Gunakan kolom pencarian di atas untuk memfilter materi. Klik setiap bagian untuk melihat ringkasan & checklist.
1) Networking Basics
Fondasi komunikasi data: model OSI & TCP/IP, subnetting, routing, DNS, HTTP/S.
Ringkasan & Checklist
- OSI vs TCP/IP, port & protokol umum (TCP/UDP).
- Subnetting (CIDR), VLAN, routing statis vs dinamis.
- DNS, DHCP, NAT, VPN dasar.
- HTTP(S), TLS/SSL handshakes, HSTS.
- Latihan: bangun lab virtual (GNS3/EVE-NG/MikroTik/Packet Tracer).
2) Linux untuk Keamanan
CLI, manajemen paket, permission, proses & service, SSH, hardening dasar.
Ringkasan & Checklist
- Filesystem, permission (rwx), sudoers, journald/logrotate.
- Networking tools (ip, ss, tcpdump), ufw/iptables, fail2ban.
- Service management (systemd), akun & key SSH.
- Hardening: minimal packages, auditd, updates, backups.
- Latihan: WSL/Kali/Ubuntu Server, otomatisasi dengan bash.
3) Scripting: Python/Bash
Otomatisasi, parsing, scraping ringan, API, pembuatan utilitas tooling.
Ringkasan & Checklist
- Python: requests, argparse, logging, sockets, scapy dasar.
- Bash: piping, awk/sed/grep, cron, rsync, ssh automation.
- PowerShell untuk Windows environment & blue team.
- Latihan: buat port scanner kecil & log parser.
4) Keamanan Web (OWASP)
Top 10 OWASP: injeksi, auth, akses, SSRF, XSS, CSRF, IDOR, misconfig.
Ringkasan & Checklist
- Threat modeling sederhana & recon.
- Burp Suite basics: proxy, repeater, intruder, decoder.
- SQLi/XSS/SSRF/IDOR, file upload vuln, deserialization.
- Defense: input validation, WAF, secure headers, rate limit.
- Latihan: DVWA, PortSwigger Academy, bWAPP.
5) Keamanan Jaringan Nirkabel
WPA2/WPA3, serangan umum, monitoring & hardening AP.
Ringkasan & Checklist
- Mode monitor, capture handshake, deauth, evil twin (edukasi).
- Hardening: WPA3, disable WPS, isolasi client, rotasi password.
- Latihan: simulasikan lab dengan adapter yang mendukung monitor.
Wireshark, tcpdump, Nmap, Burp, Metasploit, FFUF/Dirbuster, John/Hashcat, Volatility.
Ringkasan & Checklist
- Recon: nmap, assetenum, ffuf/dirsearch.
- Exploitation: metasploit dasar & manual exploitation.
- Cracking: wordlist, rules, GPU basics.
- Forensik: volatility, strings, timeline.
7) Blue Team, SOC & SIEM
Deteksi & respons insiden: logging, korlasi, EDR, MITRE ATT&CK, triase alert.
Ringkasan & Checklist
- Konsep SIEM, pipeline log, normalisasi, use case.
- MITRE ATT&CK mapping, Sigma rule dasar.
- EDR/XDR konsep, hunting, playbook respon.
- Latihan: Wazuh/Elastic SIEM, lab honeypot.
8) DFIR (Digital Forensics & IR)
Forensik memori & disk, timeline, chain of custody, respon insiden.
Ringkasan & Checklist
- Metodologi IR: prep, detect, contain, eradicate, recover.
- Forensik: volatile vs non-volatile, imaging, hashing.
- Tools: KAPE, Velociraptor, Autopsy, Volatility.
9) Kriptografi Praktis
AES/RSA, hashing, MAC, PKI, sertifikat, implementasi aman.
Ringkasan & Checklist
- Hash vs MAC vs Signature.
- Randomness, key management, KMS dasar.
- Kesalahan umum: ECB, hardcoded key, insecure padding.
10) Keamanan Cloud
IAM, jaringan virtual, kebijakan akses, misconfiguration umum, logging.
Ringkasan & Checklist
- IAM & prinsip least-privilege, federation & secrets.
- Jaringan: VPC/VNet, SG/NSG, peering.
- Audit & logging: CloudTrail/Activity log.
11) OSINT & Investigasi
Teknik pengumpulan informasi terbuka, dorking, metadata, pivoting.
Ringkasan & Checklist
- Footprinting, pivot, archive, reverse search.
- Opsec pribadi & etika riset.
12) Legal & Etika
Batasan hukum, responsible disclosure, privasi, aturan lab aman.
Ringkasan & Checklist
- Pahami UU ITE & kebijakan internal perusahaan.
- Gunakan lab terisolasi; hindari target tanpa izin.
13) CTF & Sertifikasi
Platform latihan & jalur sertifikasi populer untuk pemula–menengah–lanjut.
Ringkasan & Checklist
- CTF: picoCTF (pemula), THM/HTB (menengah).
- Sertifikasi: Security+ → eJPT → eCPPT/OSCP.
14) Karier & Portofolio
Bangun jejak karya: write-up, lab publik, kontribusi open-source, resume.
Ringkasan & Checklist
- Write-up rutin, Github berisi lab & tooling kecil.
- Resume fokus dampak, hasil, proyek nyata.