i am new here
and i don’t have a background in this field
so to start, should i learn the basics of some languages first such as HTML CSS JS PHP SQL
or can i access to it with just read some books like “ web app handbook” and try to do CTF
I would recommend you to start with web hacking 101 by Peter, then do owasp10 and along with this practice what you learn on vulnerable labs like bwapp,dvwa etc, read h1 public disclosures, follow other peeps on twitter, read blogs and write ups.
Learning programming or having a computer background is not necessary to get started, you just need to be curious and passionate about this field.
i just learned some basic of html
i am trying to CTF but it is difficult
i read some basic about networking
i have “web app handbook”
but i dont have a roadmap
Check this thread out for resources and roadmap.
last question sorry
but i feel so confused
it is necessary to learn HTML CSS PHP SQL JS
or can i read the book ?
thank-you so much
You can ask as many questions as you want , we all here to help.
There is no need to burden yourself with programming yet. You dont have computer background so first try to understand basics of networking, how internet works , how web works , http, servers , clients etc. And spend most of your time learning about bugs and also practice what you learn on vulnerable labs. Ctf (where you have to find a flag using tools) is good but its different from real world applications. You can play hacker101 ctf as those are good and all those ctf have web based vulnerabilities.
And you can join Bugcrowd’s discord channel to ask these type of questions with quick answers.
how do i join the Bugcrowd discord channel?