We had a bird's eye view on vulnerabilities in general and figured out that "Web Application Security" is probably a good niche for junior security researcher.
We explained:
- Reflected XSS.
- Stored XSS (we explained what Cryptojacking is).
- SQL Injection.
- Command Injection
- CSRF
Know that there're many more such vulnerabilities and that you should definitely check out OWASP's Top 10.
We went through DEFCON, Blackhat and CCC sessions - each found his own
"cup of tea" and explained what they were about - e.g. SS7, HackRF, WPA2 Krack,
Android Exploitation, etc.
We began working on Google's XSS Game and solved the first and second challenges together.
We explained what's reverse engineering and talked about reverse engineering
tools such as IDA, GHIDRA and radare2.
- Crackmes
- Smashthestack
- DVWA (Damn Vulnerable Web Application)
- Hackthissite
There're many more such challenges - just search for them
-
Watch Mr. Robot.
-
Practice with https://www.typingclub.com. Reach at least 55WPM.
-
Prepare a 2-3 mins talk!
-
If you haven't done so already - create a CV using these templates: https://docs.google.com/templates. Bring it to me for review.
-
Start sending your CV to companies! The Job search begins! :)
-
Do Google's Python's Class please try to reach till "Dict and Files".
Copyright 2019 Sagi Kedmi