So, you want to be a hacker: 2021 edition, part 2.

We filled up the last thread, so here is a continuance of my thoughts. Part 1 can be found here:

https://twitter.com/thecybermentor/status/134347181413203148

1/?
The next thing to discuss are certifications. In my opinion, unless you need either the CEH or Pentest+ for job purposes (see DoD 8570), avoid them.

Right now, the best ROI and gatekeeper bypass-er certification is the OSCP. https://www.offensive-security.com/pwk-oscp/ 

2/?
Penetration Testing with Kali Linux (PWK) | Offensive Security

https://www.offensive-security.com/pwk-oscp/
There are other certifications from INE/eLearnSecurity and SANS, but they can be more expensive/have less ROI.

Regardless of the certification you choose, you'll likely need to have some skills in basic exploit development, basic hacking, and privilege escalation.

3/?
We covered the basic hacking in part 1, so let's talk exploit development first. I have a video series covering the basics here: https://www.youtube.com/playlist?list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G

and a blog here: https://tcm-sec.com/buffer-overflows-made-easy/

Additionally, @TibSec has a room on THM https://tryhackme.com/room/bufferoverflowprep

4/?
Buffer Overflows Made Easy

In this course, we cover 32-bit Windows buffer overflows and make them look easy!

https://www.youtube.com/playlist?list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G
Beyond the basics of exploit development (and the scope of most exams), there are some great content creators:

@LiveOverflow - https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
@gynvael - https://www.youtube.com/user/GynvaelColdwind

5/?
GynvaelColdwind

Na tym kanale znajdziesz trochę różnych podcastów/livestreamów w języku Polskim, które od czasu do czasu nagrywam. Tematami zazwyczaj są security/hacking/programowanie/inżynieria wsteczna. Mój blog:...

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
You can follow @thecybermentor.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.