At MyHackerTech we want to celebrate the diversity in the cybersecurity industry by sharing the inspirational stories of the people in the industry. With the IT security industry booming, many prospective IT professionals are wondering what they need to do to kick start their career.
No two stories are exactly the same and people come to the industry from a multitude of backgrounds. Here we want to highlight the potential routes into the industry, as well as share advice to help prospective security professionals along their journey. Today we're listening to Daniel's story.
When did you first become interested in hacking?
I got fascinated by computers and programming quite early. I always wanted to reverse engineer and hack those systems. Soon, I installed Kali Linux on my computer and was overwhelmed by the number of available tools and didn't know how they worked or how to use them.
So I decided to focus on learning more about how the technology works first. In the following years, I improved my programming skills, and spent time on Android app development, building robots, and experimenting with machine learning.
During that time I regularly did some hacking projects. One of them was hacking garage door remotes. I built a small device with an Arduino that can sniff and transmit 433 MHz radio signals from garage door remotes.
About a year ago, I talked with a friend about cybersecurity and pentesting. This really inspired me, so I bought a course on ethical hacking by @thecybermentor on Udemy. I have also started pwning hackthebox and vulnhub ctf challenges which I'm still doing today. I'm posting my journey on Instagram, where I met an awesome community of hackers
What is it you like about hacking/security compared to other areas of IT?
Technology influences our lives every day. I want to understand how these systems work and reverse engineer them. The variety of different systems (Webservices, Active Directory, Operating Systems, ...) is huge. Compared to other areas of IT, you experience new technologies and new vulnerabilities every day. This diversity is challenging and there's no day is like any other day.
Another amazing part of Cybersecurity is the community. With social media, you meet new people all the time that help you out or give you some advice. One example would me Max aka s.1.l.k.y. He introduced me to a group of local hackers and we pwn CTF machines every week. Moreover, many hacking tools are free and open source, which I really love. The community keeps improving and updating them.
What types of resources have you found most useful for learning security? (Videos, courses, blogs, qualifications)
To get started in ethical hacking and for privilege escalation, I did the online courses of The Cyber Mentor.
To practice hacking, I recommend the following platforms:
Apart from that, I'm a huge fan of the following content creators:
The Cyber Mentor – https://youtube.com/c/thecybermentor
John Hammond – https://www.youtube.com/user/RootOfTheNull
Stefan Rows – https://www.youtube.com/user/Ceophreak
IppSec - https://www.youtube.com/c/ippsec
LiveOverflow - https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w
To stay up to date with the latest vulnerabilities and exploitation tools, I recommend you following people from the cybersecurity community on Instagram and Twitter.
For live events, I'm using meetup.com. There you can find meetups and technical talks in your city.
What do you think are the biggest cybersecurity threats we are facing right now?
As many people are currently working from home, there's a large variety of new attack vectors. Another one is IoT devices. As they are low cost and don't have much computing power, they often aren't secured properly.
What certification are you pursuing at the moment?
I'm currently practicing and pwning lots of machines on hackthebox and tryhackme, so I can get started with the OSCP certification later this year. The OSCP has always been a dream of mine.