====== CyberSecurity Resources & Learning Path ======

The group shared many links to security papers, old zines, exploit collections, and tools. This page consolidates those into a coherent learning path.

===== Historical & Introductory Reading =====

Old-school security resources often recommended:

  * PacketStorm Security papers and articles:
    * [[https://packetstormsecurity.com/files/tags/paper/|PacketStorm – Papers]]
  * Old hacking zines and txt files:
    * Exploit write-ups, buffer overflow tutorials, shellcode basics.
  * Kernel and low-level docs:
    * Sites like kernel-related documentation aggregators and personal collections of `.txt` articles.

Use these to understand how classic vulnerabilities work: stack overflows, format string bugs, race conditions, insecure defaults.

===== Recommended Study Progression =====

From the way resources are shared, a natural progression looks like:

  * **Level 0 – Basics**
    * Solid understanding of C and memory layout (stack vs heap).
    * Comfortable with Linux shell, compiling programs, and reading man pages.

  * **Level 1 – Classic Exploitation**
    * Stack buffer overflows.
    * Return-to-libc and basic ROP.
    * Format string vulnerabilities.
    * Tools: `gdb`, `pwndbg`, `objdump`, `readelf`, `strace`.

  * **Level 2 – Modern Defenses & Bypasses**
    * ASLR, NX/DEP, stack canaries, RELRO.
    * PIE binaries and their impact.
    * Basic mitigations in modern compilers (`-fstack-protector`, `fortify-source`).

  * **Level 3 – Web Security**
    * XSS, CSRF, SQL injection, IDOR, SSRF.
    * Secure session handling and authentication schemes.
    * Tools: Burp Suite, browser dev tools, basic fuzzing.

  * **Level 4 – Network & Infrastructure**
    * VPNs, firewall rules, segmentation.
    * SSH hardening, bastion hosts, jump boxes.

===== Tor, VPNs & Privacy Tools =====

Privacy discussions often revolved around:

  * Tor as a tool for anonymity:
    * Better used through hardened browsers or systems (e.g. Tor Browser, Tails).
    * Avoid logging into real-identity accounts over Tor.

  * VPNs:
    * WireGuard/OpenVPN for private tunnels (see [[infra:networks_and_security|Networks, VPNs & Firewalls]]).
    * Understand that VPNs change who you trust, they don’t “solve” anonymity by themselves.

  * Threat models:
    * Distinguish between:
      * “Hide from ISP / coffee shop Wi-Fi”.
      * “Avoid profiling by large tech companies”.
      * “Strong anonymity against state actors”.

===== Practice Platforms =====

Although specific platforms were mentioned in passing, you can safely use:

  * CTF platforms (e.g. picoCTF-style sites).
  * Vulnerable VMs and labs (Metasploitable-like images).
  * Bug bounty programs (for real-world practice, respecting scope and rules).

Typical advice implied by the group:

  * Alternate theory (papers, zines, specs) with practical exploitation.
  * Focus on **understanding root cause** of vulnerabilities, not just copying payloads.

===== Operational Security (OpSec) Habits =====

Some habits implicitly encouraged:

  * Use **separate environments** for security experiments (VMs, containers, disposable systems).
  * Keep a **dedicated notes repo** (wiki, org-mode, markdown) with:
    * Attack chains.
    * Cheat sheets (nmap, metasploit, sqlmap, etc.).
    * Links to relevant docs and RFCs.

Security here is treated not as “hacking for the memes” but as a discipline with tooling, reading lists, and practice routines.