For All (Really)
In October of last year I stumbled upon a YouTube channel that looked super nerdy and fun. Indeed it was! Network Chuck is the guy’s name and he was building a K8s cluster using a Raspberry Pi. Bare metal install of K8s? Yes please! After thinking about it a few days, I decided I had to do it. So I did! I blogged about it of course and you can take a peek at K8s Part I and K8s PartII if you are interested. I had a blast building and configuring these and now I have this really great toy to play with.
While looking through this new channel I stumbled into a community that has totally sucked me in. I have always know about Hackers and Cybersecurity, it’s not like it was new information, but I had no idea it was something I could do. I had no idea it could be so fun either. My background is technically diverse to say the least. I have many years as a Linux SysAdmin working on clusters (literally the fastest in the world), many years as a Web Developer, many years in Technical Support, etc. I also have, well had, some of the same basic certification. RHCE, CCNA, VCP, A+, etc. So I have a lot of the same tools in my toolbelt that Pentester has, but never really explored that as an option. I am also not a computer scientist level programmer, and I assumed that because I was not, hacking was out of the question. But it’s not! Truth be told coding is fun as far as troubleshooting, but I only really like debugging code and making it work. Or peeling back the layers to determine why. As far as sitting down a coding, I’d much rather script tasks than write an app.
There are several roles within hacking and Cyber Security, and more importantly, a TON of resources for getting started on the journey. You can pivot into the field with a lot of work and studying. The thing you can not do quickly, of course, is gaining experience. That takes time, so be prepared to sink hours into this, which won’t be an issue if you love it. I personally am not looking to step into that role at the moment, mostly because I love where I work and I don’t see a path towards it there. My goal to have fun, eventually compete on a high level at HackTheBox, and knock out my very first Bug Bounty.
So how does one get started? I personally would start reading some books and watching some videos on YouTube. I have a page here that list these resources, but in particular I would start with a specific book and this article titled “The Conscience of a Hacker“.
Next head over to TryHackMe and HackTheBox Academy (HackTheBox as well) and start learning. Both have free resources and paid. The paid is worth it, 100%. I would then get connected on LinkedIn and start looking at what folks in this field do.
My next step is to dive in and learn some more in person with professionals. I am heading to WildWestHackinFest in May, which is a conference and training centered on hacking and Cyber Security. The eJPT is a certification I have my eye on next, As a basic entry level cert it represents all the hours I have poured into studying and demonstrates competency. Ultimately my desire is to contribute with the community at large to make the web a safe place.