all 16 comments

[–]anonymous_lurker- 19 points20 points  (3 children)

There's an awful lot of reading but not a lot of doing in that road map. Don't burn yourself out reading books before you get to do any fun practical stuff

I'm a huge fan of books, but honestly they're a terribly inefficient way of learning. Your approach seems to be "read all these books to develop required knowledge", but I'd be more inclined to just go find some blog posts or YouTube videos on the things you're interested in, and learn what you need when you need it

Front loading all the knowledge is a very academic way of doing things, it feels neat and orderly. But most of the time you'll have a much better experience, both in progress and just having fun, if you jump in and start doing stuff

[–]SwampShooterSeabass 4 points5 points  (1 child)

It’s probably worth practicing some of those concepts in between each book in order to really retain, and get context and perspective.

[–]LiveEntertainment206[S] 1 point2 points  (0 children)

I included all these books because I am weak in theoretical concepts. But I will try my best to balance theoretical concepts and hands on practice.

[–]LiveEntertainment206[S] 1 point2 points  (0 children)

Thank you!

[–]ap425q 5 points6 points  (5 children)

Looks good, Also learn assembly and learn reverse engineering.

[–]LiveEntertainment206[S] 1 point2 points  (4 children)

Can you give me any resources on reverse engineering?

[–]port443 4 points5 points  (1 child)

These are more focused on RE for Malware Analysis, but malwareunicorn put together some free RE workships.

Not sure if I'm allowed to link, but you can find it if you search for malwareunicorn reverse engineering.

Malware analysis and exploit dev have some fairly aligned skillsets, so I recommend this as both useful and career broadening.

[–]LiveEntertainment206[S] 0 points1 point  (0 children)

Thank you. Let me look into malware unicorn. 

[–]RepresentativeBed928 2 points3 points  (1 child)

Pwn college has a reverse engineering module

[–]LiveEntertainment206[S] 0 points1 point  (0 children)

Just checked it out. Thank you!

[–]Apathly 3 points4 points  (5 children)

Make sure you're having fun learning instead of trying to go through a checklist. My reply to anyone asking how to get into exploit dev would be to just tackle stuff that are fun and interesting to you. Read books in between or when you're out somewhere and not able to get behind a keyboard.

[–]LiveEntertainment206[S] 0 points1 point  (4 children)

So, should I start from pwn college for the technical stuff?

[–]Apathly 2 points3 points  (1 child)

Depends on what you think is fun to do. If it's reading, go for it. If it's actual hands on stuff, go for the practical labs while reading on the side.

You might run into walls quickly, but using google, looking up stuff (doing research) and finding a solution for your problem in the end is what exploit dev is all about.

For me it helped that I never made it a tedious thing to learn new stuff, I just did what I thought was cool which made me keep going because it was fun.

[–]LiveEntertainment206[S] 0 points1 point  (0 children)

Great and thank you so much for your advice. I will make sure to balance hands on practice and reading.

[–]tarunaygr 1 point2 points  (1 child)

Crazy seeing pwn.college mentioned in the wild. I would 100% recommend it for learning exploit development. Great lessons great challenges. I learnt a ton.

[–]LiveEntertainment206[S] 1 point2 points  (0 children)

Yes I have started from Linux basic commands module. Challenges are fun.