Why dont you study Cyber security ?`
Its litterally the best in computer science
Its the hardest IT studies to study
Only the smartest can complete cyber security
We also do the most important IT jobs out there
saving the internet from criminals and foreign intelligence agencies
Infosec is BIGBRAIN only
What kind of experience do you need to get an entry level job in that field?
Minimum is a Bachelor degree
This thread again? How much does your registrar pay you to shill?
I know, but education isn't experience. What kind of actual experience do you need?
I got into infosec in a devops role creating automation, infrastructure etc for a red team
That's wrong. You can easily get a job in cybersecurity by reversing shit and publishing your exploits. Hell you can freelance as a bug hunter and so long as you are DECENT in your field your bug bounties should be plenty to live off of.
Also wanted to add: If reversing shit in your spare time and bug hunting is in any way difficult or "boring" to you, please don't get into the cybersecurity field. Yes, I know there are more networking/IT related cybersecurity positions in which certs (especially for government positions) are the prime but those people tend to be at best script kiddies who started on and will always use Kali as their go-to.
I thought about it but I'm a brainlet
Bug bounties are oversaturated as fuck and finding 0day is harder than ever. Stop roleplaying.
>finding 0day is harder than ever
lol maybe for you
Of course, super l33t h4x0r, it's super easy when there's static and dynamic reviews of code before private and public bug bounties for important things.
Where can I see your 0days though?
>submitting to bug bounties
retard
just sell your bugs to real customers
native bugs are as popular as ever, you're not a web skid, are you?
how often are we going to have these threads now, nigger? instead of properly studying algebra and logic and then applying it through Coq, Isabelle and Frama-C/Krakatoa/etc to real software you shill for retarded cybersec shit, where marked demand is created primarily by tech illiterates and other retards
>Why dont you study Cyber security ?`
>Infosec is BIGBRAIN only
Because it's idiotic in concept
>School for becoming clever
It's a designated meme degree for brainlets who can't learn on their own something that grew is a designated passion project sector. It's worse than degrees for game-devs. I'm not even going to waste time typing out explanations.
>native bugs
The fuck are you talking about? This roleplay is getting very dumb.
hell yeah keep proving you're a retard who doesn't know the first thing about real cyber security
i bet you've never opened ida in your life champ
>i like taste of ilfak's cock
just kys
no good alternatives
r2 is garbage
binja might be good in a decade
ghidra is ok but still not great
just pirate ida like every other person on the planet
>just pirate ida like every other person on the planet
>just pirate ida
>just pirate software your work revolves around
the absolute state of """cybersec""" lmao
If you pirate software in 2019 you are a fucking idiot. there is plenty of free and open source software out nowadays, if it's not good enough just buy the fucking software instead of installing ransomware-ridden cracks.
>ida
>cracks
man you kids literally have 0 idea how this field operates
sorry youre open sores shit is garbage
if you're not doing shit professionally there's 0 reason to buy it
obviously i have a real license through my job
Bro I know a thing or two about security, I'm a Certified Ethical Hacker
ok cool that proves that you're incompetent
nice
keep talking like that and ill backtrace u, i know how to install kali
just stop embarrassing yourself and kys already lmao
sure u dont need to check ur training book to figure out how to install kali again?
imagine having certs in 2019 and bragging about it
I'm a security consultant (pen tester), does that count
it's a challenging job as youre exposed to all kinds of systems and youre supposed to be the expert
lmao I bet you don't have any certs. skiddie
lmao i bet you've never found any 0day. skiddie
and how many have you found mr. hackerman?
Are you ever going to get bored of your roleplay?
Are you telling me you doo binary exploitation on the era of webshit and SaaS and somehow you make money?
You still haven't posted one single CVE made by you.
that's classified
>he has no idea how large the vulnerability research field is
>Implying i submit CVEs and don't sell bugs
holy shit you're stupid
you think OSes and firmware are SaaS?
Just keep LARPing bro, if you're lucky someday you might be approached by some random black guy offering you weird pills
>you think OSes and firmware are SaaS?
Of course, and those bugs never get a CVE even if you're working on OS and firmware. You're are really some new level of roleplayer.
Still it goes back to the starting point, operative systems have such a large area of attack that you need whole teams and lots of time to find something.
you're literally so stupid it's not even worth explaining to you how the vulnerability research field works
here's an example for your tiny brain
where do you think eternalblue came from? how much do you think it was worth?
>where do you think eternalblue came from?
Lmao, developed by NSA and "sold" by some tards that didn't get any money because most of the bugs from the package were already patched and nobody cared about the auction, so they had to give them for free. And surprise it has a CVE unlike your super bugs.
the NSA
it was worth whatever the NSA pays the employees who worked on it
>thinking NSA develops all bugs in house
christ you kids are actually retarded
>Why dont you study Cyber security ?`
b-but, user, I did
Bachelor of Science in Information Assurance and Security Management
yeah okay, superhacker
go back to ricing your desktop while blasting shitty 90s techno
Wow, so you're telling me that you sell your bugs to the NSA?
read the shadowbrokers confluence shit champ
I have an IT security degree and it's gotten me everywhere EXCEPT security.
I've done helldesk, desktop support, network engineer, software analyst, sysadmin, but not network security. I almost got a lateral move to network security analyst but then the CIO's son got the job.
Tell me about this; I have an interview coming up for a job that involves penetration testing and I want to sound knowledgable and experienced. I'll give you $10 on paypal for advice.
>I almost got a lateral move to network security analyst but then the CIO's son got the job
should have been a music major
huh what's this
can't believe nobody got punished for fucking over pretty much every adult in america
Open telnet and connect to their email server. They will be impressed.
Just give him a firm handshake, look him in the eye, and say "I'm the man for the job, sir"
The what?
Does not prove that the roleplayer knows shit, and does not prove that eternalblue wasn't created inhouse since equation group != zerodium and obviously not related to TAO.
>The what?
He's talking about the vault 7 leaks from a couple years ago, and calling it something else to sound like some kind of edgy deepweb shit for hardcore hackers such as himself
because I'm not smart...? when you give me the option to either pursue your meme CS degree or gender studies/starbucks what do you think I'm going to take?
shadowbrokers was the group that released it retard
confluence is the wiki that they posted, that had all the info, including their vendor's codenames
i guess this is just too much for retards like you to understand
it literally doesn't matter if eternalblue was sold to them or not, it proves that they're buying 0day, which is what you retards have been trying to argue against
>which is what you retards have been trying to argue against
No I'm not, I'm just making fun of a roleplayer that can't prove that he is selling his big boy bugs.
He said that eternalblue was bought by the NSA and he was proven wrong, hence he is posting nothing but fantasy.
can you prove it wasn't? obviously they're not going to come out and say it, and obviously i'm not going to post a bug i've sold, otherwise i'd never be able to sell another one
you're a fucking retard if you don't think this market exists
Of course nobody is going to buy a bug from someone that makes such wonderful bugs.
>i'm not going to post a bug i've sold, otherwise i'd never be able to sell another one
>m-my girlfriend goes to another school! in canada!
it's not worth arguing with retards who couldn't identify a memcpy if their life depended on it, good luck in your IT jobs making 60k a year
good luck getting a job when you graduate high school in a couple months.
Lmao
>the best in computer science
>only the smartest can complete cyber security
>infosec is BIGBRAIN only
op is a brainlet-manlet with a huge ego
Minimum is a Bachelor degree
god I wish that was me
Motherman
same
ida is for skids
use gdb with no plugins or youa’re a skidd.
I overheard the principal consultants in my office impressed with a recent candidate who went into detail about the different types of XSS there is, and explaining DOM-based XSS, etc. apparently he also knew his shit when it came to TLS-based issues
>Infosec is BIGBRAIN only
lol wut
You know retards straight out of HS can do info sec in the military right?
There are some incredibly smart people in the field but the actual programs for it at colleges attract some of the biggest brainlets
IDA pro is still used to reverse shit because you will be absolutely lost if you try gdb on something made with Codesurfer by Grammatech. Thing is that junk is only ever infecting proprietary software, so I have no interest in it, or any security 'research' really.
Everybody already knows exactly how to make things 'secure'. Nobody wants to pay for it, so instead we have this massive industry of rubber stamping audits for just doing basic things but the whole underlying foundation is insecure anyway.
Tl;Dr look up Ego Homakov, read his thoughts on the absolute shit state of modern security research.
Literally 90% in that industry are fucking moron boomers who just execute a standard pentest and charge companies 50 billion shekels for finding vulnerabilities any decent College kid could point out for a beer and 20$ an hour
What you don't understand is nobody cares if you actually find any vulns. What they care is that you run a huge company claiming to do audits, and then can just advertise the fact that a one week audit totally greenlighted your banking software so users can enjoy the security theatre like advertising. Companies also do this for insurance/litigation reasons, you have a rubber stamp from Optiv or NCC Group and can avoid lawsuits when there's a massive data breach
The whole secIndustry is a pile of bullshit
>Cyber Security is diffi....
oof
this is why selling 0day is the only true security field
Pretty much, though a lot of this is automated these days just extracting control flow graphs and running SAT solvers on them. You can definitely make some pretty secure shit by simply breaking out OCaml but the problem is 99.9% of all our protocols and internet standards are fundamentally insecure, like HTTPS/2 ect.
Another big thing these days I forgot to add is creating a target emulator because Von Neumann architecture is so flawed. Anybody who can write VMs and emulators you could easily get a security job at NCC Group or whatever others these days like some kind of handheld device running a proprietary stack such as an iPhone
That you can find and exploit a vuln and then document how you did it, what you can do with your access, and how to mitigate or fix it.
I can guarantee the retards who get into the infosec jobs are smarter than you
Is new mr robot season out yet?
>finding 0day is harder than ever
You're right, but still not impossible. Thousands, if not hundreds of thousands are found every week. Someone right now is downloading a database full of credit card numbers.
t. university of belfast janitor
So, how do you justify your dept and no prospects of a stable job?
By constantly making these threads.
Kys