I did an AMA with my home hacker club in Atlanta, GA: DC404


  • big blue button (thanks @npcomp !)
  • GitHub Pages/Jekyll (aka the blog)
  • Cyberchef: https://gchq.github.io


  • how did you get into what you are doing, how to get started?
    • => self taught some basics, IT jobs, IT -> security with supportive org
  • how to manage learning so many things ?
    • => life, health, and relationships: at home and work/school
    • => specialization and find, own a niche
  • regulation/policy/gov’t?
    • politics & economics: incentives, externalities: very tough
    • how do customers and consumers get reliable information?
  • reconn question (from chat):
    • => look for sources of interesting data about the target, outside thier env
    • OSINT resources: https://inteltechniques.com/podcast.html, https://metaosint.github.io/chart/ (thanks @canary)
  • appsec (from chat): breadth-first or depth-first ?
  • => BBST & testing education resources
    • take it (Foundations): https://associationforsoftwaretesting.org/bbst-black-box-software-testing-courses/foundations/
    • opensource on (GitHub)[https://github.com/associationforsoftwaretesting/ast-bbst-materials]
    • or from Kem & Becky at (Altom Consulting)[https://altom.com/]
  • importance of computer science concepts and topics in cybersecurity?
    • => understand the system system better than your adversary
    • => many techniques require understanding of how internal components work
    • abstractions and boundaries …
    • @npcomp reccomends book: Hacking the XBox Andrew “bunnie” (sp) free PDF: https://nostarch.com/xboxfree
    • lots more about abstractions, weird machines, and how it really works: Prof. Mickens, PoC   GTFO, Phrack …
  • develop your skills and find business value (@Mark)
    • communications and problem idenfication before technology
  • security includes people and business processes (@xray)

Fallback topics

  • http://www.dfirnotes.net/study-plan-21/
Written on June 19, 2021