They enter innocent people's Instagram and Facebook accounts and ask for a ransom. They just play the script and they just know that play the script, if something happens, clap and go. Guys, you must have heard about hacking and nowadays everyone wants to do hacking. People are more excited about hacking than they were before. You must have seen Mr. Robot and you must have heard about Edward Snowden. In today's video, we will see how you can become a hacker. In cyber crime incidents, people were cheated of Rs 10,319 crores. The medical institute was under a massive ransomware attack. Cybercrime and cyber insecurity. Cyber attacks are on the rise. Cyber security has become very very important. Guys, ransom attacks have increased a lot since 2018. And in this situation, cyber security engineers are getting in demand. In 2023, 40% of the attacks were done through email. Out of total malware delivered in 2023, 94% of malware was delivered by email. Which means that people were being targeted through email to hack some of their systems. In 2023, the average cost of recovering a ransomware attack was $1.82 million. Cybercrime is also increasing in India. For example, if we consider this article, 24% year-on-year cyber security attacks are increasing. So it's clear that cyber security is much needed. And in this video, I'm going to give you a roadmap year cyber security attacks are increasing. So it's clear that cyber security is much needed. And in this video I am going to give you a road map of cyber security. People think that cyber security is all about hacking people. Hacking people, hacking their Instagram, hacking their WhatsApp. But no, the defensive cyber security is more important. Because people need more expertise to save themselves from the than the amount we need to hack. Recently we heard about Pegasus attack, We heard about the data leak of Aadhar, We heard about the data leak of Covind, Which was allegedly a huge database breach. People who have been COVID-19 vaccinated, Their personal details had all been leaked online. Cyber security is not just about hacking people, Cyber security is about saving people from these attacks To save systems from these attacks If there are 10 jobs of defensive cybersecurity Then there is only one job which is attacking cybersecurity That is, there are jobs of cyber security that do hacking If I talk about the average salary, then it is 6 to 10 lakhs per annum And it becomes 10 to 20 lakhs per annum By combining the bounty Because many companies give bug bounty programs And there are many different types of techniques Through which you can tell a bug in any company And then they give you bounties in return So is a degree necessary for you If you want to go into cyber security I will not say that In this, understanding is the most important How much time you have spent on yourself This is more important You can't do anything with a degree. A CS degree always helps. But again, the more you have researched in the field of cybersecurity, the more you have done things yourself, the more it is useful. Now where to start, what to learn? There are 5 pillars of cybersecurity. One is general computing, one is networking, then programming and scripting, then windows and then comes Linux. In general computing, you basically study things like operating systems. Like how do threads work, how do processes work. CPU, RAM, tree, buffer and you will get to see this in the course of operating systems. Now I am not saying that you should know one thing about CPU, you should know one thing about process, thread, but at least you should understand what thread is. So you should have a basic understanding. Now let's talk about networking. What is OSI model? How does WiFi work? What is TCP? What is IP? What is HTTP? What is SSL certificate? Information about protocols. You should know all this. Now you can read all this in-depth through Udemy course like this one. I will give you the link in the description. Now after this comes programming and scripting. Which you can start with Python If you have less time But if you have time Then I'll tell you to take a basic understanding of CC++ And then you can go towards Python programming And there are many packages available in Python for networking And penetration testing etc. But if you want to do all these things Then I'll tell you to grab a Linux distro And learn bash scripting in it Because by learning bash scripting You to do things of operating system level in a particular machine. You should know commands like netstat, whoami, ping, ipconfig. Without looking at any cheat sheet, these commands should be on top of your head. You should have all these commands in your mind. And how will this happen? This will happen with practice. You won't be able to do all this without practice. Then if I talk about Windows, You should know about the registry. You should know about Windows specific DOS commands. How to get the IP of a particular machine. How to remotely connect a particular machine to another machine. You should know this. If you know things about Windows level, Then you can execute commands in Windows PC. And same goes for Linux as well. You should know Linux as well. You should know Linux specific commands. If you know that target machine is Linux or Windows, then you can run the right commands. Now, there are different commands in different distros in Linux. Which are a little bit changed. You should know how sudo access works in any Linux machine. Then, how does netstat, whoami, our path variable work? And how is a particular binary this in Linux machine. Then, how does the path variable, whoami, works? And how is a particular binary installed in Linux? You should have all this knowledge overall. So, where will you start learning all these things? You can learn all these things from YouTube free courses. If you are taking a CS major degree, then focus on operating systems. And you have to study the networking course very carefully. Now, the five pillars that I told you are important. And you have to do all these simultaneously. And you have to do it with interest. You don't have to read it like a book. That I have an exam and I want to remember these things. And I have to write it down. No, you don't have to do this. You have to read it while enjoying. Now, what are the career paths in this? Mainly, there are two types. One is offensive security and one is defensive security. In offensive security, we we try to hack systems. Let's see how systems can be hacked. In defensive security, we protect systems from hacking. In offensive security, we have a pen tester who does penetration testing. That is, he does a different kind of investigation in a particular system. How can that system be hacked and then fixed? Then there is an exploit developer who finds out the exploits. Exploit Developer finds out the exploits like If a developer forgets something or forgets to sanitize something Then how to find the vulnerability in a particular system by taking advantage of that. Note that I didn't say website but system. Because the system can be a package or a program running on the network or a utility running on the internet. In defensive security, you have a security engineer, developer, forensic analyst, incident responder and threat hunter. Once you have read the 5 pillars of cybersecurity, you will be able to do your work in all these roles. All these roles are a little different, but in total you should have 5 pillars of cybersecurity. And then you will be able to do your own work in these roles. These roles are a little different. But in total, you should have 5 pillars of cyber security. And then you will be good to go. Apart from these, we have Black Hat Hackers. Who enter innocent people's Instagram accounts, Facebook accounts, ask for ransom from them, or hack their accounts with malicious intent. Hackers also become by reading these 5 pillars. But their intent is not good. And doing such kind of activity is strongly not recommended. After becoming a hacker, people have a big responsibility and that is to avoid such things. With great power comes great responsibility. Then we also have script kiddies. Script kiddies are hackers who lack technical expertise. But they just run the script for fun. They just know that run the script, if something happens, clap and go. Bro, he is an acre. Now, I'll tell you what you'll need. You'll need a PC. You have 3 options. A 40k PC, 60k PC, and a Sky is the limit PC. You can make a PC worth 2-2.5 lakhs. If you go with a 40k PC, you will have to pay for web accessible labs. You don't need a fancy PC to start cyber security. A 60k PC is a good sweet spot. If you make an expensive PC and it will be very easy. You don't need to see any lag or trade-off in anything. Now I will tell you about the lab environments. Basically, when you do penetration testing or try to detect any kind of vulnerability, Then you need Linux PCs that have vulnerability. To do this, you install VMware on your computer And make a lab environment In which you have a collection of VMs In which you install the operating system You can start with MrRobot I will put the link in the description Basically you will get a cloud VM In which there will be a particular vulnerability You have to hack it and show it And you have to find it It's very amazing And it's based on MrRobot web series You must definitely go to the link in the description. It will be fun to try it out. If your PC is not able to handle such heavy VMs and lab environments, you can also get such environments online by using websites like Hack the Box and Pentester Academy. Once you have learned cybersecurity to some extent and you have learned to work in these lab environments, then you can start hunting bugs and you can participate in bug bounty programs in which you will hunt bugs. And by hunting bugs, you will get money. Microsoft, Twitter, Facebook, all big companies have bug bounty programs. But the small startups are also focusing on bug bounty programs. Because their startup is new. It is more probable to get vulnerability on their website in comparison to Facebook, Twitter or Instagram. So you go to those startups' websites and get small vulnerabilities. Which may have a big impact. They give you money and many people are earning money through bounties. And I would say that if there is any way to earn money sitting at home through cybersecurity, then it is through bug bounty programs. If you are a beginner, then you can apply for certifications like GSEC, SEC, CEH and Infosec. OSCP, OSWE are some intermediate level certifications for which you can apply. And once you get this certification, then you can show off your ethical hacking skills. And you get a written proof that this person knows something related to cyber security you will get more certifications related to your skill set but these were some basic certifications which you should know if you want to know about any particular certification then you can search on google in total, the 5 pillars of cyber security they are going to be most crucial for you. So, you have to focus on that only. Don't focus on getting a certification. If you want to focus, then you have to focus on those 5 pillars. Cybersecurity is a field in which you will learn as much as you learn. And there is no one course for this. You can't learn cybersecurity by learning only networking. you can't learn cybersecurity by learning only Linux. You will learn about the different sections of these five pillars every day and as you will move forward with your skills, you will work on different projects, your knowledge will increase. So the most crucial thing in cybersecurity is that you keep learning, keep learning I hope you got a lot of insights from this video related to cyber security and you must have understood how to move forward in the field of cyber security So keep learning, don't stop and stay anonymous
