Every time you post a new video, I get excited to learn all over again. I always feel like I am so behind everybody, but seeing you put out new content makes me feel like I am keeping up for some reason 😅
This is a great video for those who are new, looking for advice on how you should be looking at your security career/journey. Keep putting this content out, Mr PhD.
Your videos are the best. Love the content. Everything you said is spot on. I went from an absolutely horrible GPA my first year of college to over a 3.0 gpa in a cybersecurity degree. There's so much out there and it can be overwhelming like you said. Its good to try stuff out and dip your toes in the water before diving head first. Learning cybersecurity is a marathon, not a sprint. I constantly tell myself that when I'm trying to learn. Its a lot of trial and error and just use of google.
great video, that learning curve is real! at the moment im switching from HTM to HTB and have learned a lot, but still a lot more to learn haha :) one thing on the ipsec videos', i see that they are great, but as a beginner they confuse me a lot... he does things the hard way, so great if you can follow along but most of the time i have nog clue what he's doing... hope someday things will become clearer!
People in security community really do have brains wired differently. But that's a good thing. How many times did you just want to order something online or create an account somewhere and ended up in network developer tools checking if they validate every request :D
Can you make a bug bounty session where you pick a site and then show what you do first step by step. Do you use scanners at the beginning or do you look for injection or xss at the beginning etc. I would be very interested in a guideline from you
Really helpful tips. As a programmer, I can understand what you said... Security is not at the top of my head when I start writing code for a particular feature. Thinking like a hacker now, I believe I can do a lot to secure the programs I wrote previously.
The last week I have been securing a web app and I made a few mistakes and the app was still vulnerable 😁 Only caught my errors after going back and trying to hack different features.
Many developers end up taking a short bug bounty and web pen test courses to develop a security mindset better when programming. @ryan_phdsec offers one I'm finishing with and its great. Its the zero to hero bug bounty course.
Your videos are so informative compared to most out there been at this game for three years learning each day. The tools i love to use is Zap, Commix, Waybackurls, and either subfinder or Amass. There are some other tools i use but those are the main ones when i hunt for server bugs aka Command Injection.
No it doesn't really focus on web testing just basics like LFI RFI I can't even remember if it covers SSRF... Mostly they cover exploits in known systems
