I did an AMA with my home hacker club in Atlanta, GA: DC404

running

• big blue button (thanks @npcomp !)
• GitHub Pages/Jekyll (aka the blog)
• Cyberchef: https://gchq.github.io

AMA

• how did you get into what you are doing, how to get started?
  • => self taught some basics, IT jobs, IT -> security with supportive org
• how to manage learning so many things ?
  • => life, health, and relationships: at home and work/school
  • => specialization and find, own a niche
• regulation/policy/gov’t?
  • politics & economics: incentives, externalities: very tough
  • how do customers and consumers get reliable information?
• reconn question (from chat):
  • => look for sources of interesting data about the target, outside thier env
  • OSINT resources: https://inteltechniques.com/podcast.html, https://metaosint.github.io/chart/ (thanks @canary)
• appsec (from chat): breadth-first or depth-first ?
• => BBST & testing education resources
  • take it (Foundations): https://associationforsoftwaretesting.org/bbst-black-box-software-testing-courses/foundations/
  • opensource on (GitHub)[https://github.com/associationforsoftwaretesting/ast-bbst-materials]
  • or from Kem & Becky at (Altom Consulting)[https://altom.com/]
• importance of computer science concepts and topics in cybersecurity?
  • => understand the system system better than your adversary
  • => many techniques require understanding of how internal components work
  • abstractions and boundaries …
  • @npcomp reccomends book: Hacking the XBox Andrew “bunnie” (sp) free PDF: https://nostarch.com/xboxfree

  • lots more about abstractions, weird machines, and how it really works: Prof. Mickens, PoC

    GTFO, Phrack …

• develop your skills and find business value (@Mark)
  • communications and problem idenfication before technology
• security includes people and business processes (@xray)

Fallback topics

• http://www.dfirnotes.net/study-plan-21/