graduationIn fact, it is very important for us to decide which city we will go to, which determines your future career development to a large extent.
First of all, try to choose first-tier cities, such as Beijing, Shanghai, Guangzhou, Shenzhen and Hangzhou, where there are many opportunities, a high salary starting point, and technology to keep up with the trend. Secondly, you can choose the provincial capital cities, such as Chengdu, Nanjing, Wuhan, the salary is relatively good, the technology is also up to date, but also as a long-term development base, there is no accident basically settled here.
The reason I went back to Changsha from Beijing at that time is actually very simple, because – love. In addition to my one-year internship, I have been working in Beijing for two and a half years. At that time, I just got a salary increase, signed a new contract and had a good future in the company. But for love, you have to leave, you know.
At that time, the development of Changsha was actually quite pessimistic, but unexpectedly, these years, with their own efforts, the development is still impressive. These changes in my body, especially some classmates around me, basically find me very incredible, completely beyond their awareness.
There are younger students want to be engaged in safety industry, ask me to go to which city is better
You don’t have to go to Beijing. Shanghai, Guangzhou, Shenzhen, Chengdu and Hangzhou are all options.
One of the biggest benefits of going to these cities is that you can get a relatively high starting salary. Let’s put it this way, a reasonably good safety engineer, even if he has worked for five or six years, can get a salary of 15,000 in a second-tier city like Changsha, which is considered a good performance. For a first-tier city like Beijing, the situation is totally different. If you have a good education, good expression skills and can hit the interviewer’s pain point, you will have no problem getting a starting salary of 20,000 yuan, but if there are other excellent bonus points, you can get much higher salary.
At the very least, even if you don’t get that number, it will be a lot better than second – and third-tier cities.
Salary to get this number is difficult, of course it is difficult, but as long as you find a way, willing to work hard, there is a great chance to get. Let me show you a picture, which I mentioned in the ticket circle.
A brother, also changsha, just my fellow townsman, half a year ago said to me, ready to self-study safety, or design professional, this spring recruit to find a job. This is not, half a year in the past, he found, now go to byte internship, salary level is good
He chose Byte, not only because it was the core project, but also because Byte boasts the best benefits in the industry and the highest salaries in its category.
“High salary, good development and excellent benefits” seems to have become a label for Bytedance
Ctrip is also the country’s top Internet companies. Considering this brother or non-class, only spent half a year of time, so I think it is still very cow force.
On the first interview, he sent me a message, saying that the interviewer asked him about the knowledge points of penetration testing, but he didn’t answer, so I immediately wrote the article “dry products of penetration testing & learning route” and threw it to him. Unexpectedly, absolutely unexpected, but also really helped him, and the second interview answered very smoothly.
In fact, I did not help him too much, more or rely on his own efforts!
Seeing this, some readers must be unable to restrain themselves and want to ask: “What questions have you asked? Can you share them?” That would have to be,
One side knowledge point
CentOS related knowledge
Document and directory management related knowledge points
System management related knowledge points
Ubuntu Server, Debian, Fedora
Operating system basic optimization related knowledge
A network model
Network protocol
The Three Musketeers ordered
User permissions, timing tasks, etc
As you can see, these are very basic knowledge points. Because the basis of security is operation and maintenance, I have a GitHub star 115K + Web security tutorial, which covers all the core knowledge points of Web security, not much content, only focus.
GitHub Star 115K + Web security tutorial, super hardcore!
Two or three surface
HTTP/HTTPS/SSL/80/443/8080
HTML
CSS
Port Scanning – Common ports
SQL injection attack techniques
1. In-band injection
This is a typical attack where an attacker can launch an attack and get results through the same communication channel. This is accomplished using two in-band techniques:
Error-based SQL injection: Retrieve information about the database from the displayed error message
Union based SQL injection: Depends on the attacker being able to concatenate the result of the stolen UNION ALL information with the legitimate result.
Both technologies rely on the attacker to modify the SQL sent by the application, as well as the errors displayed in the browser and the information returned. It will succeed if the application developer or database developer cannot properly parameterize the values they use in the query. Both are trial-and-error, and errors can be detected.
2. Blind injection
Also known as inferential SQL injection, a blind injection attack does not directly display data from the target database; Instead, attackers scrutinize behavior for indirect clues. The details in the HTTP response, the blank page some users enter, and how long it takes the database to respond to some user input can all be clues, depending on the target of the attacker. They can also point to another SQL attack route attempted by the attacker.
3. Out-of-band injection
This attack is a bit more complex and may be used by an attacker when he cannot achieve his goal in a single direct query-response attack. Typically, an attacker produces SQL statements that, when presented to a database, trigger the database system to create a connection to an external server controlled by the attacker. In this way, an attacker can collect data or possibly control the behavior of the database.
Second-order injection is an out-of-band injection attack. In this case, the attacker will provide an SQL injection that will be stored and executed by a separate action of the database system. Attacker control occurs when a secondary system action occurs (which may be similar to a time-based job or something triggered by other typical administrators or users using the database) and an attacker’s SQL injection is performed, that is when “poking out” into the system
XSS cross-site scripting attacks
Reflective XSS XSS scripting attacks
Reflective XSS scripting attack is the XSS XSS XSS scripting attack as we mentioned above. This type simply outputs the user input data directly or without perfect security filtering in the browser, resulting in the output data containing code data that can be executed by the browser. Because this type of cross-site code exists in the URL, hackers usually need to send the link with malicious code to the user by means of deceiving or encrypting deformation. Only after the user clicks, can the attack be successfully carried out.
2. Storage XSS XSS scripting attack
Type stored XSS attacks script will refers to the Web application user input data or other information stored in the server database file form, display, data query on Web pages will retrieve data from the database content, and to output data content in a Web page and show, so type stored XSS has strong stability.
3, DOM based XSS cross-site scripting attack
DOM based XSS XSS scripting attack is an XSS XSS scripting attack formed by modifying the page DOM node data information. Different from reflective XSS and storage XSS, DOM based XSS XSS attack often needs to analyze the specific JavaScript DOM code, and make use of XSS XSS XSS attack according to the actual situation.
Upload verification bypassing technology
1. Client validation bypass
Simply use WebScarab or BURP to change the suffix name.
2. Server validation bypasses -Content-Type detection
If the server detects the Content type when it detects the file type, it is also easy to modify the Content type in WebScarab or BURP.
If ($_FILES’userfile’! = “image/ GIF”) = “Content-type”
Server validation bypass – extension detection
- A. Looking for the missing fish, such as FCKEditor 2.4.3 or before the blacklist can upload files such as ASA, CER, etc.
- B. Case bypass, such as ASP, PHP.
- C. Special filename construction.
File inclusion vulnerability
- A variety of positions
- LFI and RFI
- Correlation function
- Common vulnerability points and utilization
CSRF attack techniques
- The flow of CSRF attacks
- Common types of CSRF attacks
- CSRF vulnerability testing
- Prevent CSRF attacks
Verification code security
Code audit
Level protection
Emergency response process
Another very practical problem is that the interview to take an exam, especially some big companies, like to take an exam. So you have to play 66, Web security questions, or CTF questions, you have to brush to the point where you feel useless:His meow, the big guy’s brush notes are too strong!
Finally, it must be said that a monthly salary of 20,000 yuan is just a number, everyone’s situation is different, different city, different company, different interviewer, different educational background, different interview performance.
But to learn the content I think is still very universal, although there is no summary is very complete, but I think these are very necessary, from the byte work of the reader to give the interview question can see.
Left left left left left left left left left left down down down down down down down down down left left left left left left left left left left down down down down down down down down down left left left left left left left down down down down down down
