DC404 AMA
I did an AMA with my home hacker club in Atlanta, GA: DC404
running
- big blue button (thanks @npcomp !)
- GitHub Pages/Jekyll (aka the blog)
- Cyberchef: https://gchq.github.io
AMA
- how did you get into what you are doing, how to get started?
- => self taught some basics, IT jobs, IT -> security with supportive org
- how to manage learning so many things ?
- => life, health, and relationships: at home and work/school
- => specialization and find, own a niche
- regulation/policy/gov’t?
- politics & economics: incentives, externalities: very tough
- how do customers and consumers get reliable information?
- reconn question (from chat):
- => look for sources of interesting data about the target, outside thier env
- OSINT resources: https://inteltechniques.com/podcast.html, https://metaosint.github.io/chart/ (thanks @canary)
- appsec (from chat): breadth-first or depth-first ?
- => BBST & testing education resources
- take it (Foundations): https://associationforsoftwaretesting.org/bbst-black-box-software-testing-courses/foundations/
- opensource on (GitHub)[https://github.com/associationforsoftwaretesting/ast-bbst-materials]
- or from Kem & Becky at (Altom Consulting)[https://altom.com/]
- importance of computer science concepts and topics in cybersecurity?
- => understand the system system better than your adversary
- => many techniques require understanding of how internal components work
- abstractions and boundaries …
- @npcomp reccomends book: Hacking the XBox Andrew “bunnie” (sp) free PDF: https://nostarch.com/xboxfree
-
lots more about abstractions, weird machines, and how it really works: Prof. Mickens, PoC GTFO, Phrack …
- develop your skills and find business value (@Mark)
- communications and problem idenfication before technology
- security includes people and business processes (@xray)
Fallback topics
- http://www.dfirnotes.net/study-plan-21/
Written on June 19, 2021