cyberjerry42

cyberjerry42 OP t1_j6jy0fe wrote

  1. Always a tech person! Always loved messing with various computer related stuff and getting my hands dirty to see what more I could do with X,Y or Z. Or trying to host a website just to "see how it works" and stuff like that.

  2. It was rough to be honest. This image describes it best. You start to learn bits and pieces to the point where you can glue stuff up but don't quite understand it. Then comes the point where you start to understand it and you realise just how much you actually understand jack shit lol

It was mainly a process of "uh, I wonder how to do this. Let's try!" and then being exposed to more stuff I didn't know and trying to learn about those too. Mainly through YT, various tutorials and reading solutions to some Capture The Flag challenges.

  1. I don't as of now but I'm working on it. Sec+ and OSCP are kind of industry standards despite them not being super up to date. HR will typically look for those. To actually "git gud" tho I recommend the PNPT.

  2. As stupid as it sounds, having a good Google-Fu will take you places. Just show how fast you can learn and how much you're willing to do it. Showing some knowledge about linux, saying you have a homelab and stuff like that can help as it shows hands on experience. If you won a prize at a CTF that's also a good to know.

  3. Not familiar with NCL sadly. And I'm not familiar enough with the SOC analyst role to be comfortable giving you advice sorry :(

2

cyberjerry42 OP t1_j6erag2 wrote

Your welds will be crap in the beginning and it's normal. Don't get discouraged.

Pay very close attention to what is going on in your weld puddle (the part of the metal that's in fusion while welding it) as it will give you every detail you need to know if you're moving too fast/slow and if your settings are correct.

Always get comfortable! This is very important. Welding is nearly all about steadiness (to get a good looking weld) so make sure you're always comfy before laying a bead.

Wear coton clothes. You will catch fire and it's ok, you just don't want anything melting on your skin.

Avoid staring at someone welding without your helmet on. Getting a flash is not joke.

And finally, have some fun!! Especially if it's as a hobby. If left the welding world because of the industry but it is an amazing hobby of which I'm still in love with :)

2

cyberjerry42 OP t1_j6dsar3 wrote

  1. I'd say JohnHammond, TheCyberMentor and XssRat are great starting points on YouTube. Network chuck also has some interesting linux videos.

Before getting into hacking per se, get to know your way arround linux as you will be using it a lot. Tryhackme has an amazing Linux track.

  1. The majority of the job is typically either at tech companies (not necessarily IT, in my case I work for an AI centric company) or working as a contractor for a bigger security audit company (cobalt.io for example)

  2. Your AD experience will be priceless. Especially if you specialize in network pentests. In terms of time, kinda hard to say. You can either grind your way through being very good and "showing what you got" or you can start collecting certifications. I sadly couldn't really give a time frame because it can change so much from one person to another. If you can get your Sec+ and your OSCP with prior networking knowledge (AD for example) you should be good to apply.

1

cyberjerry42 OP t1_j6dc5vq wrote

I think you may be a great fit! Offensive cybersec more specifically really needs you to think out of the box and this is typically where hardware folks excel as we usually often need to think out of the box when trying to fix a big mechanical problem. You can't just "reprint" that big gear with a broken tooth lol

I would say start somewhere like Codecademy or Freecodecamp. Also, once your fluent enough, try to automate some small tasks you think are annoying to manually so. Small projects will teach you the most!

1

cyberjerry42 OP t1_j6dbksb wrote

So this is a tricky question. Where I'm from you'll either make a crapload of money by going welding in mines or you'll be poorly paid if you want to work not too far of the city.

In my case I couldn't go work in mines. After 7 years as a welder I barely made more than someone who worked at McDonalds. Odds are this answer is completely useless if you're in another country tho. I (think) there's decent cash to be made in the US.

1

cyberjerry42 OP t1_j6db5be wrote

Great question! I say I must've started poking arround at something like 15-16.

It kinda depends really as there are many external factors and it kinda depends on the free time you have and the speed at which you progress. I'd say maybe a few years if you're only learninf on the weekends. But it also heavily depends on finding a company that's open to someone with no prior cert/diploma

1

cyberjerry42 OP t1_j6b5epx wrote

I work for a company! I'd say tech is a perfect place to come in without a degree. A lot of companies would rather hire someone who's good (however they got good) than hire someone purely because of their degree. You obviously may have to grind a little more and try to make yourself shine but that's the hardest part. The second you got your foot in the door, you can officially put you're a security analyst and a bunch of doors open :)

If there's a will there's a way! The path to making it may be a little wavy and tiring (you'll doubt yourself, you'll fall into tutorial hell and have trouble getting out of it, etc..) at times but when you get into the industry it's very worth it imo.

1

cyberjerry42 OP t1_j6b4rxc wrote

I didn't have a perfectly straight learning path but something in the lines of:

Learning linux -> Learning the common network protocols -> Getting some solid bases with a couple of programming languages (in my case python, golang, js) -> getting some experience with various tech stacks by running stuff on my homelab -> competing in various CTFs and gathering exploit knowledge through that -> bunch of online classes on security basics

1

cyberjerry42 OP t1_j6arevi wrote

It's my absolute pleasure! Twitter is full of great security researchers like JohnHammond, TheXSSRat , TheMayor and many more (see who they retweet and follow them). There is also a lot of great content on youtube such as Liveoverflow and the cyber mentor. Finally, once you feel like you're ready for the real deal, head over to hackthebox. They have some great challenges. In terms of CTFs, I highly recommend going to picoCTF. You'll pickup great tricks there. BurpAcademy is also a great starting point for webapp related stuff!

3

cyberjerry42 OP t1_j6anbcl wrote

For you question about my work week:
My week will usually start with looking at all that wasn't resolved from the week before. I will then look at what pentests I have coming up (I usually have one per week lasting more or less 3 days). Pentests are always my weekly priority. Throughout the week I'll also follow up on bugs I've previously raised a flag on to make sure they get fix. If I still have time I'll typically plug the holes by working on one of our various projects which can range from a cloud infrastructure scanner to an API key sniffer (for example)

2

cyberjerry42 OP t1_j6amv3e wrote

I wouldn't say it's a niche line of work per se but it's very hard to find good pentesters. A lot of companies tend to hire external firms to pentest their products and get the "stamp" for compliance reasons. Offensive security is absolutely not for everyone as it requires you to think outside the box in very odd ways sometimes.

I've known a lot of absolutely genius devs that could whip out the most complex algorithms without sweating it but they had a very hard time imagining "well if I chain X with Y and finally Z it can easily lead to compromise of A". I'd probably make a shit full time software dev but boy can I break their stuff hahaha

> Are you guys typically contracted to audit the companies rather than work with their IT teams?

I would be tempted to say yes. It's important to keep in mind that most tech companies out there don't have a giant budget and 1000 employees so they often can't afford a red team. This in turn creates a big demand for external contractors such as Cobalt. I personally, however, prefer to work for the company itself rather than being a contractor as it lets me not only find the problem, but help them fix the issue.

1

cyberjerry42 OP t1_j6alsm0 wrote

What a great question! I would say the first things I would recommend learning is Linux in general. It's widely used and an industry standard when it comes to running something on server. A lot of pentesting tools are also designed to run on Linux so one way or another, you'll have to learn you way around a terminal. Tryhackme has a great Linux/Unix terminal learning path for free (iirc).

Secondly, try to understand the basics of programming. Python and Javascript will come very handy for automating simple tasks/scripts. It's also very important to be able to read code to better understand what's going on under the hood. Codecademy and Freecodecamp are great ressources for this!

Third, I'd recommend knowing the basics of network protocols. Udemy is a great ressource for that type of stuff. Understand the HTTP protocol, getting a rough idea of how TCP/IP works, etc.

After entering as an apprentice, work on making yourself processes for when you'll be pentesting. Take notes on what was successful, what was not and you'll eventually start seeing patterns of things that come up often. This will be the stuff you'll wanna start working with when going on a new engagement as they'll often be your entry point into a more serious security flaw.

1

cyberjerry42 OP t1_j6aik77 wrote

In terms of actual exploits I've come across an unusually high number of debug werkzeug consoles that were publicly available via a "staging" subdomain (ex: staging.mywebsite.com). The pin authentication can be relatively easy to bypass in certain circumstances essentially giving an attacker direct access to the machine to run malicious commands.

3

cyberjerry42 OP t1_j6ai3ss wrote

It's not an exploit per se, more of a security issue but I often find secrets that are accidentally public. By secrets I mean API keys, AWS access keys and stuff like that. Put into "wrong" hands (depending on the privileges the key has) it can lead to disastrous results. I've done so multiple times especially when it comes to something I've found on one of our clients websites.

Another one which isn't much of an exploit but more of a widespread bad practice is phishing resilience. A LOT of companies don't take phishing exercises seriously despite most of the recent cyber attacks using them as an entry point into a company's systems.

1

cyberjerry42 OP t1_j6a5kej wrote

Capture the flag! They are cybersecurity challenges where you will have to reverse engineer software, find hidden messages in images (for example), hack into a (purposefully) vulnerable website in order to capture "flags" which are typically a unique key that will give you points once you've found it :)

https://en.wikipedia.org/wiki/Capture_the_flag_(cybersecurity)

6