嗯,用户发来了一段英文文章,要求我用中文帮他总结内容,控制在100字以内,而且不需要特定的开头。看起来他可能是个刚开始学习网络安全的人,刚完成了Google的证书,但感觉理论和实践有差距。他提到自己有做一些基础的VM、Nmap和SQL注入练习,但不知道如何建立一个展示实际能力的组合。 用户的问题包括项目建议、平台推荐、YouTube频道和简历技巧。他还想记录整个过程到GitHub或博客里,并提到了MITRE ATT&CK框架。这说明他不仅想实践,还想系统地展示自己的学习过程,为求职做准备。 我需要总结的时候抓住关键点:网络安全学习者,理论扎实但实践不足,寻求项目、资源和展示方法。这样用户能得到简洁明了的摘要,帮助他快速传达自己的情况。 </think> 一位网络安全学习者分享了自己在理论学习与实践应用之间的困惑,并寻求项目建议、实践平台、教学资源和简历优化指导,以帮助其建立实际操作经验并展示能力。 2026-1-27 20:41:30 Author: www.reddit.com(查看原文) 阅读量:4 收藏
Hi everyone!
I’ve been diving deep into cybersecurity theory lately (I completed the Google Cybersecurity Professional Certificate) and I feel I have a solid grasp of the fundamentals (Scrum/Agile workflows, networking basics, etc.). However, I’m struggling to bridge the gap between "knowing" and "doing."
So far, my hands-on experience is limited: I’ve set up a few VMs, done some basic Nmap scans, and a couple of simple SQL injection exercises. I want to build a portfolio that actually shows I can handle real-world tools, but I’m a bit lost on where to start for both Red and Blue team paths.
What I’m looking for:
-
Project Ideas: What are some "must-have" projects for a first internship/junior role? (e.g., building a SOC home lab, active directory exploitation, etc.)
-
Platforms/Labs: Besides the usual suspects, are there specific labs that helped you "click"?
-
YouTube Channels: Who are the best creators for step-by-step practical walk-throughs that aren't just "press this button"?
-
Resume Tips: How do you effectively list "Home Lab Experience" on a CV when you don't have professional experience yet?
My goal is to document everything in a GitHub repo or a blog to show my process. Any guidance on specific tools or methodologies (like documenting MITRE ATT&CK mapping) would be greatly appreciated!
Thanks in advance for the help!
如有侵权请联系:admin#unsafe.sh