computers use to identify each other on the network. Without DNS, we'd have to remember and type in long strings of numbers to access websites, making the internet much less user-friendly.
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# DoS vs DDoS
|
||||
|
||||
A Denial-of-Service (DoS) attack is a type of cyberattack where an attacker attempts to make a machine or network resource unavailable to its intended users by overwhelming it with malicious traffic or requests, originating from a *single* source. A Distributed Denial-of-Service (DDoS) attack is similar, but the attack traffic comes from *multiple* compromised systems, creating a larger and more difficult-to-mitigate disruption.
|
||||
A Denial-of-Service (DoS) attack is a type of cyberattack where an attacker attempts to make a machine or network resource unavailable to its intended users by overwhelming it with malicious traffic or requests, originating from a _single_ source. A Distributed Denial-of-Service (DDoS) attack is similar, but the attack traffic comes from _multiple_ compromised systems, creating a larger and more difficult-to-mitigate disruption.
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
|
||||
@@ -7,6 +7,4 @@ Visit the following resources to learn more:
|
||||
- [@roadmap@Visit Linux Roadmap](https://roadmap.sh/linux)
|
||||
- [@course@Linux from scratch - Cisco](https://www.netacad.com/courses/os-it/ndg-linux-unhatched)
|
||||
- [@article@Linux Commands Cheat Sheet](https://cdn.hostinger.com/tutorials/pdf/Linux-Commands-Cheat-Sheet.pdf)
|
||||
- [@video@Linux in 100 Seconds](https://www.youtube.com/watch?v=rrB13utjYV4)
|
||||
- [@video@Introduction to Linux](https://youtu.be/sWbUDq4S6Y8)
|
||||
- [@feed@Explore top posts about Linux](https://app.daily.dev/tags/linux?ref=roadmapsh)
|
||||
- [@video@Introduction to Linux](https://youtu.be/sWbUDq4S6Y8)
|
||||
@@ -4,6 +4,6 @@
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@article@What is an operating system? - IBM](https://www.ibm.com/think/topics/operating-systems)
|
||||
- [@article@What is a Operating System?](https://en.wikipedia.org/wiki/Operating_system)
|
||||
- [@article@8 Different Types of Operating Systems With Examples](https://techspirited.com/different-types-of-operating-systems)
|
||||
- [@video@What is an operating system as fast as possible](https://www.youtube.com/watch?v=pVzRTmdd9j0)
|
||||
@@ -4,5 +4,5 @@ Port scanners are essential tools in the troubleshooting and cybersecurity lands
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@article@Top 5 Best Port Scanners](https://securitytrails.com/blog/best-port-scanners)
|
||||
- [@article@Top 5 Free Open Port Check Tools in 2026](https://www.upguard.com/blog/best-open-port-scanners)
|
||||
- [@video@How To Use Nmap To Scan For Open Ports](https://www.youtube.com/watch?v=ifbwTt3_oCg)
|
||||
@@ -5,6 +5,6 @@ PowerShell is a command-line shell and scripting language developed by Microsoft
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@official@PowerShell.org](https://powershell.org/)
|
||||
- [@opensource@Learning PowerShell GitHub Repository](https://github.com/PowerShell/PowerShell/tree/master/docs/learning-powershell)
|
||||
- [@opensource@PowerShell for beginners](https://gist.github.com/devops-school/43dfcd57c0c807e83d01fc6a9639d3d9)
|
||||
- [@article@Microsoft's PowerShell Documentation](https://docs.microsoft.com/en-us/powershell/)
|
||||
- [@video@PowerShell Course](https://www.youtube.com/watch?v=ZOoCaWyifmI)
|
||||
@@ -6,6 +6,4 @@ Visit the following resources to learn more:
|
||||
|
||||
- [@article@Security 101: What is a SIEM? - Microsoft](https://www.microsoft.com/security/business/security-101/what-is-siem)
|
||||
- [@video@SIEM Explained - Professor Messer](https://www.youtube.com/watch?v=JEcETdy5WxU)
|
||||
- [@video@Wazuh | Open source SIEM](https://www.youtube.com/watch?v=3CaG2GI1kn0)
|
||||
- [@video@Splunk | The Complete Beginner Tutorial](https://www.youtube.com/playlist?list=PLY2f3p7xyMiTUbUo0A_lBFEwj6KdH0nFy)
|
||||
- [@video@Elastic Security | Build a powerful home SIEM](https://www.youtube.com/watch?v=2XLzMb9oZBI)
|
||||
- [@video@Wazuh | Open source SIEM](https://www.youtube.com/watch?v=3CaG2GI1kn0)
|
||||
@@ -1,6 +1,6 @@
|
||||
# Understanding Risk in Cybersecurity
|
||||
|
||||
Risk, at its core, stems from the interplay of three components: a threat, a vulnerability, and the potential impact. A *threat* represents any actor or event with the potential to harm an asset. A *vulnerability* is a weakness or gap in security controls that a threat can exploit. The *impact* reflects the potential damage or loss that would occur if the threat successfully exploits the vulnerability. Analyzing these three aspects together allows us to quantify and manage risk effectively.
|
||||
Risk, at its core, stems from the interplay of three components: a threat, a vulnerability, and the potential impact. A _threat_ represents any actor or event with the potential to harm an asset. A _vulnerability_ is a weakness or gap in security controls that a threat can exploit. The _impact_ reflects the potential damage or loss that would occur if the threat successfully exploits the vulnerability. Analyzing these three aspects together allows us to quantify and manage risk effectively.
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# urlscan
|
||||
|
||||
urlscan.io is a free service used to analyze websites. When you submit a URL to urlscan.io, it browses the site in an automated fashion, much like a real user. During this process, urlscan.io records the HTTP requests the site makes, screenshots of the page, and information about the technologies used. This data is then made available in a structured format, allowing users to identify potentially malicious or suspicious activities.
|
||||
[urlscan.io](http://urlscan.io) is a free service used to analyze websites. When you submit a URL to [urlscan.io](http://urlscan.io), it browses the site in an automated fashion, much like a real user. During this process, [urlscan.io](http://urlscan.io) records the HTTP requests the site makes, screenshots of the page, and information about the technologies used. This data is then made available in a structured format, allowing users to identify potentially malicious or suspicious activities.
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
|
||||
@@ -4,6 +4,6 @@ Wi-Fi Protected Setup (WPS) is a network security standard designed to make it e
|
||||
|
||||
Visit the following resources to learn more:
|
||||
|
||||
- [@article@What Is WPS and Why Is It Dangerous?](https://blog.pulsarsecurity.com/what-is-wps-why-is-it-dangerous)
|
||||
- [@article@WPS – What is it, and how does it work?](https://passwork.pro/blog/what-is-wps/)
|
||||
- [@article@Wi-Fi Protected Setup](https://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup)
|
||||
- [@video@What is WPS in WiFi](https://www.youtube.com/watch?v=pO1r4PWf2yg)
|
||||
Reference in New Issue
Block a user