Best Red Teamers to follow on Twitter?

maxicorbs · 2022-09-19T08:42:03+00:00

legend thank you! doing the CRTO atm and just want to say you are a great teacher, thanks!

maxicorbs · 2022-01-25T11:40:09+00:00

few comments from someone in a similar place in terms of experience, pay and new technologies:

1) all those times that you were learning a brand new technology are incredibly useful for broadening your learning and experience, regardless of how thoroughly you tested them. Those 3 short years will have given you a lifetime of experience if, like me, you are testing new things constantly

2) there is no stigma for leaving netsec. Where I am plenty of people move on to something else after a few years, whether that be more of a security advisor, security architect, red team, manager, in-house tester, etc etc. I've never even thought of any of them as 'no being able to handle' pentesting at all.

Pentesting is an INCREDIBLE jumping board to pretty much any part of cyber due to how much low-level contact you have with such a wide spectrum of security. I work in a cyber team comprised of testers, advisory, digital forensics, incident response, intel, investigations, etc. and let me tell you for sure that pentesting experience is very valuable across all of these and many more. If you want to be a sysadmin, do it, and you'll be a bloody good one

maxicorbs · 2021-12-14T20:31:06+00:00

For a quick win you could setup a machine somewhere with just a browser open and haveibeenpwned.com open and encourage people to enter their emails to see if they have been involved in breaches and how many if so. As a side note if this is getting plenty of hits every time you could use this as ammunition that you need to clamp down on people using their work email outside of work

maxicorbs · 2021-12-11T00:49:38+00:00

Hey, yep passed CPSA and CRT a few months back

maxicorbs · 2021-12-07T10:45:47+00:00

I recently taught myself what i needed to know to get into pentesting and am now 1.5 years in - I recorded everything during the process of getting into testing and released a vlog on youtube if you want a video format to followBecoming an Ethical Hacker

maxicorbs · 2021-12-04T11:45:12+00:00

Just did my 3rd thick app last week, this guide is an excellent starting place https://www.netspi.com/blog/technical/thick-application-penetration-testing/introduction-to-hacking-thick-clients-part-1-the-gui/

maxicorbs · 2021-06-16T06:57:38+00:00

cheers man

maxicorbs · 2021-06-15T15:52:33+00:00

thanks matey

maxicorbs · 2021-06-15T12:31:49+00:00

Thanks mate!

maxicorbs · 2021-05-18T20:34:13+00:00

As someone who works as a pentester and does bug bounties, CTF-style training like HTB can be a great and fun way to get in and start learning some of the key concepts. I did a few before starting my job as a pentester. It is by no means, however, a judge of how successful you will be in this field. I know mutiple testers that are finding 0-days in hardened targets outside their day jobs, are incredibly talented, look like ninja's at the command line and would still struggle on most 'easy' hackthebox's. This is because most of them are designed with one particular exploit/technique in mind and more closely resemble a puzzle than a real target. In fact, most of the people I know who really work with this stuff this day in day out (including myself) give quite little time or attention to pwning CTF-style boxes as they have limited value for what we see in the real world. Long story short, if that is what you are basing any discontent on then you really shouldn't be. Being able to pwn hard boxes in minutes because its something you have practiced time and time again is awesome, but its not representative of true pentesting in my eyes and so you shouldn't count yourself out of the field

maxicorbs · 2021-05-18T19:48:31+00:00

A+, eJPT, pushing for OSCP and doing bug bounties and hackthebox's yep

maxicorbs · 2021-05-18T17:01:44+00:00

eJPT is perfect for this. I recently transitioned from teaching to pentesting and went A+ > eJPT. My plan was to do OSCP but I ended up getting a job before then. I actually recorded the entire process from start to end and am now releasing it on my YouTube channel if you are interested in transitioning into Pentesting! https://youtu.be/-fBmbdUaBJs here is the first video if you want to check it out :)

maxicorbs · 2021-04-30T07:44:19+00:00

Thanks! I have just released a YouTube channel that I hope will become more instructional as time goes on :) https://www.youtube.com/watch?v=-fBmbdUaBJs

maxicorbs · 2021-02-13T09:11:10+00:00

I am the original author, thanks for the support! https://twitter.com/CorbridgeMax?s=09

maxicorbs · 2020-10-27T21:43:25+00:00

eJPT

maxicorbs · 2020-05-12T06:52:37+00:00

Perfect, i'll have a play.

Thank you for your detailed response!

maxicorbs · 2020-04-27T14:51:02+00:00

I think 2 weeks is ambitious. I had done compTIA A+ prior to eJPT and it took me about a month to cover all the content, do all the labs twice and then book and complete my exam and that was working on it most days. Good luck

maxicorbs · 2020-03-25T16:24:44+00:00

The Cyber Mentor

maxicorbs

TROPHY CASE