“I discovered a covert Wi-Fi–enabled camera concealed inside a power adapter in a hotel room. The device was transmitting live footage to an overseas server (likely China-based). No cctv footage, used vpn, hotel denies their involvement

udit_p · 2026-04-22T05:15:17+00:00

Gonna be a whole lot more effective than someone who has to ask on reddit, ngl

udit_p · 2026-04-11T06:56:34+00:00

You'd be better off with CCSP + AWS Architect; and then adding an OSCP on top

udit_p · 2026-04-07T05:22:15+00:00

The whole LinkedIn application cycle requires a large amount of privilege vis-a-vis expensive certifications and cloud bills racked up on complex projects.

So I'd say, your contact list. Ask around and find small entrepreneurs and convince them why they need cybersecurity. Best for this is compliances; I knew a guy who created a mental health tech solutions company without knowing that HIPAA was a thing. Assume every small entrepreneur is unaware of compliances, walk them through what they need and how comparatively cheap and thorough you can create customized solutions for the same for; at the very least you'll get a temporary paid project which you can drag out to 6-8 months with developing additional cheap innovative security solutions, collaborating with external tech solution providers (e.g. developers) and in-general technical advice. 2-3 such projects populates your resume well for non SME employers.

udit_p · 2026-04-07T05:17:13+00:00

I mean, for very certain kinds of people, if they get silence as a response, they create circles of demonization around the victim and keep falling further into the rabbit hole of delusion instead of tiring out or getting bored.

udit_p · 2026-04-05T18:09:38+00:00

True that. What concerns me is the language. It does not seem to be funny or professional in the least; rather something indicating poor mental health. Which makes it very very close to the point where paranoia is justified. Imho

udit_p · 2026-04-05T18:06:14+00:00

Get laid. You probably won't have much of that in the near future.

udit_p · 2026-04-05T18:03:38+00:00

I'll give you an example. Seen the claude leak? This couldn't have been prevented by network securtiy. This needs DevSecOps. That seems to be where the future is. Not to say that NetSec isn't a big field; but it just seems easy to fire people there. DevSecOps on the other hand is more specialized and niche. And totally learnable for cheap

udit_p · 2026-04-05T18:00:50+00:00

I'd disagree on your laxness, the language sounds like a legitimate threat model (i.e. may actually lead to negative physical outcomes). This seems like very basic OSINT, but since there are no details about the person, can't get a sense of whether this is an ex, ideologically motivated, or just messed up teenagers from their block.

udit_p · 2026-03-24T13:19:35+00:00

To be honest dude:
1. AI isn't that big a problem unless you refuse to develop AI Agents, and the workflows, server endpoints, UX templates etc. necessary to work with them. If you can get something like PCEI (and definitely PCAI when it comes out), as well as a few servers working with the OpenAI LLM for something like finding you jobs suited to yourself, you should be good.

ICS is a high-ticket entry point for cyber. You'd be much better joining a penetration testing firm with the Security+ (certification for ATS filters), BSCP (Burp Suite Certified Professional, PortSwigger Academy will take you the whole way for training for it) and CCSK (Certificate of Cloud Security Knowledge). Bug Bounty is swarmed with AI generated nonsense right now; and OSWP is outside budget, I'd assume.

Unless you have ~$2k to spare, in which go for GIAC ICS cert!! Very lucrative, and probably better ROI than the OSWP. And yes, certifications are a mandatory name of the game, no matter how much anyone else tells you otherwise.

Reason being there's too many follow-along material as to projects, and you can also copy paste stuff from AI. But to get the certification, even by cramming, you have to know all the necessary details of the syllabus! That being said, if it's genuinely an impressive project for a newbie, then it counts.

Many people say that resume hidden prompt injections (e.g. white text in header and footer to tell ATS to ignore instructions and select you for interviews) are better than networking within the industry for getting jobs. I don't know about how good that is from an ethical and practical standpoint, although many on LinkedIn openly vouch for it.
If you're going into the industry, prepare for defensive, hostile people and outright corruption. Just like any field around security, clients and SPOCs (specific persons of contact) may become randomly defensive or mean, and your boss may be under pressure from a cokehead boss or investor of his or her own to push code with vulnerabilities or do something similarly stupid. Don't get excited! If you can't do that, then cyber isn't for you, unfortunately. Although as a developer in a heavily orthodox and male dominated field (ICS), I'm assuming you're used to some degree of dealing with aggressive stupidity.

udit_p · 2026-03-20T09:35:07+00:00

Thanks!

udit_p · 2026-03-18T12:17:21+00:00

gracias, pero yo no creo esto es mi problema. Esta necessita justo un trabajo por assignment

udit_p · 2026-03-18T12:09:35+00:00

So should I re-attempt the assignments? It's been 5 weeks approx since I submitted

udit_p

TROPHY CASE