#cyber-and-careers

But i want to say yes

Due to the pivots and such

I see peoples doing net+,sec+,pentest+,eccpt then oscp

Seems a bit too much to me

Personally, i will do ePTX and eXCD next, maybe Pentest+ as well

But all those, just to take OSCP seems a wee bit too much

bruh if you've completed ecppt before applying, I can easily see why they hired you, coupled with all of the other stuff that you mentioned

He didn't know what eCPPT was

I don't think I can do that whilst unemployed, it's too expensive, especially now

Had to research it

well no matter, you could explain exactly what you did

Indeed

practical exam, etc

pivoting

real life scenario

Think he got me, because i fit into his future plans for the company

good on you

though you got lucky as well 😄

that's not to say you don't deserve it ofc

Coding skills needed in red teaming

You will have to code all undetected things haha

Very lucky

Hah yeah

I made a Word Macro the day before, which we talked a bit about

https://flowcv.io/ <- the best CV builder I could find

totally recommend it

@shrewd gazelle you're describing my ideal job opportunity lol

although I don't have your experience

much more newbie both in sec and in programming

well, not exactly newbie, but not skilled

@shrewd gazelle What was your job title? "Penetration Tester"?

In your CV

@cosmic ingot Keep at it and you will get it

Never was a pentester

I work this redteam job plus my other job

Which is "Operations Specialist"

I do Azure sysadmin stuff

htb+thm should be categorized as ctfs, not experience

With different heading

htb+thm should be categorized as ctfs, not experience
@languid hearth even with the THM focus on teaching content?

yep

thm isnt irl experience, they dont offer degree programs

the best way to categorize it is as a 24/7 ctf

True, although they do offer introductions to a wide variety of topics which have real life applications -- unlike HTB being purely challenge based

yeah, again

not formal experience

Your walkthrough content alone falls into that category

walkthrough in experience categories?

the only people that can really list thm as valid work experience is box devs/room testers etc

I'll take you're word for it, given you're the one with the experience 😁
I don't think I would want to throw them into the same category though

Oh, wait, someone is trying to use them as work experience?

Yeah, Ok, disagree with that one.

Muir thats what experience means in the context of a resume

I have them down as training myself 🤷‍♂️

Wouldn't put them as experience though

the only formal training thm really offers is throwback and thats a bit of a stretch

i use training for paid for courses like OffSec/SANS offerings

Given there aren't any recognised certs from either, you can't really call it formal training, I agree, but it's still learning, and still practice

Huh, fair enough. I would put that under "Certifications"

I'd put OSCP under certifications

I'd put PWK under training

id include both because ifs a 50/50 thing and it can help fill space if you need it

You'd list them separately? Hm, that sounds like a good idea

Thanks 😁

hmm

1. PWK 2. OSCP

Never thought like this heh

This reminds me, I really need to go update my CV

because if a potential employer is going down your resume you can speak to them as seperate things

PWK is an introduction penetration testing course + lab environment

OSCP is a 24-hour practical certification exam

two parts of the same cow haha g0tm1lk reference very funny,

its also worth it to note after 5 or so sans courses, the certification exams get kind of old and people stop focusing on them/dont really care enough to do them

you'll see later in life that there's more emphasis on the training you've done than the certification exams, especially if you have experience

I thought basically all of us see it that way

Employers often don't see it that way, or at least you don't get to the interview stage if you don't meet a minimum of the requirements, of which some certs are one (depending on the employer)

for someone without a degree , which certificates do you recommend to get a shot at a job in inforsec?

Well, now that eLearn is doing their INE thing, i would say go for OSCP, and maybe the new Advanced pentest cert Offsec is making @turbid glacier

And get some projects going

/try to get some sort of experience

you mean the cybersecurity pass?

Yeah

thx for the tip

i still have my hopes alive for ad

ad?

active directory

^

I got that much

Oh

You mean AD in the new Offsec course?

Or?

For black box testing web pentesting is important!

yeep

a blackbox webapp cert may be beneficial for OffSec tbh

from what I gather awae is mainly whitebox

but I've heard it's possible that it can be done blackbox

It could be black box. But a.d is internal ... no?

A.D testing is required if we have shell 🙂

But it could be black box if 389 is publicly accessible

Im talking web app

but a white box internal may be interesting 🤔

you could take the blackbox approach and go at it from there

but finding vulns when your DA puts you in a different perspective

the more I think about it, the more I like the concept though

@coral niche if you have the time, care to elaborate on the questions you were asked?
@cosmic ingot I didn't see any questions, but I'm more than happy to try answer any that I can.

@coral niche I didn't phrase that correctly. I meant if you could tell us what questions you were asked when you mentioned 'Linux' in infosec job interviews

Spooks has a nice pin with interview questions as well, but those are generally security related, not Linux specific

Best way is to reach out ceo and cto from the company. These guys llc dont have a HR. They often will hire you directly, that how i got mine but it for malware analyst not pen test.

@loud marsh

Would this be the right room to ask about a step by step on becoming an ethical hacker?

yeah

the answer is simple

there is no step by step guide to becoming an ethical hacker.

Fair enough. Would there maybe be a starting point you would recommend

TryHackMe is a good place to start
Maybe pick up on some programming, and basic networking, then go for a cert like OSCP, and just keep rolling after that

Ok sounds good. No idea what I’m doing but let’s do it 💪🏻 lol

Hell yeah!

We are here if you ever need some guidance or anything

I appreciate that. I’ll get some of these courses done and see where I’m at. Thanks again

Np

ELS suddenly increased their course price?

its not a course anymore

They went to an entirely different system really

its a subscription model for all their courses

Oh i see. How it works now then? It redirect me to INE subdomain. So student need to pay monthly or yearly?

yearly

only option for cyber.

$2,000 USD

that's 2/6ths of my monthly income for reference

which is like

👀

a lot more than most people can afford

You get a free year code

Well I got one anyway

ah yes a free year

$1999 for 1 year subscription plus 1 year free

im sure everyone would rather the price be reduced by half

still expensive af

not good

1,000 for a year is a lot better

Yea it’s way too much

1,000 for a year is a lot better
Not really if you just want ejpt

if they moved to a monthly subscription model it'd be a non issue

1,000 for a year is a lot better
@languid hearth Could probably do about 5 of their certs in that 😆

That would make it well worth it

No monthly subscription ... right?

nope

@languid hearth rich af then

So we need to pay all amount in advance!!! Bad idea. Not sure why they did this!

It business

because INE is a garbage company.

From now i know INE is a company

no trial, no monthly option, and not respected enough in the industry

ELS not a trademarked company?

INE turns into Giac and E Council soon

eLearn is owned by INE

too bad they'll never reach the level of respect

haha lets bar everyone from taking our courses

I was planning to get their web penetration testing and exploit development course...

lets do it on our unrespected industry certifications

No way anymore!

4head

look at it this way, you can take AWAE and still have $800 left over

I will go with Offsec learning path

i will say you should hold off for a couple months (if you're planning on getting it soon)

Currently preparing for OSCP

i have a strong feeling their idiocracy will make them flip flop over to a monthly subscription model

after oscp will do some kind of advanced course

ELS targetting rich peoples who can stay in their server for 2 years! What a policy!

I heard Offsec will release an advanced penetration testing course?

soon™

in next couple months

So in first quarter of 2021 may be.

erm

id say december, likely

@languid hearth Could probably do about 5 of their certs in that 😆
@undone shore only training it’s 400 per voucher which sure if you’re in the field and can do a bunch of advanced certs it’s nice but the real backlash is because there’s no longer a cheap entry level cert

certificate of completetion

ELS was getting popular day by day.

Ugh -- your 2000 a year doesn't actually give you the exam vouchers?

Well that's something...

Yup

thats wicked

this is some next level gatekeeping

huh? No voucher included in 2000?

not evem eJPT??

:

Ine is going to screw els

lol

Does kinda sound like it

ELS is really up and coming -- that was partly for their accessibility

The other thing too

Hell, I was going to go do their web cert next, rather than the offsec one

the current certification links are broken

Less sure about that now

Oh you are kidding me

like for people who already bought certs

That is some serious bs

I was happy with the idea of the pass at first because I thought it was just an addition but taking away all the els accessibility is just screwed up

I thought it was an either/or when I heard about it

Realising it's a replacement is a bit of a shock

like i said beforr

I think they'll realize their mistake and a couple weeks and we'll switch over to a monthly fee opposed to yearly there might be a premium for it but they kind of have to especially since they're trying to reach us as a market

Yup

they certainly cannot compete with sans, their courses are on par with sans, but the respect isn't there that they need

especially to move into the corporate market

^

do yall recommend compTIA certifications?

As your first foundational certification, Security+ is an often recommended choice. @stoic lotus

The only challenging things for comptia, need to memorize lots of thing and remember acronyms!

Im thinking about a blue team cert... anyone know a good one?

what’s your budget?

IDK
My boss can pay it
So... dont know

Nice to have the freedom

Well uh, what's your companies needs in that regards?

For blue team CySA+ cert bad?

Well uh, what's your companies needs in that regards?
@quasi stream They give me free election
But i dont feel ready to OSCP (YET)

And my dream is to be a CISO from a big company
So SGS is my thing (ITIL, 27001 and COBIT) but i want something else now

CySA is okay

@cedar terrace what is your current role?

CCNA CyberOps would be better

@cedar terrace what is your current role?
@unkempt nova Can said a lot about that cause is from gob

thanks!! @languid hearth

There's also Security Blue Team, they're fairly new @cedar terrace

Which one ?

https://securityblue.team

Thanks !!!!

It looks pretty nice
You have that cert? @distant pier

@polar rock was this the one you were strongly advised against?

No, I don't have that certification. They're fairly new. Just another option to consider.

know anyone who have it?

wow I didn't realize INE is going to replace that platform, looks like I'll be doing OSCP intead of eCPPT :/

@cedar terrace I would not advise that cert, I won’t go into too much detail here but I’ve been warned of the instructor for it

cry you do threat hunting right? do you have any good resources? i was gonna give elearn's a go but since what happened idk

theres honestly not a lot you have sans and you have random udemy courses and crap. Splunk fundamentals 1 can be a good place to start but thats more just a general splunk course. You could also look here https://dfirdiva.com/free-training for some free resources as well

UK-based people: when it comes to finding a job, apart from the usual websites most of us use I've heard there are some agencies which you can call and give your info to and help you find a job. Can you enlighten me pls? I'm thinking of relocating.

How to determine if I have a good chance to pass the OSCP exam?

I haven't done the exam but I think the majority of people would say:
Confidence in what your tools are doing/when to use them
Good report writing
Having hacked the majority of the lab, including other subnets(no pivots in the exam as far as I'm aware)
Structed attacked, e.g. first do, second do, third do,
Easily able to do BufferOverflows(THM tibierius room is great for this)

One of the best people to speak about this would probably be Muir

Because by the sounds of it it can come down to luck with what machines u get

@leaden yew Yeah, my view on it is slightly skewed, given I did nearly all the lab machines, all of the offensive pentesting path, and a big chunk of the TJ Null / TM list; and still got hit with machines which were far and away the hardest I've ever seen (during prep, or otherwise). It is very luck based, which machines you get. Some people get really easy ones. Some people get ones which are significantly harder than the standard that the course materials teach you to. They won't be impossible, but they are incredibly hard.
To put it into perspective: I know six other people who've seen one of the ones I got -- including two professional pentesters. None of us managed to root it. None of us had a clue where to start after the foothold.

Moral of the story: no matter how prepared you think you are, luck will play a huge factor in your exam.

PWK is great -- learnt a massive amount from it, and I highly recommend the experience. The whole thing is a learning experience. Just, be aware that even the best (of which I am definitely not one) can get blindsided in the exam.

@leaden yew Yeah, my view on it is slightly skewed, given I did nearly all the lab machines, all of the offensive pentesting path, and a big chunk of the TJ Null / TM list; and still got hit with machines which were far and away the hardest I've ever seen (during prep, or otherwise). It is very luck based, which machines you get. Some people get really easy ones. Some people get ones which are significantly harder than the standard that the course materials teach you to. They won't be impossible, but they are incredibly hard.
To put it into perspective: I know six other people who've seen one of the ones I got -- including two professional pentesters. None of us managed to root it. None of us had a clue where to start after the foothold.
@undone shore
But if I had to take the OSCP exam today, I think I wouldn't get a single machine even with a bit of luck

I judged my readiness based on my confidence of each of the main topics in the PWK syllabus (pre-2020 when more of the material was expected in the exam). Most of this stuff is about enumeration and escalation across a lot of different situations, so you gotta play with enough boxes (whether in PWK or elsewhere) that expose you to all those situations.

This post they did recently might help too, and they have an interesting chart correlating exam pass rate with number of lab machines pwned https://www.offensive-security.com/offsec/pwk-labs-success/

https://www.offensive-security.com/wp-content/uploads/2020/10/pwk-stats.png

(not sure if these are 1st-try attempts or across all, they never went into that detail)

Some questions I remember:

@coral niche I didn't phrase that correctly. I meant if you could tell us what questions you were asked when you mentioned 'Linux' in infosec job interviews
@cosmic ingot It's been a few years now so the specifics are a bit hazy, I did go back through some follow up emails and this was what I found.

Linux:

What is the difference between shadow and passwd files?

What does chmod 700 do?

Other:

What is OSPF?

What is split horizon DNS? How would you use it.

What is iterative vs recursive DNS?

In interviewing for architect positions the interviews tend to be more conversational about how you would approach design vs the quizzing. I remember having conversations about LAMP, RedHat, Squid proxy. It's all very situational and specific to the companies doing your research is the best way to prepare for those types of interviews in my opinion.

When it comes to the security specific questions, just read the Daniel Meissler questions, it was comical how many times I got asked those. Unfortunatly most people didn't bother to read / use the methodology and just used them as quiz questions. Make sure you can at least answer those specific questions at first. From there you can work to build out answers and hopefully drag the interviewer into an actual conversation.

Thanks!

I didn't see the original question but I think the funniest interview question is "how would you protect an internet facing website?"... because it is so open ended, you end up getting a variety of answers

and really it will show people's experience and their thinking methodology

"I would put it in the cloud amazon gives me acls that are hacker proof" (not being serious)

we had someone say something like "I would have the security team ensure it was secure".... you are interviewing for a security team?

Display it on port 5544

I always enjoyed the though exercise questions, anything to have a conversation. When I used to do the interviews for helpdesk spots, my favorite was "a user calls up and says their monitor is blank"

A user calls up and says their laptop stopped working. You go investigate, when you open the CD tray coffee pours out, what was the problem?

Wrong drink fed to the laptop

👀

Sometimes I miss helpdesk.

How was it like?

Senior VP's who was taking a bath with her laptop... The coffee guy, the corporate counsel that screamed at me because she left her laptop at home and the docking station didnt work. It was good times.

Sounds lovely

OSI layer 8 issues. 😄

But honestly it's a great place to just learn. You're exposed to so many different problems.

OSI layer 8 issues. 😄
😛

But honestly it's a great place to just learn. You're exposed to so many different problems.
I bet!

Sounds partly similar to my sysadmin job, except the whole user hassle 😛

My sysadmin gigs always seemed to have users attached to them, I think they followed me, like ghosts haunting you eternally.

They do

To an extent

Alright time to get ready for another day of zooming. You guys have a good one.

Enjoy mate

Good evening, I would like to gather some opinions on a matter that has been in my mind for some time now, I am a net admin atm, got a pretty good offer for a devops jobs on another company, what I really love though is networking and security. There are currently 0 jobs on security and the market doesn't look promising for security related postings. Do you guys think taking the DevOps job will make lose touch with security and networking?

https://i.imgur.com/MRhchn3.png . Anyone can tell me if there is the right answer?

That's a research question

If you can ask here, you can google it

If that's a question for a job interview, I recommend against asking here @unkempt nova

@wind fulcrum like any good job, they are not always posted on a job board, I would do a little research into the company you wanna work for and see what their security team and program is like, if it's promising then take the DevOps job and keep bugging people internally until they let you do security stuff lol

@quick forum This is just a test question! So it is just part of my study

You probably have the material to learn the answer then, this is rudimentary stuff

@quick forum What i know asymmetric is RSA, DE and DSA. RC4, 3DES,AES are symmetric and PGP is mail encrypting tool.

@ancient prairie I do. But is it bad idea asking here?

If it is bad idea or cheating then i would stop asking here. Surely!

If it's a test question, it's generally meant to be independent

If it's open book, use the internet or the book

Generally not meant to talk to other people about it

@quick forum I got the question from udemy

It's not a bad idea to ask here but people tend to only answer specialized questions that aren't easy to find answers for

pgp is asymmetric as well

public key to encrypt, private key to decrypt

ah, So i need to be more smart. I thought why PGP is here

But it is not an algorithm itself 😩

nope

So does anyone have any recommendations on what would be a good practical, stop-gap certification to bridge the skill-gap between eJPT and OSCP? I was looking to take eCPPT but that's not happening now with their ridiculous fee structure. I'm getting my Sec+ soon but not sure where to go from there on the pen-testing cert path, I feel like one more year of training and another cert and I'll be ready for OSCP.

THM/HTB sbould be sufficient enough to cover the difference between the two courses

its very much a build off the things you already know, take it another step

The INE course is honestly quite nice, what's wrong with the fee structure? (I genuinely don't know, I only used the beta so I never had to look at the fees)

It's $2000/yr and there's no smaller increment

If you just want PTS, you pay that fee

Aaah, so you have to buy all the levels at once

And it doesn't even include the exam vouchers

I guess it makes sense if you're dead set on going from PTS to PTP to PTX

and there's no monthly option as well at the moment

Exam vouchers are $400 too, it's pretty absurd. Granted the courses are actually good but it still sucks.

Yeah I figured THM/HTB would be my cheapest option for now, just wanted a piece of paper with my name tho 😛

tldr you can buy oscp and have something respected and have 800+/- left over

Yup

In 10 years maybe eLS will have the same level of respect and notoriety

id throw that at Zero Point Securitys red team ops course

Yeah, I think that's why they split it

It's $2200 to get ejpt, I think?

Yeah I figured THM/HTB would be my cheapest option for now, just wanted a piece of paper with my name tho 😛
@ancient prairie throwback!

Throwback is on my to-do list for sure 😄

Yeah, I can only speak to their content but that does seem like it won't work for most people

yeah 2200 for eJPT is an ABSOLUTE JOKE

guess I was really lucky to get it for 350 or whatever it was a couple months ago lol

I'm writing a THM/HTB eJPT course, so hopefully in the future you won't need to take the INE course at all for it

And you can do it with just THM/HTB boxes

id throw that at Zero Point Securitys red team ops course
@languid hearth I honestly should sign up for that course

sounds like a good opportunity for a learning path

I don’t know if they have spots open rn

they do

i checked last night

Ohhh

Hmm

I should do it when I’m not mad busy with dev and other courses

exaclty

kek

@hasty geyser good idea! while the Hera labs are really cool, I felt like a mix of VulnHub VM's and most of the rooms from the offensive-pentesting THM path really prepared me well

Yeah, I'm doing PTP rn and not really using the Hera labs

I keep ending up on THM to find a box where I can practice the skills they're teaching me

There should 100% be a service that allows you to launch VulnHub VM's on a machine somewhere automatically 😛

Hmmm, weird, almost as if someone found that niche already and made a platform

I will say that hera labs can be eh for their offensive stuff because their just basic boot 2 root stuff, the more advanced stuff like eccpt can get cooler but for other “professional” courses is really where els did an insanely good job with custom pcap, binaries, tools etc

really depends on the course how nice the labs are

Yeh, just wondering if there's a "Pay as you play" kind of structure you could setup on AWS

Probably not the right channel for that

yeah now that offsec bought VulnHub it's almost a matter of time before they paywall it lmao

THM used to be credit based in the super super early days, before I got there

The boot 2 root labs are fine on eCPPTv2 but they're very similar to just THM boxes/CTFs so you might as well do that instead/on top of it

I'll be creating a list of boxes for the eCPPTv2 cert as well, just easier to do for PTS

I honestly think the combination of text/video courses with THM/HTB as practical exercises is perfect

agree

my only grief with els before all this ine crap was the lack of videos if I’m going to pay 1600 for a course I don’t just want a slide show

there's so much good existing content already

Yeah, the videos they do have are good, but there are very few of them

Though a lot of the PTP feels like it wouldn't be helped too much with videos tbh

Maybe with videos of someone applying the theory in a real-life scenario (vs just a voice explaining the same exact thing)

thats why SANS is super popular

because they do that exact thing

But there are plenty of YT and Twitch channels who do stuffl ike that

SANS?

https://www.sans.org/

Ah cool

thats who eLearn is trying to compete with btw

@languid hearth irrelevant to your discussion, can you tell me where you are based? Us?

Do they do certs as well? Or just training content

Southern U.S.

certs as well

GPEN, GXPN, GCIH are common

Though a lot of the PTP feels like it wouldn't be helped too much with videos tbh
@hasty geyser yeah sure for ptp but I’m taking eTHP rn and some of the models and explanations are the driest things you’ll ever read

I mean, have you read the first module of PTP? :p

I love the fact that at any point in spooks life I can show up to his place of residence within 4 hours

i love how you actually cant because i live in a gated community

you can show up outside

but someone sees you yelling

SPOOOOOKYYYY

think I won’t jump that shit

The cops are getting called

Time to put my se skills to work

Jumping gates in the southern US?

Feels like a risk I wouldn't be willing to take

^ also not the smartest idea

the CIA guide to getting women about to come in handy

I kind of want to test how easy it is to get into a gated community now but that would be... unethical of me

On the other hand there's a new room about that

This website I pay introduced DS&A Leetcode mock interviews today, if any of my friends want to practice DM me. Must be my friend tho, I can only interview 5 / month unless you pay (£75) for it

@nova ravine ?

.

@nova ravine ?
@rugged sable wait why do u want to interview me?

u can also interview me

since you're an actual software eng

🥺

lol 😂 okay let me remember my interview experiences.

but Indian interview would be so much different tho

I'd like to spectate. 😁

i'll stream it 😛

Speaking of SANS/GIAC, when will we have their cert roles? 😛

you'll need to bug Dark about having them added

There actually is a sans role added but only one they’re such speciality certs that it’s a case by case basis

@meager hazel Which ones do you have?

Just GWAPT

Career question for anyone: I'm jumping careers, no formal training, just got my baby cert of itf+. What else can I do to get a job in this? I want to focus on forensics, specifically memory. Feeling a bit overwhelmed and a bit lost.. Is sec+ the next logical step?

get a net+, ccna, or juniper cert to demonstrate you know about networks then move on to the security+. I am located in USA. For other countries you would have to check job postings for your area to see what their requirements are. Keep in mind you can get jobs without certs. I was a network engineer for a telecom company with 0 certs.

when you have cert, they still ask you about those question on your certificate exam. What is the point of getting cert 🤔

its all about getting an interview

@frank chasm create an objective list, learn it, be creative, do project(s), labs anything to just learn more. Dont focus on the next foundation cert u need. Just do lots of hands on practice the best u can

its all about getting an interview
@pseudo creek this x100. I basically ignored certs for the majority of my career. I'd take the classes and have the knowledge /skills to do the work. When I moved jobs it was because an old boss would recruit me so I never had to really "look" for a job. This last go around when I wanted to move full time into security, I had a 5+ years of focusing and working on security projects and environments. I thought my resume was decent but I didn't start getting call backs for higher level jobs until I finished the CISSP. I honestly think it was the single biggest factor in getting into interviews at my level.

@wind fulcrum DevSecOps! Be the security guy on the devops team, work on incorporating security earlier into your pipeline. The sec team will love you.

yes I ignored certs a lot throughout my career, although I got certs 'by accident'... Only certs I ever really purposefully got were CCNA at the beginning of my career and AWS a few years ago, only reason I wanted AWS was to get a job and it worked

Hah at the beginning of my career I got a Novell cert, that was super useful. I actually got a call about 5 years ago from a recruiter who apparently had a 15 year old resume, and asked me if I wanted to take a novell job

I felt bad, I laughed

I've picked up a few since the CISSP, mostly as a byproduct of going back to school. So A+ Net+ EC-Encrypt, ITIL. I've also picked up a couple vendor certs for work and an AWS for funsies

when people find I let my CISSP lapse, they kind of gasp... but I'm like eh, whatever, but I'm also at a point I have the experience so its ok

Thanks for the tips. I'm in a good area for jobs, but also most of those jobs are clearance req, sooo, that's a no go. are things like THM good for the resume? I always here yes and no answers to those questions.

The AMF is getting annoying, I have to get a CCSP in the near future so I'll keep it up for the time being. I feel like the ISC2 certs still have some value for me.

Oy so much to learn and too little in house infrastructure! I feel like I have to set up a Windows CD and some servers, and then a couple of Linux boxes getting stuff via LDAP from the DC. Then I can have what I need to get Splunk or some other security tool running, for blue team stuff. Then collect logs for a while and try to pick up on my own hacking of the systems.

Honestly

if you’re just looking to get familiar with siem and logging I would just look into things like pre compiled scenarios, artifacts, pcaps etc

for example DFIRmadness case 001, BOTS v1,2,3

they can setup much better environments than you could at home if all you’re looking for is to practice

I have my community college learner's permit, so there is still quite a bit for me to learn.

The point of the setup would be to learn to craft detection rules.

I'll have to look into your suggestion too.

What is the minimal level of experience/knowledge/skills required to get a DFIR job at a Junior level?
My only experience is an internship in Cloud Security and I don't know if it will increase my chances.

Look at job descriptions in your area, especially required skill requirements. You'll get a good idea of what they're looking for.

I have a question for my project. How much would you ask for configuration of network per hour? Windows and/or Linux configuration.

I was on £15/hr doing that at 17

Just passed Security+ few minutes ago. Studied less than 7 days

Hey I work in DFIR, PM me if you have any other questions. Happy to help.

@leaden yew

woo! dfir friends!

spooky isn’t DFIR he is DAT - Definitely a Threat

To his side, or the other side?

both

and leave me alone, im an advanced persistent taco

where can i learn powershell

and leave me alone, im an advanced persistent taco
@languid hearth sir that’s my line

where can i learn powershell
@stoic lotus under the wire

Or over the wire I honestly can’t remember which is which

Under.

Over is linux

what is under the wire

Have you typed it into google yet?

yea a bunch of weird movies pop up lmao

nvm i found it

How about "under the wire powershell"

why not search for the microsoft powershell blog

It can be good if you have a specific application and base knowledge of powershell but if you don’t it can be very scattered

@unkempt nova Congrats!

Thanks

what are you trying to learn with powershell?

commands, scripting, security, attacking, defending...

and its Over the Wire

Over the wire is linux

Under the wire is powershell

oh cool didnt know that, figured they added some PS games

https://book.hacktricks.xyz/windows/basic-powershell-for-pentesters @stoic lotus

is there a road map to become threat intelligence in try hack me?

honestly there isnt any threat intelligence content on thm you can request it in #room-ideas @loud marsh

@dark lark means u r installing win ?

ops. I thought Comptia certificate automatically generated if i pass any cert. I need to register another certificate account on https://www.certmetrics.com/comptia/public/firsttime.aspx ?

@lyric temple i mean windows server 2019. Attaching all computers with cables. Configuration of Windows or Linux server.

How much do u earn then?

and depending on your experience, I'd charge $30-$40 hour. My guess is you are still junior, so I'd learn towards $30-$35/hour

@pseudo creek Thanks for help.

From where u learned that?

Just passed Security+ few minutes ago. Studied less than 7 days
@unkempt nova congrats !
what resources did you use in order to take the exam this fast ?

more to the point is how much of that stuff did they already know

you won't have to study exactly the same, but probably less or more, depending on your level

@tropic girder https://www.udemy.com/course/securityplus/, I watched only 2-3 chapters at 1.5 speed. And https://www.udemy.com/course/comptia-security-practice-exams/ practice exam.

This instructor doesn't do too much acting when explaining the topic.

thanks

I want to ask a bit of an odd question. Does having a high rank on a website like tryhackme help you by itself get a job in the security field? I'm a C++ software engineer, and my advice always involves getting your projects and code on github as away to help you find a job. It seems to me websites like tryhackme might be away to do the same thing but for security. I do know that in security if you want a job it's a really good idea to get a certification, but apart from that could you use wargames to help?

it all depends on the perspective of the person whos looking at your application

Yea, If your employer considers and knows and evaluates the boxes you solve on THM or any other platform or even give a peak at it.. He would know because this field is all about practice and learning new stuff.. No one could sure shot become a cyber expert

Thats why people do certs.. to stay up to date with the tech

Interesting, I didn't expect things like THM to matter at all. I'm doing this as a hobby more than anything.
I was thinking a certification provides a base level of skill that employer's can build on to make you a successful productive part of the company team. That's how we think of stuff like CS degree for example.

The platforms are meant to enhance your skills.. They matter to a certain point but only relying on these platforms is not a wise choice... do certs, degrees etc.

it never hurts to add something.

yeap

I've seen job postings that say experience in ctf platforms like this one is nice to have.

Oh don't worry, I know that THM and HackTheBox aren't going to get me a job as a pentester. I was just interested to know if they are even considered at all when trying to get a job.

That's very cool :)

@cosmic ingot Yea true, Thats what i said... doing these things are good but only relying on platforms is not a good choice in my perspective

I didn't say that, just that for some employers it's nice to have

amongst ourselves though, we all know it can only help

yea

I understand. Thanks for answering my question guys :D

I understand. Thanks for answering my question guys :D
@high belfry 👍

Add THM/HTB to the Projects section in a resume.

Will do :) can't hurt even if my job application is for something with computers.

@distant pier So we have to just write THM or add something else with it like no. of boxes solved or level?

Something like Practical hands-on penetration skills training on TryHackMe ethical hacking learning platform. Mention the duration in months.

Ohh.... Thanks 👍

If you really wanna flex you can add your profile badge

@polar rock 💯

I had an interview for an entry-level job yesterday and managed to shoe-horn in my experience with my eJPT and how I could be an asset by being mindful of common security misconfigurations in my daily tasks. He asked me to name a few and I did and he seemed happy with that answer. Interviews are meant to be open ended and you can generally steer them towards what you wanna talk about.

yep, that's very much the first initial screening interview

typically after that you'll have a technical interview where they grill you with all sorts of questions

Im ready 😤

back2thebasics 👀

it was pretty encouraging tho that they didn't really care about me not finishing my degree and were interested in my certs and asked a few questions about them

yeah I still have access to this TestOut Microsoft Client course that has some good interview questions on there for what I'd be doing

yeah, I've straight up asked employers if they wanted me to finish my degree (which was 2 months away from completion at the time)

and they normally reply with "No. We'll want you to start asap"

I wouldn't give up a degree for a job personally

depends on the job

said company was a Fortune 50

Also depends on the school. Leave a podunk university or college if you can start working at a Fortune 50 immediately? Likely worth it. Not as easy a choice if you got into an Ivy League or other uni with recognition that can at least help carry you to mid-career or if you decide to do something like a MBA

Fortune 50s would wait for you to finish school, I think it is harder to go back and a degree will help you

I got a job at a fortune 50 8 months before graduating college, its not unusual for us to hire people 10 months before they graduate

when you went to a no-name community college where most credits wont transfer, they hardly care

ahh if it was community college, I'd say that is different

but I wouldn't crap out on a BS 2 months or even a year before graduating

nah, bachelors is different

but I will say most large companies don't care about community college, it might get you a slight edge but only slight over those with none

I had a friend in college who failed a class his last semester, so he did end up start his job (again large company), although they cut his offer amount... and he had to come back the next summer and complete it

big yikes

I am trying to configure and browse ww.google.com proxychain but every time I'm getting error. It shows every proxy to be timeout or denied. Please someone help mewith this. I want to do this without using tor...

I have no clue where you’re getting those proxy servers from so i would look there first

^

you shouldn't be connecting to random proxy servers as well

the last thing you want is to be connected to the same proxy as some International drug trafficker and have the fbi show up to your house

plus 455 isn't valid for an IP

@bright plover wrong channel

Is CASP+ well respected?

Its a CompTIA cert so theyre all for the most part well respected

In few days i will sit for pentest+ as i already have the voucher for it. Should i study for the CySa+ or Prepare for CASP?

The good thing is if i renew the higher cert other cert also get renwed automatically.

CASP would be the next step

Is it a cert for blue team or red team or mixed? I don't have hands-on skills as blue team

so youre asking for advice to pick between certs and you dont even know what the cert covers?

I would google the certs first and see what you can find

It's ok!

Sec+ - General Security
PenTest+ - PenTest/Management
CySA+ - SOC
CASP+ - Management

I have no clue where you’re getting those proxy servers from so i would look there first
@polar rock I am getting those proxies from the website spys.one

I mean

Those server up times are a red flag if anything

@quasi stream I didn't understand what do you mean by red flag?

dude

getting random proxy servers off a website called spys.one sounds like the sketchiest and kind of dumb thing you could do

@polar rock so where could I get proxies from?

why do you need proxies

To aninymize myself over the Internet

@quasi stream @languid hearth one of you wanna take care of this one I’m not completely comfortable answering anymore

Nae bother

Hey, yeah, no one here is going to help you with anything that requires you to be anonymising yourself over the internet to that extent. There's plenty of paid and actually working VPN providers out there if you're so privacy concerned and unwilling to host your own@outer sand

I'm really going to echo what Spooky said for your sake:

you shouldn't be connecting to random proxy servers as well

if you want to connect to a proxy, spin a server up in AWS/DO/Google Cloud/Azure.

^ if you need anything more then that then you shouldn't be doing w/e your intentions are at all

there's absolutely no legitimate reason you should be connecting to random proxy servers

Ok but atleast help me out to fix that error....

"Denied" and "timeout"

Those server up times are a red flag if anything
@quasi stream What do you mean by red flag?

Ok but atleast help me out to fix that error....
@outer sand The error is very much likely to be a direct result of the services you're using

Red flag = massive warning / don't go anywhere near it

So how can I fix this error?

We're not going to help you fix it

But why?

Oh there's a multitude of reasons. A few that comes to mind first:
A) This isn't appropriate for #cyber-and-careers or #site-support
B) There's no reasonable logic behind what you're doing and why
C) I wouldn't wonder why I wouldn't be able to connect to anything that has uptime %'s of 8-30%

Oh. It's ok.

Thanks for answering my questions

🙂

😂 🤣

Realistically, how long should studying for A+ take?

a month?

took me about a month, 5 hrs/week

Hi

I think im gonna try and get CCNA

how long u think ccna takes? month or two?

two to four months?

theres a lot of theory and labs behind it, more than most certs

It may make time since there are 4 modules in CCNA , I only took the module 2 (Routing & Switching ) It had 10 detailed chapters with labs

i took all 4

im not sure if that still holdz with the new CCNA

Yeah I heard they recently replaced the Routing & Switching one

Hey geekies

Yeah i think CCNA is my next goal since im still unemployed and i just want to continue learning :p already passed sec+ so CCNA and THM for now

https://i.ibb.co/N7sG1VC/Screenshot-from-2020-10-26-16-51-30.png . As the question i understand it is sqli attempt. but i don't see the choice. Should I count it as wrong question?

This is just test exam

practice exam

Did you google all of those options and see what fits best?

I googled it and one of them seems to fit.

@quick forum parm polution

If it's an open book test, that's a good strat

i missed the serviceID has double parameters

@quick forum I just got it from udemy.

Ok, so?

If you want to do it open book, there's a good strategy. IDK what your end goal is here

pentest+ practice

Trying understand how the questions are structured

quick question. how long does it take to get the hand of ethical hacking?

That's entirely dependent on you, everyone learns at a different rate

If you've done Linux stuff and programming and sysadmin stuff before you tend to pick it up a lot quicker

not really. just graduated grade 12, with experience in java,python

boy, its gonna take a long time isn't it?

It depends on how much you practice, how intuitive you find it, how much work you put in

So many variables

^^^

whomst posted it?

Whomst posted? Oh wait my bad

It's just his username

Sorry

Anyway, I wanted to ask about the eJPT. I see a lot of people who talk on here have it. What is it like? Is it a good certification to aim for when you are starting out?

the materials to go with the course use to be free, currently all courses are locked behind a $2,000/year paywall, so it's very hard to recommend them at the moment

Oh shit, that sucks. I don't even have close to that much... I guess I will go with another certification then. If you where starting again which one would you go for right now?

Security+ is a solid start
I've heard rumors that they're introducing a monthly pass for $200, but nothing has publicly been said by INE yet, sooo

Security+ cool! Well I hope they don't do that. That would be a real pain...

Thanks for the help man

from my understanding pts the course material for eJPT will be coming out for free soon per their INe support team. The exam voucher would still be 200

@polar rock Correct. We haven't officially announced it as we're still provisioning extra hardware to handle the expected demand, because it will also include unlimited labs. You can sign up for the INE Starter Pass now and be ready when the labs are added. https://checkout.ine.com/starter-pass - Just trying to give a little pre-notice, so people know what's coming.

@exotic epoch that counts for everyone that used to have access to the pts course? or only people that purchase a new voucher now?

The INE Starter Pass is available to everyone for free!

that's great, thanks

Thanks for pinning that. You rock!

@exotic epoch will it include a certificate of competition or it’s just a training for the org cert

Completion*

Training for the cert. eLS remains a real entity. It's just now solely a cert organization. The training has moved to INE. The INE Starter Pass includes snippets of courses (but not full course) from the INE library of 4 categories... Networking, Cloud Data Science and now Cyber Security. The only exception is PTS. For those familiar with eLS, think of it as having the Elite Edition of PTS with slides, videos, 3 practice black box engagements and labs, but it now it will include UNLIMITED lab time. The only thing not included is the $200 eJPT exam try.

The full INE Cyber Security Pass is an annual subscription that offers access to all eLS courses one the INE platform but now includes unlimited lab time as well. There are plenty of coupon codes and promotional offers out there to fit almost anyone's needs.

Mea Culpa time!

As you can probably see from the recent activity in this server, other Discord servers, DMs, reddit, social media, medium and numerous conversations I've had directly via email (just to name a few), we've heard you and we acted. Hopefully this will start to show everyone that the eLS way of having our students backs has definitely made its way to INE. Could we have planned better? Hellz Yeh! Some things were intended to be released together but just weren't ready. Others were announced based on your feedback. So first and foremost... KEEP THE FEEDBACK COMING! We are all listening and hopefully it's showing that we're working our @$$es off to address as many concerns as we can.

I’m glad you guys are taking action to make training more accessible. The entire community was crazy mad when the announcement first came out

Thanks

Did we lose barebones access for ejpt?

we get it back with the starter pass

The most important piece of feedback you may receive (may have already received) is probably that INE should add a monthly subscription plan

@polar rock It may not seem like it, but it was always our intention to make PTS Elite (minus exam) free for all. In fact, the Starter Pass was available on the same day as the Cyber Sec Pass launch webinar. It just wasn't quite ready. We'll take that one on the chin. It's available now just without labs for the moment. We're building up the backend for the expected capacity and performing some additional tests. Deadlines!!!! Argh!!

pls extend the 40% offer deadline for previous eLS students if ya can, just received that offer today and considering it

@quick forum Depends what you mean. If you have PTS Barebone now on elearnsecurity.com, nothing has changed and no one is forced to move to the INE platform. If you want barebones plus videos, go signup now for the INE Starter Pass. I don't have an ETA and don't want to rush our devs, but the full Starter Pass with PTS Unlimited Labs will be available in a matter of days. 🤞 So if you sign up now, you'll have it the second it's ready.

@cosmic ingot Just as we did with eLS, we always had your back and always helped those in need. Feel free to contact support and ask for anything that might help you, be it payments or discounts for veterans and students.

On the other hand, you're hackers in training. Do a little OSINT and you're sure to find those options already out there in the wild. What? Huh? You didn't hear that from me! 😉

@exotic epoch will all trainings get videos now? the one major complaint was the amount the courses cost and it was basically just a PowerPoint presentation with a couple videos

@polar rock INE courses are video heavy. So that's one thing that eLS could do better, and that part of the INE culture will definitely bleed into the eLS courses.

Very nice, some sections can be very dry depending on the course it’s nice to have accompanying videos

Thank you for answering all of our questions! @exotic epoch

Cheers!

I've offered to several Discord servers the opportunity to do an AMA if they so desire. Offer is extended to you, too. We've had a great time partnering with TryHackMe for webinars and contests. Very open to continuing with INE. If open to the idea, I'm sure I can come up with a prize of at least one full INE Cyber Sec Pass. 🥳

ayy

_please subreddit AMA reddit is literally made for this pls @undone shore we need more subscribers _

Ahaha, I think that's a @gray reef thing, but that's a very generous offer. Thank you @exotic epoch 🙂

_please subreddit AMA reddit is literally made for this pls @undone shore we need more subscribers :PepeHands: _
@rugged sable You meaning use the subreddit to ask the questions, then?...

@undone shore let me reply in lead 🙂

Go for it 👍

Just spoke w/ Dark, he's down to do it at some point

Feel free to DM me. The THM founders also have my email and mobile number, as we've done projects in the past. I totally dig those guys!

Just spoke w/ Dark, he's down to do it at some point
@languid hearth Just debating with Bee over platform 😆

I need some feedback rq

excuse me

hallo

You are excused

I prolly think this question has already been asked and answered

Shoot

but does INE's Cyber Pass include the standard free voucher like it did when you bought a single course? (Full or Elite)

or are they sold separately?

likely not

exam vouchers are seperate

Likely not, as we don't represent INE we can't say for sure

Ok ok, and also: Can it be paid by installments? or is it a 1-time yearly payment?

currently 1 year

rumor has it, monthly passes will come eventually

Alright, thank you very much, I guess I'll stay tuned for other news

Im writing a server-client(tcp) program using c++,what can i do to add more security to it?

blow it up

I mean that would add security to it

https://www.offensive-security.com/pen300-osep/?utm_campaign=pen300_launch&utm_medium=email&_hsmi=98344026&_hsenc=p2ANqtz-8U0hvso6QRKsGPxqp2MYxdQ7xlnvz8yvdRZonJY-Xn9eOIJ__azrWqdv0cYBFB1rMC8-gXknTGc8Fn1pz7lvvFmfBILyl0Dx3YgKqn2WFZi86Rn90&utm_content=announcement&utm_source=hs_email

just saying, Throwback will be great prep for this

#PayHarder

keep up the offsec roast, mayor 😛

It's $1,300 at it's cheapest.

Have fun with that.

It's 1 of 3 for whatever the new OSCE is; you still get a certification for completing the module

Yea, I misread some.

Still, #PayHarder.

Do any of you have a criminal record and if so how has it effected your path to Cyber Sec?

@warm hinge I have a background in law, not in cyber, and I can say that it really depends on what the crime was

It's likely to affect clearance probably?

Also age at which the crime was commited and country of course

That is good to know, so it's purely circumstantial.

I can give you better advice if you tell me which country/jurisdiction you're in, like I said it depends. If the crime was commited as a juvenile I wouldn't worry about it. Mostly the corporal (physical) can give trouble, even if relatively minor. White-collar crime is a lot less troublesome.

If it was regarding a threat I wouldn't worry too much

In the US, even if you don't work for the Gov, your job may require a clearance or 'highly desired'. There are lots of companies that contract to the USGov

I think one of our friendly recruiters said that in the UK, companies that contract to the gov want a clearance for everyone

just be aware, that doesn't mean you can't find a job

Security clearance levels have scaling harsher requirements

So for entry level stuff I wouldn't worry about it, even then the context of the conviction might be important.

should be ok then

thanks for the reply

So entry level is BPSS for example, I don't think death-threath will form a problem there. As you move-up in the chain and show that you pose no threat, I don't expect it to affect the futrther vetting process either, maybe only for the highest forms of clearance but once you get to that point you will have connections that can help you with it (same as with the other types of clearance).

@warm hinge honestly thanks very much for the feedback, means alot.

No problem! I still like to do some law work on the side and it is something I enjoy. If you have any other questions feel free to contact me in private.

I will, thank you. 🙂

A lawyer named Beethoven. Instead of composing the 5th, they can explain how to plead the 5th. 😉

how did yall study for the A+?

https://www.youtube.com/watch?v=2eLe7uz-7CM

this was a pretty good video

@warm hinge It will also depend on the employer. I know a guy who is a pen tester, and has been working in the field for 8 years or so. He has one ding on his record from 15 years ago and a bank would not consider him. On the flip side he has had no trouble getting jobs other places.

Which is the first certificate you should get when going on the Cyber-Sec path

Look at what employers in your area are asking for

I was thinking that there is more of a general must have type. So certificate X is a must have for anyone interested in this field

@frigid niche yeah it's a funny one tbh... I mean they can either employ you are you could potentially become their problem. I could understand being knocked back due to it being related to computer miss use but for something trivial it seems unfair to cancel. But hey cancel culture is huge these days.

I don't think cancel culture applies to Corporate Hiring practices. It had more to do with needing to jump through some hoops to get him a waiver to satisfy a legal requirement.

Ahh I see.

MidWarzBot, it really is going to be geographically dependent.

I personally feel that security+ is the must have first certification

Its a cheap and well respected certification and if you look at a majority of professionals in the industry will have their sec+

And if you nothing else you'll learn a ton studying for that cert

Even the type of fire extinguisher to use if your datacenter catches on fire

I would be the cause of the fire.

I wonder how well pure water would work for putting out fires and not screwing up the electronics.

we never used it but when I worked in a data center, we were told absolutely no one could be in the room when it was deployed as it is harmful to people

Halon?

Yes, Blue Halon depletes the room of oxygen, by which a fire has no chance. Neither do humans.

Thanks for the answers. I did not know that it is so dependent on the location you are in. I will look into sec+ first and I'll see from there

@rugged sable hi

Hello, does anyone know how to turn EXE files into clickable links?

what are you trying to do?

@warm hinge if you are trying to execute something, i think there is a way to do it with PNG files once you open them

Hm

@wary sonnet how i do it

?

i mean

thats a google question

@stoic lotus use the professor messer videos

the PTS materials are available on INE now if you have the free starter pass if anyone is interested

And eventually unlimited labs.

I was really on the fence about OSCP vs eCPPT in light of everything going on but your response to the community has definitely been encouraging enough for me to stick with you guys 🙂

https://tenor.com/view/bruce-lee-bow-master-smile-gif-12365468

Hey, I passed pentest+

Congrats!

@undone shore slap a role on this dude

Thank you! Perhaps i should prepare for oscp instead of CASP+. From Comptia i have sec+ and pentest.

How was Sec+?

Sec+ is not too bad i recently passed as well

ive been interviwed an accepted to a telecom service provider for SME certification

the thing is

should i take net+ comptia to enhance my skill?

though my first priority is to become a cybersec

do you have networking knowledge?

yes, im current taking a telecom sys course and has been assigned to an attachment periods of 6 months for SME cert

quite similar to net+ comptia but only the fundamentals and theory

also our courses has on-hand skills on setting up a network and enhancing basic security such as firewall, vpn configuration etc

i do believed my course is still lacking on advanced understanding of ip, tunneling and a few bunch

I’m not sure, CCNA is usually pretty comprehensive if you want more of a deep dive and could be helpful for career advancement

Telco is usually more on the physical side with some basics like you said

Telco is usually more on the physical side with some basics like you said
that is true, our course is primarily focused on practical sides with only fundamentals

It sounds like a good foundation though

CCNA, ill do my research on that

thanks mich Zojja

Good luck

What would youse guys say holds more weight, in the Cybersecurity world CISSP or CASP? I have to get one of them to qualify for a new job.

I’d say CISSP

Comptia Linux+ will be automatically renewed if i have pentest+?

Cissp well known than casp but it requires 5 years experience which made it a harder exam.

if its a higher level cert, yeah

anyone taken the OSCP cert? Any advice?

it should take about 12-16 hours, life is a factor they take into account. 2-4PM is a pretty good start time so you can work in the evening, wake up in the morning and have a fresh mind. Try to limit yourself to 30 min per box if you get stuck. Leave no stone unturned. Eat a good breakfast, have snacks on standby, have water on standby, reset the machines before doing then or if you think you may be missing something. You've got plenty of resets. Write the management portion of the report before hand. You'll save yourself a bunch of time.

@languid hearth you're a snack can I eat you during my oscp?

@unkempt nova the CISSP experience reqs were pretty lax as to what they considered experience. You can apply security to most any IT job function. Did you manage user accounts? Did you manage file / share permissions? Did you manage routers with ACLs?

@stoic lotus Professor Messer was a great resource, I've heard the Mike Meyers videos mentioned above were really good as well.

I started my OSCP exam at 7am, which I kind of hated because I had to use an alarm for the first time in several years. But kind of grateful; was able to finish the exam that day and could wake up the next day just having to worry about the report.

@meager hazel You finished your exam?

or took break for a discord chat? 👀

No that was months ago… just commenting on the past OSCP discussion

@meager hazel the real question here is why have you not been using an alarm for so long. Do you have a cat?

Nope, but guess my parent's dog was my alarm whenever I stayed over

@meager hazel either that or it's your superpower lol 😄

I wake up pretty early naturally - depends on season - and tried to structure my life so I don't have to be anywhere super early

Quick one. Although I love CTF as a hobby and wrk in IT already. I will admit to looking at some formulated exams and courses that I could follow. I noticed that we have the pentesting CompTIA exam on there. Maybe something to look at but as I see no required pre-reqs would it still be worthwhile doing their Security + Any comments appreciated 🙂

I have Security+ but have not taken the PenTest+ exam; I have watch a video course for it though. At least for me I found Security+ very useful since only half my job is pentesting, the rest are different infosec-related tasks that I feel I have an easier time doing because I had the breadth of knowledge from Sec+ (ie all the cryptography stuff)

@meager hazel Thanks for that.

Security + and pentest + are pretty different from my understanding I think it is beneficial to take sec+ but it’s really up to you u

@polar rock Cheers

What major differences are there in security + and pentest + ?

@lofty apex
https://www.comptia.org/certifications/security
https://www.comptia.org/certifications/pentest

Security+ is more foundational knowledge pertaining to the whole of security. Pentest+ is more specific towards offensive security and what entails doing a pentesting engagement. @lofty apex

Gotcha !

im unemployed atm should i just settle for a help desk job and keep looking for a infosec job while employed?

recorded experience will never hurt you

it'll help you develop some soft skills as well, which is very important

For sure i was hoping with my certs and stuff i can get more of like a sysadmin pos but its hard w/o more experience or CCNA or something

I just wanted something next level from help desk as well haha

but help desk is excellent foundation

Yeah my previous job was help desk at at an airline and i despised bc of how busy and little i could do

this one is at an msp so maybe i get to do more hands on stuff hopefully

Anyone taken pentest+ yet?

It's going to be on the books for me in the next few months

I was hoping that it would be a nice transition to OSCP

@coral niche yes

Anyone taken pentest+ yet?
@coral niche same here, before the end of the year I want to take it. Now busy with the pentest+ path here

Hello there

I'm about to graduate and I'm trying to put together a resume that focus on cyber security, however I feel I have to much information to put on it. I guess I can't put all the software I have been using during the college

Do you have any suggestion on how to make a good resume that focus on cyber security as an entry level?

Also, should I include that I'm a full-stack web developer too?

Don't focus to much on specific software IMHO, unless it's something specific and specialised, like eg. Autopsy

If you mean nmap / hydra etc, I don't think these tools have a place on your cv

Like I have been studying and using a lot of tools including Autopsy, FTK Imager...etc

Wireshark, network miner

Also the Web dev part is a must-include if you want to specialise in Web hacking

I also used tool to pentest webapp

scan the network such nmap...

Yeah no, don't put nmap in your resume. As for the rest, there are people that can give you better advice than I can

I'm trying to find a sample resume as cybersecurity level position but I'm having an hard time. Should I put my skills by sections? such like "Packet Analysist, Pentesting....etc"?

with a brief description for each skills section?

Search for cv / resume in this channel, you can probably find something relevant

Also, the resume is for find a job in the States

since I'm from Europe I already have my resume from there, however, I know here the resume looks slight different. Some people suggested me to don't put any graphics or graphs that shows my skill

You're going to get varied advice when it comes to writing your cv

Always good to keep it machine parsable

Still, search this room

yes, I'm looking into it and I already found some examples

If you're not a US Citizen/Resident, you might have a hard time finding a job in the USA. Many jobs explicitly mention whether they are unwilling/willing to sponsor a L1/H1 visa permit to work in the United States.

I'm actually in the OPT program (for students who just finished the college)

Hopefully I will find a job, otherwise I will need to keep studying o get back to my country. Welcome to the States lol

So you have a student visa?

yes

I have been investing a lot of money to live and study here

getting into IT will be easier as a non-citizen than security

security is a career track in the US that heavily favors US citizens

Also my area of expertise is as full-stack web developer (I have been doing it for more than 10 years)

and you can't get a sponsor for that?

with the OPT I'm allowed to work only 1 year

after 1 year, my plan is to go back and study 2 more year

s

Also, do you suggest to put then GPA and honors that I earned?

and you can't get a sponsor for that?
@pseudo creek How I would get a sponsor?

I really don't know where to start. My college didn't really help me out on all of these informations

I mean, if you are in the US, you can try to apply for jobs that don't specifically require US citizenship and hope that one of the companies will sponsor you

but for jobs in security, that will be a stretch

maybe I might know some connections

Your options would be L1 which is a 3 year permit, or H1, which is a 6 year permit. L1 is a lot easier to acquire through a sponsor. It can be renewed once for an additional 3 years. After that, the only option is to start applying for a permanent residency (greencard).

I don't think I'm allowed to get the L1

The international students coordinator told me that after the OPT I must go back studying because the company wouldn't be able to sponsor me

Talk to an immigration lawyer, would be my advice.

Ok, I will definitely take your advice as a must step to do once I got my resume

if I don't find a job my only option is to go back study

but I would like to find a job and get some practice first

Wait; is cyber security better in the US?

I'm trying to become a security analyst or CIO, heard it was good it something

...and I'm interested in that

Well what is "better" for you? Like US work culture can be very different from European as one example, so it might not be better if you prefer the latter over the former

If better == mo' money, then likely yeah the US is better

Mo money, crappy health insurance, more hours, expensive homes

I'm trying to become a security analyst or CIO, heard it was good it something
@lost token I would like to point out that security analyst and CIO are apples and bungee cords. A security analyst has a well honed skill set for the particular type of analysis they are doing and may branch out into other very hands on areas that compliment their specific job function. A CIO, on the other hand, might have limited or obsolete technological knowledge. Mostly, they have a high level understanding of technology and how things connect, but they rely entirely on experts to feed them information needed to make decisions. Mostly, they are there to organize, ensure their teams have resources, and interface the tech departments with the c-suite. In other words, most CIO's can talk the talk, but not walk the walk.

To be blunt, it sounds like you're fishing for a job that will make a lot of money and that's enough to keep you happy. If that's the case, cybersecurity, information security, and IT may not be your best option. The security disciplines, in particular, require never ending learning if you want any hope of making good money doing it.

couldn't have worded it better myself

Yeah, well put @frail pewter A CIO is more about Security governance and maintaining the security program from a compliance and risk assessment perspective, tied to business impact. CISM certification level type of work.

Finally got a full time job 🙂 still help desk but will keep working toward CCNA and get into infosec :p

Help desk is where I started 🙂

You can also get some of the low hanging fruit like network+, security+ and CySA+ from CompTIA. The advantage there is that it's vendor neutral.

Yeah i have net+ and sec+ :p

and like 2 years exp in helpdesk

Admittedly, I skipped net+ lol .. What are you gunning for cybersec?

err.. infosec

Yeah id like to move into security haha

What specific area though?

Hm id like to do incident response

That can be a lot of fun 🙂

Have you looked at GIAC certs?

https://www.giac.org/certification/certified-incident-handler-gcih

I have not oo

which one would you recommend

sans/giac has some pretty good programs. As I recall, most of them tend to be pretty focused on various roles.

I went a different path, so I haven't done the GIAC stuff yet. But it really depends on what you're working towards and what you already know.

Here's the roadmap/full list of certs they offer ...
https://www.giac.org/certifications/get-certified/roadmap

oh dope ty

incident handler is the lowest cert in the offensive security category. I would imagine your sec+ probably covered what's in the Infosec fundamentals cert, so you should be good to do any of their intermediate certs.

like te gsec?

Yeah. Though, you may want to look at the cert objectives too. You might have already covered a lot of that one too.

Maybe check places like udemy and professor messer (spelling??) to see if they have any course for the cert you're interested in, get a feel for if you already know it or not.

yeah i might look for the GCIA or something

That could be a fun area 🙂

2k for cert yikes

lol

Some of them get expensive. But remember, certs should prove what you know, not be the course that teaches you. Find out what the goals and expectations are and start learning. If you just jump in and start getting certs, you'll end up with a bunch of dried out alphabet soup after your name.

A lot of companies will reimburse the cost of certs too .. so you might want to find out what kind of education assistance your company has.

Yeah im def gonna look into that! thanks !

update time see announcements

waiting for it,too 😄 got root flag need to submit

guys why wont the https://tryhackme.com/jr/introtoshells work yet?
@ashen geode What do you mean won't work?

nah it works now thanks. and sorry for posting in the wrong section

Perfect

Enjoy!

Guys are there any other bodies that give out security certifications except Comptia and cisco?

Uh, yeah?

Tonnes

Offensive Security and eLearnSecurity are common ones

I thought they were the only 2-_-

Sans is expensive, but has really good content

haha a lot more

CompTIA falls way behind those three

SANS, Security Blue Team, ELS, Offsec, Juniper, Fortinet, Microsoft, AWS, Azure

do I need to continue?

Is there a list or something i can check to see what i would benefit from?

Cisco is very specific, but CCNA is really useful

😅

There should be actually

Theres a chart somewhere with a lot of them

just no clue where it is

^^

Ah rip.

Thanks though.

this same chart has a lot of different forms but that's generally it

just google cybersecurity certification chart

@polar rock i think you’re way better than dank memer👀

CISA, ISC2, SANS, Comptia, OffensiveSecurity are common security ones, then you got AWS, Microsoft, Google, Cisco, Juniper, Palo Alto, RedHat, Linux Professional Institute, Docker, etc for various IT certs and then you have some emerging ones like CSA (Cloud Security Alliance), eLearnSecurity and probably others

https://www.reddit.com/r/tryhackme/comments/jll7ec/anyone_pass_pentest_after_completing_the_pentest/

if anyone has done this

interested in knowing too 😄

If I were to take a security distributer what would be worthwhile between sans,comptia,offensive security? @pseudo creek

if you got SANS money then go for that, pretty much the gold standard in the industry for training

yeah if you got SANS money, get a SANS class/cert

holy shit.

7k

welp, don't think i can afford that. any suggestions between offensive security,comptia,cisco ccna security? they seem reasonably priced?

@ancient prairie

Anyone know WGU alternative online university that accept foreign student?

It depends on your background but I would always recommend the foundational 3 from CompTIA for everyone in IT (Net+, Sec+, A+)

Cisco stuff is great and will always guarantee you a job, but is very advanced and I heard the exams are pretty difficult

OSCP has become the barrier to entry for most InfoSec jobs so be prepared to take it eventually

gotcha.

Thanks for letting me know. I managed to get most of the Comptia courses

@ancient prairie

Nice! If you have a little extra cash to spend I would also recommend using TestOut Pro for Sec+ and Net+ (you can pass A+ easily with free resources) they are about $100 and have a really good training platform imo

So I’d disagree slightly, there is a lot more to infosec than penetration testing and OSCP is not a barrier to entry for most security jobs but if you want to do red teaming/penetration testing, it’s highly recommended

And CCNA is a good entry level IT cert and will help you break into IT and good knowledge for security

Overall, I think people get a skewed view of security because penetration testing is highly advertised but I’d estimate it’s like 1% of the possible cyber security positions

There should be more red team stuff, not all companies have pen testers or red teamers. Most companies have blue team positions, even if it is one manager to deal with the SAAS vendor they use for security, and doing some of their own auditing.

I mean 'it depends', the need for other security professionals is higher than red teamers for companies with internal staff. Like my company has approximately 2000 security people, not counting those dedicated to classified security. Those who work for red teams is very small portion of that.

Which area do you work in @pseudo creek ?

Which area do you think is worth it, which area is overhyped, etc?

I work in security architecture. I was lucky that early in my security career (I had been in IT for a few years prior), I was able to try out a bunch of stuff. DFIR/IH, a few red team exercises, etc. Overall, I liked coming up with secure environment designs so I went into that area.

I don't know overhyped, I just think that red teams/penetration testing is advertised a lot more than others because it is more concrete. But a lot of things that platforms like THM and others teach you are good for all areas of security. Programming, unix, windows, networking, how systems can be attacked, etc are good to know.

As which areas are worth it? I mean we need people in all areas. Some people love making policy, some people love compliance. Others like installing/configuring security appliances. Others like monitoring and coming up with ways to find better ways to monitor. So I think it is a bit of trying things out, seeing what you like and you aren't stuck in one path if you choose it and then decide to do something later.

I work in security architecture. I was lucky that early in my security career (I had been in IT for a few years prior), I was able to try out a bunch of stuff. DFIR/IH, a few red team exercises, etc. Overall, I liked coming up with secure environment designs so I went into that area.

I don't know overhyped, I just think that red teams/penetration testing is advertised a lot more than others because it is more concrete. But a lot of things that platforms like THM and others teach you are good for all areas of security. Programming, unix, windows, networking, how systems can be attacked, etc are good to know.

As which areas are worth it? I mean we need people in all areas. Some people love making policy, some people love compliance. Others like installing/configuring security appliances. Others like monitoring and coming up with ways to find better ways to monitor. So I think it is a bit of trying things out, seeing what you like and you aren't stuck in one path if you choose it and then decide to do something later.
@pseudo creek Really helpful, thanks

It's also important to point out that there is high mobility in security. Just because you start down one path, doesn't mean you can't pivot down the road. Often times, your experience in one area can be useful in others.

hey I'm new here but I found a useful website https://pauljerimy.com/security-certification-roadmap/

Guys are there any other bodies that give out security certifications except Comptia and cisco?
@warm hinge

after a while, certs stop meaning things

you see that once you're a 3x SANS guy

the courses you take mean more tbh

ask your question!

oh

bye

👋

No sorry i didn't type the whole thing, going to type it now i pressed enter by mistake!

Hey, just wondering if anyone could give me any pointers or advice. I've just finished my Bachelors of science in Cyber Security and Penetration testing, only we didn't really do much hands on stuff because our professor was really really lazy. I've done basic things like scanning etc searching for vulns and that's about it.

But recently i've been more interested in the Blue team side of things when reading up on it and have been looking at some jobs as a Cyber security analyst. Could anyone give me any advice on any resources online that have helped them in this direction? i want to get some experience with programs used in the field so that i can apply for these jobs because currently i'm being told i'm unexperienced (plus there are not that many junior or graduate roles in my city for this, they just want people with experience).

tl;dr Can anyone point me in the right direction for Blue teaming materials and resources on current programs used in the field.

so you can go a couple ways depending on budget

THM is working reallllly hard to get out blue team content including an entire blue team path

Ah that's cool! that would definitely be interesting.

Elearnsecurity and INE have some good options for dē-fer-kän including eTHP and eIRC

If you have the budget SANS will be the best you can do for dē-fer-kän they have some amazing content on it and is the gold standard but the price is pretty heavy

so a couple budgets there you can choose from but theyre all good options

Yeah i definitely don't have that type of budget, the company i worked for before i was made redundant was going to pay for my certs, but you know.. covid..

the ELS route could be ok, i was checking out their eJPT course a few months back and it doesn't look like it would break the bank and it's definitely something i would pay for or even get a loan for because it would help me in the long run

I'm guessing the eTHP was supposed to be eCTHP

Im taking eTHP right now its pretty amazing

Hmm, can't find that on the ELS site

yes because INE decided to nuke all of ELS

Oh

you cant buy indivual courses anymore

rip?

you have to buy a year long pass for 2000$

lol

no chance for me then

ffs

you can start with something like Splunk Fundamentals 1

its free

and wait for us to get out some blue team rooms

I know of two rooms that are supposed to come out this week

nice

thm also has some great stuff on malware analysis

i'll check out Splunk

and a few things on DFIR

thanks

np

Wait...

waiting

hello

Some splunk hunting boxes are coming?!

oh

not me haha

there already is one

I'm a mini ninja, awesome sauce!

https://tryhackme.com/room/bpsplunk

I'm weaing my BOTS shirt now haha

were working on getting out a lot more blue team content though so be on the look out

Awesome sauce!

That's so annoying about eLearnSecurity one of the good things about them was that you could buy courses individually and the prices weren't that outrageous

from what I can see, they did a bad job at targeting the enterprise market

:/

I mean so actually this option in the long term is cheaper

Elearn courses were about 1600$ each

it's still more money than most people can shell out immediately for a course

Hmm the course i was initially looking at eJPT was only £399

its now free

for the training

and 200$ for the cert

Free?

But you have to pay $1999 for an annual pass to access the content?

https://discordapp.com/channels/521382216299839518/707992725646999553/770405986212904971

Ohh, thanks for the link

So i could do the eCTHP for free and pay for the cert?

no

just the eJPT

the start pass is only eJPT

yep

ah

that's still something i would be interested in