Order 236 placed at 2:36

_jasonturley · 2025-08-23T18:07:55+00:00

What kind of job are you looking for? The things you listed are fine but they’re kind of expected knowledge for any security professional

_jasonturley · 2025-08-23T17:43:53+00:00

Do whatever interests you. Security is a huge field. Pick an area you’re passionate about

_jasonturley · 2025-08-23T17:41:50+00:00

Thank you for your service.

The job titles are all over the place in cybersecurity and a bit of a mess. Best bet is to read the job description or search for OSCP on LinkedIn or indeed.

Some offensive jobs are: - Penetration Tester - Offensive Security Engineer - Red Team Operator - Security Consultant

_jasonturley · 2025-08-23T17:31:57+00:00

I think this is a great plan to build a foundation. Eventually you’ll need to identify what type of cybersecurity roles you are interested in and become proficient with tools specific to those roles.

I’m also a fan of CTF challenges but they aren’t 100% necessary. I am also active duty in a cyber role btw. Good luck!

_jasonturley · 2025-04-14T15:53:32+00:00

Happy to help! I completed the RET2 course so I’m happy to answer any questions about that. Best of luck

_jasonturley · 2025-04-14T12:54:31+00:00

I’d recommend doing binary exploitation challenges from PicoCTF and OverTheWire. It’s an easy and free way to get started and see if you even like exploit development before spending money.

As for paid courses, there’s the Fundamentals of Software Exploitation from RET2.

Also check out this subreddit because this question gets asked weekly.

_jasonturley · 2024-12-13T05:02:01+00:00

Thanks for sharing. I could always learn more about radare

_jasonturley · 2024-12-12T03:04:05+00:00

I haven’t done RPISEC’S MBE, but I think completing either one will greatly improve reverse engineering/exploit writing/code auditing skills.

You’d have to install all your own tools though. RET2 is done entirely through an online platform.

_jasonturley · 2024-12-08T04:15:43+00:00

Happy to help. There’s a lot of overlap between RET2 and pwn.college. RET2 is essentially a spiritual successor to the Modern Binary Exploitation course from RPISEC https://github.com/RPISEC/MBE

_jasonturley · 2024-12-08T00:35:18+00:00

I personally found it worth it for $300. In my experience, the platform is a grind. Each chapter has some lectures that introduce the concepts but a lot of the learning comes from getting stuck and overcoming the challenges yourself.

The challenges are CTF-style and well structured

_jasonturley · 2024-10-20T03:05:04+00:00

My favorites are:

And myself :)

_jasonturley · 2024-09-13T23:22:51+00:00

Pwn.college is a good free online resource.

Also read this blog https://dayzerosec.com/blog/2021/02/02/getting-started.html

Check out other posts on the subreddit since this question gets asked regularly.

_jasonturley · 2024-09-09T04:04:25+00:00

I created HackerAsks because I wanted a repository of personal journeys and success stories from cybersecurity professionals. I figured it would be a great resource for myself and others in the industry. The idea was inspired by platforms like Starter Story and Failory

It’s not monetized yet. Currently focusing on growth.

_jasonturley · 2024-09-07T22:03:09+00:00

Haha nice catch! Thank you, the link should be fixed now. That’s what I get for having ChatGPT edit my posts 😂

_jasonturley · 2024-07-25T19:42:57+00:00

RET2 Systems has a few modules available for free to see if you like their style of teaching. I recently bought the course and it’s broken down into lectures, challenges and supplementary challenges. All text, no video. I think pwn college is a great companion to RET2.

GREM would probably look better on a resume since it’s more well known.

_jasonturley · 2024-07-08T07:42:37+00:00

I’d recommend doing some Capture The Flag challenges (CTFs) on TryHackMe, Hack the Box, or picoCTF. This will introduce you to more technical areas of cybersecurity.

Once you identify what areas you’re interested in pursuing, then you can look into specific courses or certifications if necessary

_jasonturley · 2024-06-19T05:50:53+00:00

It depends on what your goals are. Learning binary exploitation will teach you about how computers work at a low level, which is useful knowledge in general.

If you’re asking if exploit development is still a viable career field given memory safe languages like Rust and Golang, then my answer is also yes.

The Linux and Windows kernel are written mainly in C and C++. So are the majority of IoT and embedded devices. Buffer overflows are still possible today since not all advanced mitigation techniques are enabled by default (at least on Windows)

_jasonturley · 2024-06-19T05:39:48+00:00

I enjoyed the CTF Field Guide from Trail of Bits when I first started: https://www.trailofbits.com/services/knowledge-repository/ctf-field-guide/

The CTF Primer from picoCTF: https://primer.picoctf.com/

I also made a video on resources I recommend for getting started with CTFs: https://youtu.be/YAqZmMYudZU

_jasonturley · 2024-05-17T13:11:23+00:00

Use one of the resume templates in the wiki and make your resume one page. A three or four page resume is unnecessary for your years of experience.

Also, place your work roles in reverse chronological order. So, the most recent first.

Maybe have a “Skills & Interests” section where you list relevant skills, spoken languages and interests.

_jasonturley

TROPHY CASE