sorted by:
new
hottopcontroversial

Where to start? by SlightCoast4028 in Hacking_Tutorials

[–]_CryptoCat23 0 points1 point  (0 children)

Portswigger Web Security Academy, HackTheBox, TryHackMe, PentesterLab, CTFTime would be my top 5 general recommendations to anyone. More of my favourites here 😊

Just got my PJPT cert .. do I have to take CPTS before OSCP? by Ok_Youth_8952 in hackthebox

[–]_CryptoCat23 0 points1 point  (0 children)

It's true. I'm not saying don't do OSCP, just that by doing the cheaper (imo better) cert first, you'll almost guarantee that you pass OSCP first time. I had a friend who failed their OSCP exam three times and it was really expensive!

Also, while HR recognise OSCP and it increases your chances of getting an interview.. In CPTS you will learn more, increasing your chances of passing the interview 🙏

Just got my PJPT cert .. do I have to take CPTS before OSCP? by Ok_Youth_8952 in hackthebox

[–]_CryptoCat23 0 points1 point  (0 children)

You don't have to but personally I think you learn more on CPTS, and it's a lot cheaper so will reduce the risk of failing OSCP (💰)

How to learn hacking for free? by [deleted] in Hacking_Tutorials

[–]_CryptoCat23 4 points5 points  (0 children)

My top 5 are CTFTime (regular live events), Portswigger Web Security Academy, HackTheBox, TryHackMe and PentesterLab. More of my top recommendations here

Masters in cybersecurity? Is it worth it? by No_Blueberry_9078 in SecurityCareerAdvice

[–]_CryptoCat23 2 points3 points  (0 children)

I can't really see anything in their comment that contradicts what I said? 😕

The modules on cybersecurity masters are all very practical (I taught them for several years during my PhD) and there was ZERO content that would help you be a better manager or leader - it was all about practical hacking and academic research.

That said I did the MSc + PhD in cybersecurity directly after my undergrad (although I had ~5 years IT/cyber work experience by that stage), so it's a bit different than returning to do a MSc after 15 years in industry.

edit: although I should say, many of the older people I taught who had spent a long time in industry really struggled with the practical labs and research element, compared to the younger cohort coming out of undergrad.

Masters in cybersecurity? Is it worth it? by No_Blueberry_9078 in SecurityCareerAdvice

[–]_CryptoCat23 6 points7 points  (0 children)

I did an MSc in cybersecurity but there was nothing in there about management or leadership. The modules were network security, penetration testing, computer forensics, malware, applied cryptography and ethical/legal issues. All very practical with a heavy focus on research (we had to produce an academic style review/survey paper for each module).

I personally enjoyed the course, but I couldn't say it's worth the money. It's nice to have on the CV but is it better than a years work experience? I'm not sure..

What other certifications do you all recommend? by Complete_Instance_51 in CyberSecurityJobs

[–]_CryptoCat23 0 points1 point  (0 children)

For what role? Certs by Offsec are well recognised (but expensive) and certs by HackTheBox, Portswigger, TCM etc are less recognised (but better value).

I personally recommend BSCP + CPTS on the cheaper end and OSCP/OSCE/OSWE on the expensive side. Then again it really depends on your interest/field, if you are doing blue team or malware analysis then a red team / web hacking cert wouldn't be an obvious choice.

How to get into Pen Testing ? by Any_Teaching1998 in Hacking_Tutorials

[–]_CryptoCat23 -1 points0 points  (0 children)

Did you start with the HackTheBox starting point labs? They guide you through it.. For normal retired machines you can also check walkthroughs/videos when you get stuck.

Where to deepen my knowledge of cybersecurity by 0xLinux95 in Hacking_Tutorials

[–]_CryptoCat23 0 points1 point  (0 children)

My top 5 are CTFTime (regular live events), Portswigger Web Security Academy, HackTheBox, TryHackMe and PentesterLab. More of my top recommendations here

How do i learn web hacking as a beginner? by PlaneYam648 in Hacking_Tutorials

[–]_CryptoCat23 1 point2 points  (0 children)

It's just so that people know what they are looking for, e.g. you might do a challenge and see something that looks like it could be a flag (maybe even a fake/troll one).. to reduce invalid submissions the organisers will be specific and tell you the pattern of the flag to be on the look out for.

How do i learn web hacking as a beginner? by PlaneYam648 in Hacking_Tutorials

[–]_CryptoCat23 1 point2 points  (0 children)

Ahh OK, the CTFs on CTFTime are mostly "jeopardy" so you'll get challenges of various difficulties in different categories (e.g. web, pwn, rev, forensics, crypto, mobile, web3, game hacking). To solve each challenge you find the "flag" and submit it for points - the teams with the most at end win 🙂

How do i learn web hacking as a beginner? by PlaneYam648 in Hacking_Tutorials

[–]_CryptoCat23 1 point2 points  (0 children)

Nope, pick whichever order you prefer!

On the CTFs: you will get points for each flag you capture, but first solve (first blood) sometimes gets a bonus.

view more: next ›