how to read safety articles effectively

Posted by santillano at 2020-04-09

On the classification of reading levels and methods


Book mountain has a path of diligence. I hope this article can be your faithful and diligent guide when climbing.

Eulogize reading

Yes, there is no time. There are troubles in making a living, and the occupation is very boring. Now we have only one or two hours of freedom every day. It's easy to let go of ourselves and watch the live broadcast for a while and play a chicken. Please cherish your time to read! Let the energy burst out as much as possible in that hour or two, just like the torrent running in the middle of the rock. Because there is not much time to live, you have doubled your life instead. Most of the daily work lies are packaged by salary, promotion, performance and corporate culture. Don't care about going home and clocking off before leaders. Improve your learning ability and problem-solving ability by reading!


Everyone has developed reading habits in school education, work and life habits. Some people "view it roughly", some people "don't know it well", some people "review the past and learn from it". There is a best-selling book "how to read a book" Adler's book focuses on skills and reading all kinds of books, which is too targeted. Based on the author's shallow experience, this paper introduces the safety circle Some of the reading methods and skills.

The level of reading

Most people know how to do a thing when they are working; excellent employees take the initiative to think, distinguish the main contradiction from the secondary contradiction, refine what, weigh the priority and grasp what? Alibaba is called grasping and focusing. Excellent colleagues think twice about everything. Why do they do this? Is the deep reason solved? Is it a compromise of imperfect methods? Is the result orientation and indicators correct? It's easy for a guy who deliberately practices this kind of cognition to stand out and seize the opportunity.

The principle of reading safety articles is the same. Understanding these three problems will help reading give full play to its competitive advantage, and make reading efficient, planned and counter productive. It's not feasible to do security industry without learning. Continuous CVE vulnerability analysis article, continuous security methodology construction experience, continuous policy and law, level protection exchange and discussion, continuous CTF competition \ HW actual combat record experience, but also have to be similar. It, language, architecture, social engineering system have to understand, and the article is so interesting:). Long term effective reading is the only way to keep up with the times. To understand the purpose of our reading, is to improve professional skills to read "0day security software vulnerability analysis technology"? Is it for the purpose of increasing knowledge to see the anthology of safety village? To read the black and white way for content? Under this premise, the author roughly divides four kinds of books and articles: the first kind is the main business, the foundation of settling down, the purpose is to provide professional skills. Different books are studied in different periods. It's better to learn more books of data structure, operating system, English and other majors in school. When you are about to embark on a social career, you should read "white hat talks about web security" according to the direction Full, Internet of things security, Metasploit penetration test guide, etc. when growing up, it's just necessary to choose CISSP, enterprise security construction guide: financial industry security architecture and technology practice, go language programming and other aspects of reading. Everyone chooses to develop, emergency, machine learning, big data, data security according to their positions and directions The security system and system will be contacted, not necessarily at such a pace. The teenagers watching hacker x files and hacker defense are not in this order. They can choose different periods of time and cross fields. If you see some problems, they have no new gains and are boring. I think you can also do what the author said. It is suggested to contact different ones in a different direction The depth and breadth of security books are equally important in the pursuit of better development, which will certainly help your career; the second category meets the spiritual needs of hackers, such as the art of anti deception, hackers and painters, criminal law; the third category is reference books, which are supplemented and searched in the work, such as encryption and decryption, IDA Pro authoritative guide, "bird's brother Linux private food", "network security law", various industry papers and PPT, etc. the fourth category is entertainment and leisure, some Twitter, WeChat official account, column, and so on, which are peripheral safety news and anecdotes. Here is a simple and general summary based on the period. Reading is definitely not fragmented reading. We should learn in the spirit of "fetching principle", understand concepts, knowledge and settle down. We should not indulge in the safe entertainment circle. Gorky said that "books are the ladder of human progress", and I said that "bad books are the slide of human retrogression". It's not worth wasting time in a non nutritious book. How to read effectively is the focus of this article.


Brace up the regular reading time and place, generally recommend the freebuf before reading, the prophet community, RSS subscribe, at noon, in stable environment, lean reading and absorbing knowledge, and at night will be tired, on the road can see WeChat official account and the group of big cattle hair of all kinds of anxious PPT and articles.

Reading from thin to thick, from thick to thin. It's better to read books with questions than to punch in at a glance. Ask before reading: what's the difference between this book and what I thought before? What problems have been solved? Can you solve the problem I have? Expanding with questions is different than blind looking without goals.

When purchasing books, JD, Dangdang and Amazon will have catalog, chapter structure and partial trial reading. You can see the basic classification and author's information to determine whether the content is just up or full. Many books are collections of columns on the author's network. You can read columns completely without buying. The mechanical industry press, the people's post and Telecommunications Press and the orelly series of technical books are very good, but different foreign books of the press have different advantages and disadvantages. Compared with the threat modeling: design and delivery of more secure software, which belongs to Willey's information security technology series, the translation of the book is too painful. It is the only book that I read and exclaim that "thank God I have finally finished reading" , but the same series of "Internet enterprise security advanced guide" is very good. In the process of reading, concentrate on reading the outline, classify the outline from the mind, sum up the total score and list the relevance. Before reading, it is recommended to prepare a pen to draw the key points at any time, write feelings, use iPad and pencil, or use paper book and pencil. If paper books are expensive, you can buy second-hand books on Confucius old book website. There will be a lot of discounts on technical books. Or it is more cost-effective to exchange gold coins for books on the security website. Gold coins are obtained by submitting loopholes or publishing articles.

Reading requires eye movement, brain movement and manual operation. The purpose of deliberate practice and understanding of the author's creative ideas is to follow the author's steps towards the prospect of knowledge dissemination. After reading, mind map class is a useful tool. In GitHub, there are various kinds of security related mind maps collected at Without the use of XMIND paper and pen, you can sketch the diagram and summarize the main structure, just like the difference between extensive reading and dictation.

I strongly suggest that after reading, readers can also write similar articles. If they step back, they can write reading notes for comments. The writing method is not rigid. The author is eager to communicate with readers and get positive feedback. Useful confidants give the author a sense of achievement more than reading quantity. For readers, they should have some fruitful comments to support them to read carefully Only when you understand it, you won't make false comments. You can sort out the reasons for approval and opposition (the more you distinguish the reasons, the more obvious they are).

There is an illusion in reading habits, and I don't want to read it after reading it. The main reason is that I think I can understand it and I don't feel fresh after reading it. In fact, good books are suitable for intensive reading. No matter how fast the IT security circle changes, Wen Gu can always know something new.


It's a good way to exchange with each other what books they read recently. The channels and contents are roughly divided into:

Policy information is based on Comrade Xi Jinping's speech at the first meeting of the central network security and informatization leadership group,

This kind of explanation is not a discussion, but a notice. When you read it, you need to understand that "network security and information technology are important strategic issues related to national security and national development, and work and life of the masses of the people". There is a definition that "network security and information technology are two wings and two driving wheels of one, and must be planned, deployed and unified 1. To promote unified implementation. " It has a clear idea and route of work in the general direction of "excellent technology, developed network culture, good infrastructure, high quality and exchange and cooperation". If you understand this article, you will know the regulations on classified protection of network security 2.0 (including several expansion systems of big data, cloud computing, Internet of things, mobile Internet and industrial Internet), regulations on security protection of key information infrastructure, national emergency plan for network security practice, exit security assessment method of personal information and important data, data security management method, personal information security specification, strengthening industrial interaction The guidance for network security work and other different industry norms and national standards are for the above strategic services.

• vulnerability reading vulnerability disclosure mainly focuses on several elements: version, trigger point, scope of influence, components, mitigation and repair methods. See whether the utilization mode is a new field, whether it is a trend of technology utilization, whether there are similar problems, and then judge from a professional perspective to emergency, reinforcement and upgrade products.

Taking cve-2019-3394 as an example,, there are detailed security research contents that need to be grasped

The official account number and official account are not suitable for reading large sections of text. It is convenient to read some information, and can subscribe to interested authors and exchange messages. In the search results, you can see that GitHub and personal blog can collect multiple subscriptions. If there are many pages in the paper, it is suggested to print them on one side, so the reading effect is better. Some vulnerability analysis articles, such as: EOS vulnerability,, have a large section of code, which is also convenient to print out and compare POC line by line, and analyze the author's ideas and construction chain. Some English paper computers keep a corresponding translated document, which can be read slowly. • is there less and less security communication in the future after the new information disclosure laws and regulations of cd-u disk come out? CD can be archived for a long time with fault tolerance. Will some important data or POC be circulated in this way? Knowledge planet and geek time

From the writer's thinking

To understand the layout of the author's writing, we can understand the context of the article. In the era of self media, everyone can contribute and send long pictures and texts. The biggest advantage is that they can have more interaction and meet like-minded friends. There are generally sequential templates for writing security technology descriptions: background, importance, solution, timeline, next step risk, summary. Take Google's how Google adopts beyondcorp as an example. The original

So what's the problem? What are the difficulties? How to solve it? Give readers feedback on what experience they have gained. In this regard, we will carry out the theme reading of Google security white paper according to Google's scenario, and browse other analysis and interpretation articles of security practitioners in the security village and security.

Try not to be conservative in the content of writing and not to think about writing unprecedented articles. Today's improvement and sharing may become a leap innovation later. A simple IOS safety introduction article and a person's safety department construction guide will also be a good guide for newcomers. When writing, the reader is regarded as a student with only simple computer knowledge. Do not write directly: "modify the" dirty cow "authorization script of the exploit DB website, and make use of it successfully." It's better to write down the process, essentials and results of the operation. There are general limitations in the content of technical articles, but the results of writing and not writing are different. Writing is a record, a carding of ideas, and a continuation of the spirit of hacker sharing.

Long term reading

One of the things that can easily be ignored is sorting out the bookshelves. This is a mistake example of messy bookshelves:

A good working environment is a good mood. Classifying books by category, language and function is a common method. Classification is also helpful to the general situation system, to understand which aspects are not well understood, and to encourage readers to face up to these things.


It's not surprising to learn from time to time. May my readers read, think, explore and never stop.