Information Security Roadmap

Information Security Roadmap

in

What is Info-Sec?

Information Security is not only about securing information from unauthorised access. Information Security is basically the practice of preventing unauthorised access, use, disclosure, disruption, modification, inspection, recording or destruction of information. Information can be physical or electronic. Information can be anything like your details or we can say your profile on social media, your data in mobile phone, your biometrics etc. Thus Information Security spans so many research areas like Cryptography, Mobile Computing, Cyber Forensics, Online Social Media etc.

Why learn Information Security?

Information system means to consider available countermeasures or controls stimulated through uncovered vulnerabilities and identify an area where more work is needed. The need for Information security:

  • Protecting the functionality of the organisation
  • Enabling the safe operation of applications
  • Protecting the data that the organisation collect and use
  • Safeguarding technology assets in organisations

Note: In case of any doubts while going through this roadmap, You can post your query on the Infosec Channel on the discord server of Programming Club, IIT Kanpur. The roadmap is more inclined towards the offensive side of infosec.

What are CTFs ?

CTFs (Capture the Flags) are infosec events where there are multiple infosec challenges related to various domains like rev , pwn , crypto , OSINT, forensics etc. are made available to participants where , which upon solving they find a text hidden by the problem maker called a flag. It’s not a country’s flag (xD) . These events can be held both online and on-site. Some of the famous CTFs are Insomni’hack, GoogleCTF, PlaidCTF, TCTF.

A typical CTF flag would look something like : pclub{CTFs_ar3_fun!}

A very good video that will help in understanding the deep relation between infosec and CTFs is probably this Infosec Intro . A great website to keep a look on old, ongoing and upcoming CTFs is ctftime.org. Do bookmark it !

A nice video to get even more motivated towards this domain is probably the Mr.Robot TV Series (ignore the Dark Army part xD).

CTF Meme

Do not worry if you don’t understand the technical terms in the meme above right now, you will surely understand most of it after completing this roadmap !

Cyber Security

Cyber Security doesn’t refer to exploiting systems rather as the name suggests it is taking measures against them.

Understand cyber-security and domains under it:

https://www.kaspersky.co.in/resource-center/definitions/what-is-cyber-security

https://www.ibm.com/in-en/topics/cybersecurity

Some important resources and communities you will find in your cyber security journey -

https://www.hackthebox.com/

https://null-byte.wonderhowto.com/

https://tryhackme.com

What is Ethical Hacking?

Ethical hacking is an authorised attempt to gain unauthorised access to a computer system, application, or data using the strategies and actions of malicious attackers. This practice helps identify security vulnerabilities that can then be resolved before a malicious attacker has the opportunity to exploit them.

https://youtu.be/gK73JLEbDs0?t=14

Week 1: Computer Organisation and Fundamentals

To dive into the field of Information security, one first needs to understand the basic fundamentals like how computers, networks and other things work. To break the rule, you need to know the rule. But, to make it secure you need to understand the rule.

Days Resources
Day 1 Computers only understand 0s and 1s, so first we need to understand Number system ( Binary, Octal, Decimal and Hexadecimal)
Computers are good with 0s and 1s, but we need some other system to represent other symbols. ASCII encoding
Day 2 First you need to understand the device on which you will work. Since, it lets you know how exactly each instruction is executed at micro level.
Cover the complete Computer Component and Computer Memory heading and all its subheadings.
Day 3 Most of us use android in our day to day life. So, it becomes really important to have basic android fundamentals, which you can read here. Must cover the FEATURES and DEVELOPMENT sections.
Day 4 Network security is one of the most important aspects to consider when working over the internet, LAN or other method. While there is no network that is immune to attacks, a stable and efficient network security system is essential to protect client data. But, before that we need to know the network fundamentals, which you can cover here.
Must cover BASICS and NETWORK SECURITY AND CRYPTOGRAPHY headings.
Day 5 There are different methodologies used in the field of cybersecurity. To secure a system against a particular method you need to know it. You can read some of them here.
Day 6 Before we proceed further, we need to know about operating systems and why to choose linux over windows.
Here, you can get an overview of the popular linux distros available. Now, you will Install Kali Linux in VirtualBox
Day 7 Building and working with the fundamentals can be tedious sometimes. So, you need tools developed by cyber communities over years to tackle problems easily. You can learn about different important tools that are used in the security field.

TASKS:

  1. Develop a Base 12 Number System
  2. Convert your name (ASCII text) to base 2,8,10,12 and 16 number systems.
  3. Identify network devices around you and figure what purpose it serves and how.
  4. Install a different OS distro in the virtualbox, run some services and test it with the tools installed in the first OS.

Week 2: More on Linux, Python and Bash

Throughout the journey exploring info-security the Linux operating system will play a very crucial role may it be from initially getting onto challenges or till the reverse engineering. And thus, it becomes important to have a good understanding of Linux - the basic commands, and thus, the Unix filesystem.

And Python & bash are scripting languages and really helpful when it comes to automating the facilities of an existing system. This will be very useful, while searching for some critical keywords, in a very big file, for example.

Days Resources
Day 1 & 2 Linux Fundamentals
Basic commands: To access the Linux os from the terminal, you must know of some basic commands. Like given here.
Unix Filesystem
When working with Linux, it becomes important to understand the filesystem and the hierarchy tree, this will be useful till RE as well.
Which can be covered from here.
Day 3 & 4 OverTheWire: Bandit [Link]
These are interesting level-based challenges that will help you learn useful commands! This will help you understand how powerful and useful the terminal is!
“… You will encounter many situations in which you have no idea what you are supposed to do. Don’t panic! Don’t give up! The purpose of this game is for you to learn the basics. Part of learning the basics is reading a lot of new information. …” [It is recommended to read through the instructions and man(ual) pages before getting started!]
Day 5 Python
It will be used in scripting, like for searching some flags, when it will not be possible to do so manually.
Basic Python - Link
Python for scripting and automation: Link
Day 6 Bash scripting
Bash scripting is one of the easiest types of scripting to learn, and is best compared to Windows Batch scripting. Bash is very flexible, and has many advanced features that you won’t see in batch scripts.Learn Bash scripting - see this article or check this.
Day 7 Practising scripting
Here are some examples on python scripting: Link, you should try solving them on your own.
To practise bash scripting, you can check this website, it has some good exercises for practice, or this also.

Get familiar with Git fundamentals Part 1, Part 2 , article

Learn regex - tutorial OR Video

Week 3: Cyber Security and Web Exploitation

Now after getting all your fundamentals cleared, let’s dive into cyber security and its applications. This week will mainly focus on learning web exploitation. After the end of this week, you will be able to penetrate some loosely built websites and might even find bugs on IITK websites as well ?!

Day Resources
Day 1 What is Web Exploitation and what does it cover?
https://www.opensourceforu.com/2012/03/cyber-attacks-explained-web-exploitation/Now let’s start learning languages such as HTML and JS which build up the client side of the web application. On the client side, HTML gives structure to the web application while JS gives logical code of how we can interact with it. Learn HTML from - HTML playlist
Watching till 20 should be fine for now.
Day 2 Do a crash course in JS - JS crash course
MDN web doc reference for JS - JS

You will find MDN webdocs a great information source on how the web works. Also go through this video -
Hacker101 - JavaScript for Hackers (Created by @STÖK)

Learn Fetch API from this crash course Fetch API and from the MDN web docs - Fetch API - MDN Web Docs
Also try to learn the terms that you find new in the MDN web docs.

An important tool for web exploitation is the developer tools that almost all browsers provide. Here is a crash course on it - https://www.youtube.com/watch?v=gTVpBbFWry8
Day 3 SQL is the language for querying data from databases and that is where all information is stored. So a knowledge of SQL is important in interfering with these queries - SQL tutorial.

PHP is a server-side scripting language and a lot of old web applications are still using them. Crash Course on PHP - PHP Crash Course for beginners - 2020
Refer to PHP docs - PHP docs
Day 4 Now after spending the last two days solely learning, now let’s try to apply our knowledge and that’s how you actually learn hacking!
Here you can apply your knowledge of JS - HTS
Go to the JavaScript challenges and try to solve all of them.

XSS attacks are a type of injection attack in which a vulnerable website is manipulated so as to send malicious scripts to some other client’s browser - XSS attacks
Here is a game where you can try XSS attacks yourselves - XSS game

Often to exploit reflected XSS one would need a https endpoint which is provided by online websites like RequestBin

Another popular attack vector is SQL injection where the SQL queries that get data out of databases are interfered to take out data without proper authentication - SQL injection
Know
Day 5 OWASP Top-10 lists the top-10 web application vulnerabilities in the present day so this is a must know information for people into web security - OWASP Top-10
The TOP 10 VULNERABILITIES In Web Applications In 2022 - OWASP Top 10 Explained
BurpSuite is another handy tool for web exploitation. You can intercept and manipulate the requests sent from your browser and many more things! - BurpSuite
Burpsuite Basics (FREE Community Edition)

DVWA (Damn Vulnerable Web Application) will let you discover various vulnerabilities and bugs on a MySQL+PHP-based web application.
First of all run the web application in a dockerized environment - Installing Docker + DVWA docker image DVWA solutions


This is not to be done completely in a day but you should go on doing it at your own pace.
Day 6 Brute Forcing Web app authentication .

Web app authentication forms are easy targets for exploitation
Using either BurpSuit or perhaps a more preferable method using Hydra.
Day 7 Now getting better in web exploitation or any other application of cyber security is only through practice. Try solving the OTW Natas challenges - Natas and solving various web-exploitation CTF challenges on picoCTF - picoCTF.
Have a look at CTF checklists to help you through these challenges.

Also you may find this liveoverflow playlist really informative - Web Exploitation

Whenever stuck remember Google Is Your Best Friend

Week 4: Cryptography

Day Resources
Day 1 Intro to Cryptography – refer doc

The main idea behind cryptography is to transform data into form which can only be understood by intended targets. Even if someone interferes in between, the information remains secure

There are many types of cryptography techniques some common ones are mentioned here -
- Base encoding
- Vigenere cipher
- Caesar cipher
- Morse code
- Hashing Functions
- Symmetric vs Asymmetric Encryption: Video
Day 2 Let’s do some practice on cryptography
- OTW Krypton
- Picoctf
Some tools - dcode, cyberchef, cryptolab, xortool, John the Ripper, Ciphey,
Day 3 To start with cryptography you can start with the following cryptohack modules :
- Introduction to Cryptography
- Modular Arithmetic
Day 4 & 5 Let us proceed to one of the more practical aspect of cryptography Public Key Cryptography
- These interactive exercises are excellent for getting familiar with the different public key methods.
- Read some basic attacks on the RSA cryptosystem(Wiener’s attack, Low public exponent attack, Partial key exposure, etc) For more attacks, check the RSA section of the following page:
https://github.com/jvdsn/crypto-attacks and try googling the attack to know more about it.
Day 6 & 7 Some more advanced topics in cryptography
- Symmetric Cryptography
- Elliptic Curve
- (optional) Post Quantum Cryptography , selected algorithms, exercises from cryptohack

You can try more challenges on Cryptopals, cryptohack & picoCTF.

Week 5: Network Tools

Day Resources
Day 1 Nmap scans the network that a computer is connected to and outputs a list of ports, device names, operating systems, and several other identifiers that help the user understand the details behind their connection status.
This playlist will guide you on using nmap for scanning networks.
Day 2&3 Wireshark is a packet sniffer and analysis tool. It captures network traffic from ethernet, Bluetooth, wireless, etc.., and stores that data for offline analysis.
Wireshark Playlist

Challenges for practice:
Challenge 1: https://play.picoctf.org/practice/challenge/115?page=1&search=shar
Challenge 2:
https://play.picoctf.org/practice/challenge/30?page=1&search=shar
Challenge 3:
https://play.picoctf.org/practice/challenge/103?page=1&search=Triv
Challenge 4:
https://play.picoctf.org/practice/challenge/237?page=1&search=WPA
Challenge 5:
https://play.picoctf.org/practice/challenge/362?page=1&search=Pca
Challenge 6:
https://play.picoctf.org/practice/challenge/32?page=1&search=web
Day 4 Sqlmap - Penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Day 5&6 Metasploit - World’s most used penetration testing framework used for both penetration testing and development platform for creating security tools and exploits.
Metasploit - playlist
Day 7 BeEF - It utilizes the client side attack vectors to asses the security level of the target environment. Beef hacking involves hooking one or more web browsers and using them to launch command modules to attack the target system within the browser context
BeEF - video

Week 6: Forensics

Day Resource
Day 1 Forensics: The art of recovering the digital trail left on a computer. There are plenty of methods to find data which is seemingly deleted, not stored, or worse, covertly recorded.

Metadata, often described as data about data, helps in understanding the history of a particular electronic file, including when the file was created, modified and accessed, among other information that can be used to describe the file.
File signatures, or magic numbers, are unique byte sequences at the start of files that identify their format or type. They allow systems to recognize file types reliably, independent of file extensions. For example, PDFs start with 25 50 44 46 2D, and JPEGs start with FFD8. Magic numbers are essential for file verification, security, and data recovery.


Tools :
file (usually pre-installed) : used to determine file type
strings : print the strings of printable characters in files.
binwalk : Analyze, reverse engineer, and extract firmware images.
xxd : creates a hex dump of a given file or standard input. It can also convert a hex dump back to its original binary form.
Hexeditor (alternatively hexed.it or this) : Used to read and edit the actual data in files, particularly the file headers.
Exiftool : Used to read and write meta information in files.
Exiv2: Image metadata manipulation tool.
Day 2 Image Forensics

Watch this video for an intro to Image steganography: https://youtu.be/TWEXCYQKyDc?si=E1xghF7dZD2JrmiY
Least Significant Bit steganography.

Tools:
Aperi’Solve– A fully automated tool designed to run forensics analysis over a massive amount of images
Steghide - Hide data in various kinds of images.
Stegseek - fast steghide cracker that can be used to extract hidden data from files
Zsteg - PNG/BMP analysis
sherloq
Day 3 Some Beginner Challenges :
Challenge 1: https://play.picoctf.org/practice/challenge/186?page=1&search=infor
Challenge 2 :
https://play.picoctf.org/practice/challenge/423?category=4&page=1
Challenge 3:
https://drive.google.com/file/d/1kMcD5pWWbzCcz2kBA8ny5XKcsU1tEOk0/view?usp=sharing
Day 4 Audio Forensics

Audacity - Analyze sound files (mp3, m4a, whatever).
Wavsteg - python3 tool that can hide data and files in wav files and can also extract data from wav files

Audio Spectrograms: https://www.youtube.com/watch?v=rAGkm4pv44s
This tool can be used to manipulate and find data hidden in different channels of an Audio file.
Here is a very simple example of the above tool in action.

Morse Code: https://en.wikipedia.org/wiki/Morse_code
Conversion of Morse code from wav file: https://morsecode.world/international/decoder/audio-decoder-adaptive.html
DTMF : https://en.wikipedia.org/wiki/DTMF
A tool to extract keys being pressed in the DTMF tone can be extracted using this tool.
Day 5 Memory Forensics

Volatility [ For python3 : volatility3 ]- A very popular memory forensic tool a very good guide to using it is available here :
Part 1 links to further parts can be found on the same website.
Note:Volatility Framework had a major revision with Volatility3 , multiple guides available on the internet still refer to the older version i.e. Volatility2 . Keep that in mind :)

OfflineRegistryView : Tool for Windows that allows you to read offline Registry files from external drives.
Extundelete - Used for recovering lost data from mountable images.
Rekall – Memory Forensic Framework
A good collection of all forensic tools can be seen here
Day 6 Others

Stegsnow : Program for concealing messages in text files by appending tabs and spaces on the end of lines, and for extracting messages from files containing hidden messages.
foremost : A tool for recovering files based on their headers, footers, and internal data structures.
gimp: A tool for editing images
pdfcrack: A tool for recovering PDF passwords.
Day 7 Try more challenges from picoCTF, I am sure you will learn more things .

Week 7: Binary Exploitation and Reverse Engineering

This week we’ll be covering basic reverse engineering and binary exploitation. Before starting with this we recommend that you watch this video to gain a basic understanding of what exactly you will be studying about.

Day Resources
Day 1 Reverse-engineering is the act of dismantling an object to see how it works. Here, we’ll be dismantling the codes and applications.

Reverse Engineering Basics (click)
- What is Reverse Engineering?
- Introduction to assembly - intro , x86 assembly
- Memory layout
- Registers
- Assembly Instructions
Day 2 Ghidra is a software reverse engineering framework that helps in analysing and reversing software binaries, decompiling a software binary and studying the source code underneath.
- Installing Ghidra Link + Link
- Ghidra Getting started: Video (Linux) OR Video (Windows) OR Video
This playlist will guide you on Reverse Engineering with Ghidra: Playlist.
Day 3 Some interesting challenges archive - Flareon challenges
Day 4, 5 & 6 Binary Exploitation - finding a vulnerability in the program and exploiting it to gain control of a shell or modifying the program’s functions.
Really good series to understand how to actually perform binary exploitation.
The walkthrough cover a lot of things,try to the chapters/challenges in following order: 1.4, 1.5, 1.6, 2.0, 2.1, 2.3, 2.4, 2.5, 2.8
You can also try array indexing and bad seed sections if you are curious.
Ever wondered why you use a format specifier in printf and not the variable directly like in python? Try out the Format String section.
Day 7 Now that you are familiar with buffer overflow and writing payload using pwntools, you can do Ropemporium challenges from 1 to 4 .

You can also try this book which covers a lot of topics in a concise manner. If you get confident in the above mentioned topics, try microcorruption.

Week 8: OSINT

Day Resource
Day 1 OSINT: Open source intelligence is the collection and analysis of data gathered from open sources like social media, news articles, company websites etc. to produce actionable intelligence.
Cyber criminals use OSINT to collect information on a target before attacking; also, OSINT can be used to help guess a user’s password.

Sock Puppets
Sock puppets, also known as research accounts, are online fictitious identities used to conceal the true identity of the OSINT investigator and to gain access to information that requires an account to access. Sock puppets are also created to isolate OSINT research, ensuring a separation between the personal and work lives of OSINT investigators.

This is OPTIONAL at introduction level, but a good practice!

How to create effective sock puppet, check
- https://web.archive.org/web/20210307173507/https://jakecreps.com/sock-puppets/
- Art of the sock
- https://www.reddit.com/r/OSINT/comments/dp70jr/my_process_for_setting_up_anonymous_sockpuppet/

Some Tools:
- Fake Name Generator: https://www.fakenamegenerator.com/
- AI Generated face images: https://www.thispersondoesnotexist.com/
Day 2 Search Engines

- Google
 - Advanced Google Search
 - Search Guide
- Yandex
- Baidu
- DuckDuckGo
- Bing

Another important tool that is used in a lot of investigations is https://wayback-api.archive.org/ . It allows the user to go “back in time” to see how websites looked in the past.

Image OSINT
Have an Image and need to gather information about it ? Has it been posted anywhere before? What other similar images are on the internet?

Tools:
- Google Image Search
- Yandex Image Search
- Tinyeye Image Search

Example OSINT on street art: https://www.secjuice.com/street-art-in-osint-investigations/
Day 3 Geolocation OSINT

Have to figure out where in the world you may be, using a photo of that location !

Tools:
- Google Maps (another useful tool that it provides is the Streetview)
- EarthCam: Webcams from around the world
- N2YO: Satellite Tracker
- Geoguessr: browser-based geography game in which players are tasked to guess locations from Google Street View imagery.
- PlonkIt: Very detailed guide to Geoguessing.
Day 4 Social Media OSINT
- Twitter
 - Twitter Advanced Search
 - https://foller.me/
 - https://tinfoleak.com/
 - https://www.twitonomy.com/
- Facebook
 - https://intelx.io/tools?tab=facebook
 - https://www.sowsearch.info/
- Instagram
 - https://www.picuki.com/
- Discord
 - https://discordbee.com/
 - More tools: https://github.com/Dutchosintguy/OSINT-Discord-resources
- Reddit
 - https://www.secjuice.com/reddit-osint-techniques/
 - https://rdddeck.com/

Github OSINT
- https://justingarrison.com/blog/2021-07-11-github-url-hacks/

Other than these, Google Search and Wayback Machine are your best mates !
Day 5 <h3>Email and Password OSINT</h3>

Tools:
- https://dehashed.com/
- https://phonebook.cz/
- https://thatsthem.com/reverse-email-lookup
- https://www.voilanorbert.com/
- https://www.hudsonrock.com/threat-intelligence-cybercrime-tools
- https://leakcheck.io/
- https://snusbase.com/

<h3>Username OSINT</h3>
- https://namechk.com/
- https://whatsmyname.app/

People OSINT
- https://www.whitepages.com/
- https://www.truecaller.com/
- https://webmii.com/
Day 6 PGP keys OSINT
- https://www.youtube.com/watch?v=64OrnwmcUOg
- MIT PGP Public Key Server

Cryptocurrency OSINT
- Etherscan
- Etherchain
- Blockchain explorer
- NFT Finder

Dark Web
- https://ahmia.fi/
- https://dark.fail/
- More Resources: https://www.osintcombine.com/post/dark-web-searching

Wireless Network OSINT
- https://wigle.net/
Day 7 Try some of the following challenges:
- Sakura Room (TryHackMe)
- OhSINT room (TryHackMe)
- SoMeSINT room (TryHackMe)
- https://gralhix.com/list-of-osint-exercises/
- https://quiz.sector035.nl/

What’s Next?

Information security is designed to protect the confidentiality, integrity and availability of computer systems and physical data from unauthorised access whether with malicious intent or not.

No one becomes a successful Information Security person overnight, days, weeks or months; it takes years; it’s a continuous process of learning, revising and adapting. Emerging technologies and cyber-threats will continue to evolve. Data breaches and security incidents will happen. Rather than putting a full stop, one needs to follow up with the emerging methods and technologies.

Connect with the infosec community, build your team, participate in events, ctfs, hackathons, bug bounties; learn about new vulnerabilities, read research papers about security and most important practice what you learn in a safe environment, causing no data loss or system failure.

Know HOW TO GOOGLE.


Contributers:

Secretaries:

  • Aayush Anand 8851070814
  • Aryan Mahesh Gupta 8376860515
  • Harshit Tomar 9891341130
  • Rishi Divya Kirti 9153938374

Legends:

  • Harshit Patel 6306342981
  • Krishnansh 8317084914
  • Nikhil Meena 7791037827
  • Pradeep Chahal 9053466181
  • Shivam Mishra 8604397668