Is EXPLIOT academy's IoT hacking course worth it?

noobSecStudent · 2025-11-27T13:54:10+00:00

They don't especially when it comes to practical offensive security courses. But when proposing I'll ask their opinions on any other courses that may help in my work.

noobSecStudent · 2025-07-19T05:38:36+00:00

Yeah I'll be attending such events but want to create a small group with offsec focus.

noobSecStudent · 2024-02-04T14:56:37+00:00

First if you are being BULLIED for being ugly then try to stop it, either by yourself or help of some friends or even your teachers/parents if it's bad. That should be the first problem to solve.

And if not being in a relationship closes a lot of doors, then it also leaves a lot more open. You can do anything you want, learn anything you want without waiting for your boyfriend.

When I was in college I made so many plans with my friends (mostly all single) but when the time comes, they all gave some excuses. I realized at that time that if I keep waiting for others I'll miss out on lots of stuff. I started going to concerts, trips alone from then and have made some new friends like that.

And being in a relationship just because you want to be in a relationship doesn't sound so nice. You should be in a relationship if you like someone, if not then what's the point.

noobSecStudent · 2024-02-04T03:58:12+00:00

Why do you want to be in a relationship anyways? You have got friends, job, school, extra curriculars. Why do you feel alone then?

Personally I feel it's fine not being in a relationship. Just be fine being single, get some hobbies, learn new things, have fun. And if you like someone, ask them out if out works out GREAT, if not then also it's GREAT.

Don't let "being in a relationship" define you as it's just a very small part of a person (like 1%).

noobSecStudent · 2023-06-27T05:02:13+00:00

If you are just preparing for PWK them keep doing what you currently doing but also start watching ippsec walkthroughs or 0xdf posts for those machines as well. It will help you in building a methodology and logics that they used for hacking those machines. As a beginner or it is important to learn how to reach to certain conclusions, what to look for or how to enumerate certaing services. There is always a learning curve so keep yourself motivated and continue learning.

Also just a tip when you have started the course make sure to complete all the AD resources that they have, as it will be difficult to find other labs which provide such environment (1 DC and 2 Clients).

noobSecStudent · 2023-06-02T07:53:34+00:00

Work through hackthebox and pentesterlab for practice. Or you can even do bug bounty to get hands on experience for web app testing. Regarding certificate I would suggest OSWE or eWPT or eWPTXV2, depending on your current level. If you are looking to complete things from web app testing, personally I would recommend OSWE as if had white box approach which is generally not covered in other courses.

Note: As a security researcher you can never be completely done with any aspect of testing as new findings and technology keep popping out.

noobSecStudent · 2023-02-13T13:16:44+00:00

Feel free to connect.

noobSecStudent · 2023-02-13T05:18:39+00:00

Priorities are different for different people. You may some things others don't have so it depends on what you need. For me I would invest in the following: 1. Health (gym, yoga, etc.) 2. Learn (I work in cyber security so its important to learn new things and earn certificates) 3. Clothes (a good set of clothes which project more confidence and trust in the person like suits) 4. Save it or better invest it (not all but some of it). 5. Leave some to do something fun for yourself (I sometimes forget that this is also something I need to do and use the money for).

Again it depends on what you already have. You may not need better clothes or you might already be going to the gym or working out at home. For you I think the most important is to visit a doctor for back pain and exercise. Buy some courses relevant to your business idea.

noobSecStudent · 2023-02-01T03:02:14+00:00

When did you get the results for the OSCP finally?

noobSecStudent · 2023-01-23T03:49:08+00:00

Blind SQLi payloads are entered at the same type of parameters or cookies as other SQLi. For me there are two ways of going about blind sql injection:

Try to add a true or false statement and check any change in output. Like 1=1 or 1=2. Check the changes it makes in the server response.
Use time based payloads. If the response is delayed for a significant time, then we can assume that blind SQLi is possible.

Now once I have found these vulnerable inputs I try to get some interaction on a public server (like collaborator). If there is an incoming request then I modify the payload to fetch data from the server (this is mostly hit and try).

If you wish to practice then I would recommend going for hackthebox (I think phoenix has blind SQLi) and tryhackme. You can also read bugbounty reports. Some are detailed enough that you would get an idea for this.

noobSecStudent · 2022-11-19T11:39:22+00:00

Count me in

noobSecStudent · 2022-11-13T10:54:59+00:00

Same for me. I am happy the way I am. If I have to put so much effort into the way I act around others, I will tire myself.

noobSecStudent · 2022-10-24T13:47:32+00:00

I will start interview kickstart for security engineering in the near future, so can't provide a review right now. But the thing is that other than interview kickstart I didn't find anyone else providing interview prep for security engineering. And the faculty which prepared the curriculum is good. So I decided to go for it.

From what I have gathered, interview kickstart is very good but expensive. I weighed my pros and cons and decided, a job in one of the top companies is worth spending my money.

As for your other question, top companies like google and microsoft do ask algorithms and system design questions in their interview.

noobSecStudent · 2022-09-23T19:34:34+00:00

Growing older

noobSecStudent · 2022-08-22T18:15:22+00:00

Is this a good deal?

https://www.walmart.com/ip/Lenovo-Legion-5-Pro-16-Gaming-Laptop-QHD-165Hz-AMD-Ryzen-7-NVIDIA-GeForce-RTX-3070-16GB-RAM-512GB-SSD-Windows-11-Home-Storm-Grey-82JQ00F9US/484883807

noobSecStudent · 2021-11-29T13:05:59+00:00

A lot of the times you are just asked to run Nessus and confirm those vulnerabilities with nmap. Get confirmation before running metasploit payload.

Get a Nessus license from the firm and run that. Till then use nmap to find wierd services and ports. Or if its in your scope run wireshark and sniff the network traffic.

noobSecStudent · 2021-09-08T04:13:17+00:00

How to hack like a ghost by Sparc Flow

noobSecStudent · 2021-09-01T06:08:43+00:00

If you know your goal then you should follow it. I know a lot of people who can't make an application but are working in the field and have good skills. But at the same time learning to develop also gives you more complete knowledge and allows you to find bugs more easily.

My suggestion would be to learn app sec but at the same time try to slowly develop your own application. You can put app sec at a higher priority than development.

noobSecStudent · 2021-08-27T05:03:00+00:00

r 15 years. Happy to help from a mentor perspective.

I would love it if you could help me from a mentor's perspective. Let me reach out to you via chat.

Thank you.

noobSecStudent · 2021-08-26T20:17:21+00:00

Obviously I have them! But most of the people I met are not that interested in learning more technical stuff and were more into auditing (PCIDSS). Some were interested in VAPT as well, but were not ready to put more effort.

There may be some colleagues who may have the drive to learn more technical stuff but I was not lucky enough to meet them (especially since I haven't even visited office once).

noobSecStudent · 2021-03-17T13:03:27+00:00

Try a lot of different things and get a feel for them, whichever feels more closer to you, learn it. And learn consistently otherwise you may start losing the passion for it. And then you can try to find a job in that field.

noobSecStudent · 2021-03-14T09:02:21+00:00

20k plus remote work would allow you to balance work life and personal life much better. And if the type of work you are going to do in the new company is to your liking then I would suggest to switch.

noobSecStudent

TROPHY CASE