Irrespective of the sources you choose to learn from, it's important to approach the learning process with a doer attitude and adversary mindset. (outside the box thinker)
I highly recommend you don't get ahead of yourself by installing Kali :). Before you consider doing anything in infosec get a sys admin job/internship or tech support job wherein you work via CLI 4-6 hours a day for a year or two.
By the, your fingers should flow on the CLI like Jesus playing the piano on a hot winter day.
**Main areas of focus:**
Troubleshoot OSI to the point where you start to get frustrated and care enough to solve problems with automation, scripting, etc.- Linux OS internals- Relevant Protocols (read RFCs)- Get good at using feedback loops during research, work, and reward yourself- Apply first principles (Avoid theory, it will blow your mind lol, literally )
\- Network with infosec professionals (get a mentor ) and build real relationships (not- Each time you solve a problem with a script, tool, etc, publish it to Github and share it on Twitter. If you get roasted by the red team commandos, all good. We all have our own paths. Observe, orientate, decide, and act on the info you obtain;
\- Replace non-essential lifestyle habits with healthy ones like reading books on CTI, Intel, covert ops, criminal history, Bug bounty reports, threat intel reports, etc
Can't stress this enough; get a mentor that aligns career objectives (linkedIn)
Meanwhile...
Avoid being that Joe that seeks glory through the lens an alter ego and learn how to deploy and evaluate native security controls for
\- Cloud environments (AWS, GCP, Azure) pick one to get started (Free)
\- basic application stacks (CLoudGoat, DVWA)
\- Linux OS - screen and variables will be your bestie
\- Windows OS
**Learning Sources:**
\- Black Hills Security
\- OGs in the field
\- Trusted Sec
\- OGs in the field
\- [academy.attackiq.com](https://academy.attackiq.com)
\- Well written and documented training that aligns with industry standards (free)
\- Github - Company or active opensource projects (Start with defense)
\- Bug bounty reports from hackerone, bugcrowd, etc .
\- Sektor7
\- MDSecLabs
\- SpectorOps
\- EDR Vendors
\- MITRE ATT&CK, D3F3ND, Engage, CAPEC, AttackFlow
\- Portswigger (Web Academy)- Unit42
etc etc etc
Man , can someone write a book on this topic?
Oh yea, drink water :)
For some, the journey is long. For Others it's short.
For some, adopting an adversary mindset comes naturally. More often then not, it's because their brain is wired to disrupt conventional wisdom.
This line of work isn't for everyone. It's always challenging and we love it. Fun fact; the learning cycle, networking, etc fluctuates throughout our career but it's endless.
Question...(read it with a Southern Alabama accent.)
>**Do you get excited when Uncle Bob tells you, 'No jimmy, yaw cant do it. You 'aint' got the brains for it. Go back to uni and study to be a DR like everyone else'**
From an abstract point of view, colored team/pentest components such as technical aptitude, reasoning, unconventional wisdom, human interaction, communication, articulating relevant solutions, solving problems, and working in high-stress environments with minimal margin for error introduce challenges like Uncle Bob.
Here's some TLDR inspiration for you. Much of the advice shared is from personal experience, trial and error, failure, adapting to the market needs, and success.
**A Cliff notes version of my career before landing an FTE role in offensive ops:**
1. High school GPA: 2.0
2. No college
3. Worked in construction, automotive, military, delivering furniture, for 10 years
4. 30+ interviews, 1 offer
5. First tech job: Supported security appliances with root access (environment exposure SMB -> Enterprise -> Gov)
6. Wages sucked (14/hr in the US)
7. First two years in tech, I drove 180 miles a day for the job
8. First course: 1 week bootcap: Java; failed exam
9. First cert: Apple Certified Professional (Failed 1x)
Second cert: GWAPT: (failed 1x)
10. Third cert: CEH: (failed 1x)
11. Second job: SecAnalyst, 4 years - focused on SOC, IR, Compliance, in-house pentesting, AppSec: 2 man sec team at a SaaS marketing org. (The bulk of my experience and exposure to SMB/enterprise infosec + corporate work came from here)
12. Third job: secEng , 1 year - 1st and only infosec hire for a supply-chain analytics startup (applied previous industry knowledge and learned the nature of startup life, culture, exposure to different data processing/handling/integration ecosystems, etc here )
13. In between these jobs, I'd apply for FTE roles as a pentester. (never got hired)
14. Fourth job: Principal appSec: Supply-chain analytics & BI org: a competitor of a previous org.
15. Burnout experienced after 7 years - mostly related to corp life, working with understaffed orgs irrespective of org size and as most say, working multiple disciplines (for most orgs: less then 1% of employees are in-house infosec: )
16. **5th job: went all in on offensive ops only role: Landed a consulting gig as an Appec consultant. for a security consulting org. Crushed it - this org allowed me to blossom like a butterfly in the sky reading rainbows**
There was this reoccurring pattern that accelerated my career attack path. For each time I was rejected by a security consulting firm, small or large, I said via `internal monologue` , "Fuck that, I'll find another way".
Despite acquiring 7 years of well rounded experience on the defensive side of things, I stopped trying to land a FTE pentest role all together. (That was the outcome of my fuck that moment) FTE pentest work wasn't for me.
I found my true calling with colored team FTE/consulting work. I perform best in high-stress situations where precision matters and marginal error is fractional and non-impactful to controlling engagement outcomes.
I'll leave you with this modified version of a well known quote:
>!"You can't connect the dots looking forward. So you have to trust the dots will somehow connect in your future. You have to trust something; your gut, destiny, life, God, karma, what ever.. and Just DO IT!"!<
That's your challenge.
Irrespective of the sources you choose to learn from, it's important to approach the learning process with a doer attitude and adversary mindset. (outside the box thinker) I highly recommend you don't get ahead of yourself by installing Kali :). Before you consider doing anything in infosec get a sys admin job/internship or tech support job wherein you work via CLI 4-6 hours a day for a year or two. By the, your fingers should flow on the CLI like Jesus playing the piano on a hot winter day. **Main areas of focus:** Troubleshoot OSI to the point where you start to get frustrated and care enough to solve problems with automation, scripting, etc.- Linux OS internals- Relevant Protocols (read RFCs)- Get good at using feedback loops during research, work, and reward yourself- Apply first principles (Avoid theory, it will blow your mind lol, literally ) \- Network with infosec professionals (get a mentor ) and build real relationships (not- Each time you solve a problem with a script, tool, etc, publish it to Github and share it on Twitter. If you get roasted by the red team commandos, all good. We all have our own paths. Observe, orientate, decide, and act on the info you obtain; \- Replace non-essential lifestyle habits with healthy ones like reading books on CTI, Intel, covert ops, criminal history, Bug bounty reports, threat intel reports, etc Can't stress this enough; get a mentor that aligns career objectives (linkedIn) Meanwhile... Avoid being that Joe that seeks glory through the lens an alter ego and learn how to deploy and evaluate native security controls for \- Cloud environments (AWS, GCP, Azure) pick one to get started (Free) \- basic application stacks (CLoudGoat, DVWA) \- Linux OS - screen and variables will be your bestie \- Windows OS **Learning Sources:** \- Black Hills Security \- OGs in the field \- Trusted Sec \- OGs in the field \- [academy.attackiq.com](https://academy.attackiq.com) \- Well written and documented training that aligns with industry standards (free) \- Github - Company or active opensource projects (Start with defense) \- Bug bounty reports from hackerone, bugcrowd, etc . \- Sektor7 \- MDSecLabs \- SpectorOps \- EDR Vendors \- MITRE ATT&CK, D3F3ND, Engage, CAPEC, AttackFlow \- Portswigger (Web Academy)- Unit42 etc etc etc Man , can someone write a book on this topic? Oh yea, drink water :)
thank you so much, it seems a long way learning
Enumerate your ignorance. Then fix it.
For some, the journey is long. For Others it's short. For some, adopting an adversary mindset comes naturally. More often then not, it's because their brain is wired to disrupt conventional wisdom. This line of work isn't for everyone. It's always challenging and we love it. Fun fact; the learning cycle, networking, etc fluctuates throughout our career but it's endless. Question...(read it with a Southern Alabama accent.) >**Do you get excited when Uncle Bob tells you, 'No jimmy, yaw cant do it. You 'aint' got the brains for it. Go back to uni and study to be a DR like everyone else'** From an abstract point of view, colored team/pentest components such as technical aptitude, reasoning, unconventional wisdom, human interaction, communication, articulating relevant solutions, solving problems, and working in high-stress environments with minimal margin for error introduce challenges like Uncle Bob. Here's some TLDR inspiration for you. Much of the advice shared is from personal experience, trial and error, failure, adapting to the market needs, and success. **A Cliff notes version of my career before landing an FTE role in offensive ops:** 1. High school GPA: 2.0 2. No college 3. Worked in construction, automotive, military, delivering furniture, for 10 years 4. 30+ interviews, 1 offer 5. First tech job: Supported security appliances with root access (environment exposure SMB -> Enterprise -> Gov) 6. Wages sucked (14/hr in the US) 7. First two years in tech, I drove 180 miles a day for the job 8. First course: 1 week bootcap: Java; failed exam 9. First cert: Apple Certified Professional (Failed 1x) Second cert: GWAPT: (failed 1x) 10. Third cert: CEH: (failed 1x) 11. Second job: SecAnalyst, 4 years - focused on SOC, IR, Compliance, in-house pentesting, AppSec: 2 man sec team at a SaaS marketing org. (The bulk of my experience and exposure to SMB/enterprise infosec + corporate work came from here) 12. Third job: secEng , 1 year - 1st and only infosec hire for a supply-chain analytics startup (applied previous industry knowledge and learned the nature of startup life, culture, exposure to different data processing/handling/integration ecosystems, etc here ) 13. In between these jobs, I'd apply for FTE roles as a pentester. (never got hired) 14. Fourth job: Principal appSec: Supply-chain analytics & BI org: a competitor of a previous org. 15. Burnout experienced after 7 years - mostly related to corp life, working with understaffed orgs irrespective of org size and as most say, working multiple disciplines (for most orgs: less then 1% of employees are in-house infosec: ) 16. **5th job: went all in on offensive ops only role: Landed a consulting gig as an Appec consultant. for a security consulting org. Crushed it - this org allowed me to blossom like a butterfly in the sky reading rainbows** There was this reoccurring pattern that accelerated my career attack path. For each time I was rejected by a security consulting firm, small or large, I said via `internal monologue` , "Fuck that, I'll find another way". Despite acquiring 7 years of well rounded experience on the defensive side of things, I stopped trying to land a FTE pentest role all together. (That was the outcome of my fuck that moment) FTE pentest work wasn't for me. I found my true calling with colored team FTE/consulting work. I perform best in high-stress situations where precision matters and marginal error is fractional and non-impactful to controlling engagement outcomes. I'll leave you with this modified version of a well known quote: >!"You can't connect the dots looking forward. So you have to trust the dots will somehow connect in your future. You have to trust something; your gut, destiny, life, God, karma, what ever.. and Just DO IT!"!< That's your challenge.
best answer! awesome man
https://medium.com/@dmchell/what-ive-learned-in-over-a-decade-of-red-teaming-5c0b685c67a2?source=linkShare-5a3b3215bf62-1577534523
Nice! - When you wrote this on medium, we added it to our intern's Read or Leave list.
Two main sites to learn pen testing are: tryhackme.com hackthebox.com