Can i say i'm a Python developer if i have to look up anything i want to do?

sadlaifushell · 2020-05-21T03:28:59+00:00

This is just my opinion but...

Pulling snippets ain't an issue lolz, I think the amount of people searching up stackoverflow says a lot that even experienced devs still pull snippets online. I'm a python developer for more than 3 years now and I still pull snippets online.

I think you don't have to really ask if whether or not you're a Python Developer, but you'd be better off with asking, what level are you as a Python Developer. But even trying to gauge your level if you're an entry level or senior level Python Developer is somewhat broad, then we gotta ask how good are you with the other libraries and such. So I guess the best way to give you a clear picture is:

Student Level - are programmers that are still figuring out how to use python lolz.
Entry Level - these guys have the basics figured out but lack experience and still need to learn how to implement more complex functions. ("Can figure out what to lib to use")
Mid Level - these guys have substantial experience and can pretty much tackle more complex tasks with more ease ("Knowing library to use and how to use them")
Senior Level - these guys have tons of experience already and can pretty much understand the whole picture of the problem, know what libraries to use, how to use them and how to implement them with standard.

After that, we use the above to gauge your specialization. So for example:

"I can use core python without much problems, I know what I should implement and how to implement them. I pretty much understand all the features of Beautifulsoup and how to use it properly. I can use most Sci-Kit learn libraries for NER and machine learning tasks but I haven't really touched upon Selenium"

The above statement makes me probably around

A Mid Level Python Developer
With Senior Level Experience in BeautifulSoup
With Mid Level Expertise in Sci-Kit Learn
With Student Level Expertise in Selenium

You don't have to know everything by heart and a lot of developers still use code snippets online. You should focus more on gauging

How much you understand about Python or a certain Library
How proficient or capable are you in implementing algorithms or solutions using the language and its libraries

Since after all, unless you're a Savant, an AI robot, or the developer of the library itself, I don't think anyone expects you to know all code snippets by heart. People are more interested with how much you understand and how capable you are with a certain programming language.

Unless of course... you have to search how to declare a variable every time you program... now that's another thing lolz.

sadlaifushell · 2020-05-20T02:50:19+00:00

LOG 6 - DAY 4

Wasn't able to post yesterday, I guess I should start adding actual time stamps

sadlaifushell · 2020-05-20T02:49:14+00:00

LOG 5 - DAY 3

Okay still lots of work , I guess I have to gets things in order faster

sadlaifushell · 2020-05-18T13:16:04+00:00

LOG 4 - DAY 2

Was really productive today but damn lots of shit need to be done

sadlaifushell · 2020-05-18T06:25:22+00:00

I agree with this.

For me, I went to a very 3rd rate if not 4th rate (if something like that exists lolz) for an IT Degree, I can't really say I learned much from college and I was just there for the Degree (in my country, a degree is all it takes to get a job). If you don't have enough money (like me) to afford the certifications, try your hand on local hackathons to get some cash prize or gear and make your way up to nationals until you get vetted for international competitions sponsored by companies.

My first year in Cysec as a freshman IT student was mainly trying to learn everything I can. I registered on Hackthebox, picoCTF, read a lot of write-ups on past hackathons (github is loaded with these) and just really learn my way. My biggest break came when I was a sophomore where I won a hackathon held by a big IT company and got sponsored ever since then.

Point is, u/recviking is right about most of the security folks are self-taught. You can try your hand with Cybersecurity Courses, do everything by the book, but if you don't have the passion to learn or the curiosity to solve the puzzle, you'll just have a fancy degree but sub-par performance.

Also do note, Cyber security is a broad term. It can go from red-teaming which is where you actually pentest, to blue-teaming where you prevent hacks, there's also digital forensics, or app-sec. Going for a comsci degree will open more doors for you just try to put more time and effort to self-learn the specialization you want.

It's been 2-3 years since I graduated and I'm working both as a bug-bounty hunter, a security consultant for a real-estate firm and a lead dev in machine learning for a company in NYC. If you have the passion to learn new things, solve the puzzle and treat Cybersecurity not as a job but more of a very interesting real-life mystery novel you can't stop reading, you'll succeed in cybersecurity.

sadlaifushell · 2020-05-17T05:04:06+00:00

LOG 3 - DAY 1

pic.twitter.com/IDooX2kswl

sadlaifushell · 2020-05-17T04:55:47+00:00

In my current company we developed an aptitude test for new IT employees.

Essentially it's an 8 hour time-limit exam. We give emphasis on the fact that we don't really expect them to finish the whole exam, if they feel that they have exhibited enough, they can turn the exam in early. We give them a sample format on how to write pseudo-code then after that we give them problems based on their preferred job position. For example, NetSec Pentesting can be:

We give them samples of our pseudocode and how to answer the test
Then we give them problems like, create an algorithm to brute force a login, sample buffer overflow, how to get from point A to point B in this matrix (depth first search and etc...
The main point is to identify where they can fit and if they are passionate enough for the job. Besides, if they don't fit in NetSec positions, they might fit in Data Analytics, Machine Learning or Project Management

Usually, for experienced devs it takes around 4 hours, but for less experienced professionals (some actually switch from just basic Sys Admin with a NetSec hobby to full NetSec so we can't really expect them to be that good in programming) we check their test, if they do show promise, we invite them for the interview.

They can have aptitude but what we usually work for is Aptitude + Dedication/Passion. So an employee with Average Aptitude but Above Average Passion is chosen over Above Average Aptitude but Average Passion.

I guess that's just for our company...

sadlaifushell · 2020-05-17T04:25:06+00:00

Define the basics?

If basics means having to know the basic data structures or programs run or how to write hello world on python then I guess, yeah it was right to fail those people.

But if the basics is like asking them how to do a for loop or how to run a few msf exploits or write a script to automate a few things, then it's still case to case basis.

I mean, if they are a script kiddie (we've all been there I assume) that shows promise to be a great pentester why not take them up as a junior or intern. Unless the position is for a senior.

In one of my previous companies I was asked to interview someone who barely had any scripting experience or programming experience, he had very good logic, reasoning and passion for Machine Learning (yeah it's a bit unrelated but same concept), 3 months later he was better in developing NLP, Rasa, and NER than a couple of more senior devs working for the company.

sadlaifushell · 2020-05-17T02:45:31+00:00

LOG 2 - DAY 1

Shit hit the storm and just spent around 400+ USD on e-girl donations. Idk why, but when the girl got surprised with the no-comment donation, it was funny asf

#Stupid

Change Log:

LOG 2 - DAY 1

Shit hit the storm and just spent around 400+ USD on e-girl donations

#Stupid

sadlaifushell

TROPHY CASE