The way you ask questions is very much appreciated, Your question really clarify all the doubts I never found anyone asking this type of questions in any channel or podcast. Well done.
Focused for all the 47 minutes of the video, I have to rewind several times to soak myself with the information. 3 years ago but still relevant in 2024, Good content is timeless.
Forbidden A good idea, we’ll take a look at that! Also we are considering using discord, but in the meantime you can always contact us at contact@cyberspatial.com
Thanks for another great video! Career changing from accounting to cybersecurity. Typical reactions I always get is "you're crazy for doing that.." lol. Excited for myself and where I will be in a year.
@@Cyberspatialwow, thanks for replying! This might be a long shot but I'll ask anyways. Can/do you interview women in cybersecurity as well? I just love listening to people's journey especially into this field.
incredible interview and great content. Just discovering the world of offsec as a total noob and already into THM and learning python and its all great fun so far
23:29 The way that Wi-fi works is that it connects to the strongest signal. That's fine, but do you not need the password for the original Wi-Fi to conduct the Man-in-the-middle attack? the man-in-the-middle usually would mean that you would connect to they're wi-fi so that you can forward the traffic through it? but would the device connecting already send the key and you would effectively get the password that way also???
Loved your interview and content ❤️❤️. Great content for people who want's to join cybersecurity career path and people who have lack of knowledge about cybersecurity and cybercrime.
I'm in Blue Team now as incident responder. But I want to move to Red team someday. Question I have is: Do Red Team Operators travel a lot for engagements or is it possible to find remote opportunities or even only local opportunities. I'm asking because I'm a more of a family guy but I really want to become a Red Teamer someday.
Awesome, Awesome, Awesome content! Simple and deep at the same time. I thought C|EH was an advanced cert, but now I know it's not as advanced as I thought.
@@Cyberspatial Still a little bit far. I'm only a support technician, but I have a Sec+ scheduled for next week. I'll take eJPT and PNPT next year, not sure if I should try to pivot to Network admin or sysadmin before trying to become a pentester. But I'll shoot for OSCP after having my eJPT and PNPT.
The real challenge for new people to get in to the industry is that there is a huge lack of hands on training and way too much focus on theory and certs. I am trying to break thorough that and I am finding it very difficult . I feel the certs I gain are a true waste of time especially when we need to renew them as well.
getting into bug bounty will help a lot keep in your mind RT focusing on attacking the system and exploiting the vulnerability and bug bounty is best a way to get your hand dirty on real world attack I know many people who become pentester , red teamer etc.. with only bug bounty background , good luck with your journey
hey, for eg. he worked for a month and reported there aren't any vulnerabilities and he got paid his salary. but if somehow someone is hacked into the company and stole data. now won't the company question him like why didn't you reported about this vulnerability and what you tested last month, like?
In that scenario, the burden of fault isn't fully on the red teamer. There's a lot more people that would be on the chopping block first. More often than not, the company doesn't do anything about the vulnerabilities that do get reported. That's why they get hacked. Companies that are very proactive with a good red team tend to be quite successful.
I am going to press X to doubt on that bank story. No major bank would have that vulnerability, without there being some serious legal issues. Even in the earliest days of browsers, there were ways to secure against that type of things, and banks have always used archaic infrastructure for the sole reason that those are easier to lock down. We're talking languages that are so old, that only a handful of people in the world still knows how to use them. And considering that I cannot find any articles about a flaw that massive, I am assuming Chris is talking about the old breakroom myth that is shared among hackers, that back in the 90's. You know, one of those "industry secrets" that some inspirational speaker or older coworker talks about from their own life story, but turns out to be something they had picked up from someone else, who picked it up from someone else, who just plainly lied about it because it sounded plausible. And because of that, I can't take anything else he talks about here seriously. It all just sounds like he's padding his own reputation, because nobody will be able to verify it anyway. So a pro tip is that if you're going to lie about your resume, make sure there's no verifiable information there.
As a dude who worked for the government. Major flaws are often covered up. As time goes on we become sophisticated, so don't be a victim to hindsight bias. Unless you believe a virgin can have child without penetration.
@@dopple420 Oh, yes, I know that. But as a developer myself, I also know these systems. I am very familiar with the systems that have been used as far back as the 70's. And I can tell you right now that no bank in America, EU or Australia has ever used a system with that kind of insecurity. It just wouldn't happen. You may get many websites with that insecurity, especially back in the day, but no banking system. Which is why most banking systems still run software from the 70's and 80's.
@@b3twiise853 pentesters are the forefront of security, the guardians of your personal information. They collect all those silly bugs and make sure the business' server hasn't been affected by them.
Truth is stranger than fiction. Even trillion-dollar companies in the 21st century still make mistakes. arstechnica.com/information-technology/2017/11/macos-bug-lets-you-log-in-as-admin-with-no-password-required/
I'm took B. Sc (forensic science)(cyber security and data analytics), I have one doubt, eitherforensic science means cyber forensic or actual forensic,
Do you need to be great with you're handwriting to become master Red Team. Well I have handwriting which needs it's own analysis like Malware analysis,if you really want to understand it .
You would have waaay more subs if you created content regarding career changers. So much of your content is geared toward "pc lover since i was 9" type of crowd. Well thats all fun and dandy but thats now where all views are.
So...this vulnerability exists...and you don't report it. So...potentially you're finding out that this is a horrible security vulnerability and others could be stealing information same as you, while you do nothing about it until you've done as much damage as possible(which other attackers could be doing)? Nice! Love keeping an insecure system insecure as long as possible.
You report after you dig deeper to find the extent of its impact. This intel is valuable to find more potential vulnerabilities that you wouldn't have found otherwise.
This guy is paranoid. Always has to insert a “theoretically” somewhere in what he says. No one cares dude. Just fucking say you’re a HACKER! it’s a common job.
"operator"? Lmfao , woohoo buckle up here comes the cringe. I'm guessing "the life" is all about bitches wanting him, dudes wanting to be him, and how he thinks everyone sees him as some kinda james bond computer hacker agent..... Theoretically ..
@O B wring, red team ops is the term and its for operations not operator like theyre special forces soldiers, lol. the certification youre talking about is not well respected, its entry level ( quick google will tell you ) and buzz word cert for noobs that think its cool
That handwriting is the writing of a true pen tester.
omg..
Even in mid 2022, this interview is refreshingly relevant and thoughtful - Awesome content, keep it up :)
Red Team sounds like the route for me..I love solving puzzles, detective work and using my analytical skills. Awesome interview.
theoretically FBI! theoretically OPEN UP!
😂
😂😂😂
This is soooooooooo good :) Highly value and appreciate your content.
thanks!!
wtf u talkin about, this is elementary school stuff
@@goranskoc4152 it's perfect for people who don't know isn't it?
This channel is highly under-rated. It deserves way more subs. Your content is very insightful and helpful❤️💯
Appreciate the kind words!
The way you ask questions is very much appreciated,
Your question really clarify all the doubts
I never found anyone asking this type of questions in any channel or podcast.
Well done.
Really appreciate the kind words. Comments like this inspire us to continue what we're doing :)
Focused for all the 47 minutes of the video, I have to rewind several times to soak myself with the information. 3 years ago but still relevant in 2024, Good content is timeless.
Also I would love a video about common cyber security / technical terminology explained and stuff
Forbidden A good idea, we’ll take a look at that! Also we are considering using discord, but in the meantime you can always contact us at contact@cyberspatial.com
Thank you 😅
thank you both. I'm not even a scriptkiddie yet, but learned a truckload of amazing stuff
This was a fantastic video, amazing editing
focused for all 47 minutes of the video thanks for this!
Wow, what a champ! Appreciate it. Thank you :)
Great 1:1 on being a red team operator. Chris needs to watch Mr. Robot.
Thank you!
This content is gold. Learned alot.
Thank you :)
Thanks for another great video! Career changing from accounting to cybersecurity. Typical reactions I always get is "you're crazy for doing that.." lol. Excited for myself and where I will be in a year.
Awesome to hear! Wish you well on your transition :)
@@Cyberspatialwow, thanks for replying! This might be a long shot but I'll ask anyways. Can/do you interview women in cybersecurity as well? I just love listening to people's journey especially into this field.
@@HM-os6wy I'm doing a quick chat with Heather Mahalik tomorrow.
incredible interview and great content. Just discovering the world of offsec as a total noob and already into THM and learning python and its all great fun so far
Thanks and good luck!
This video is theoretically very informational.
Informal *
This is really good. Best "day-in-the-life" type video I've seen.
Glad you enjoyed it!
Love the food analogy! Awesome dialogue. Hoping for more of these!
More to come!
23:29 The way that Wi-fi works is that it connects to the strongest signal. That's fine, but do you not need the password for the original Wi-Fi to conduct the Man-in-the-middle attack? the man-in-the-middle usually would mean that you would connect to they're wi-fi so that you can forward the traffic through it? but would the device connecting already send the key and you would effectively get the password that way also???
You're spoofing a fake access point. Don't need to access the original to MiTM a victim going through your AP.
Currently working as an accountant. I'm working towards my first red team cert eJPT then it's OSCP
Loved your interview and content ❤️❤️. Great content for people who want's to join cybersecurity career path and people who have lack of knowledge about cybersecurity and cybercrime.
Thanks for the kind words, Rajat! Make sure to subscribe to our channel for more content like this. 😊
It definitely is more fun to break things! Very insightful!
When did you start programming?
I started with C at the age of 7
And python at the age of 7 or 8
Awesome to hear!
i started at the age of 19
So now, what's your profession/career, right now?
Bro now what's your job
@@ihsan9407 building a start-up :)
Love the content!!!
Thanks!
this channel is a life saver!
Thank you :)
I'm in Blue Team now as incident responder. But I want to move to Red team someday. Question I have is: Do Red Team Operators travel a lot for engagements or is it possible to find remote opportunities or even only local opportunities. I'm asking because I'm a more of a family guy but I really want to become a Red Teamer someday.
Bro this was very helpful, you've got a new sub!
Thanks! Welcome aboard!
great interview!!
Dude, you have good interviewing skillz!
Thanks!
Great interview.
Thank you so much for these videos!
bubbly asmr thanks for the support!
i appreciate the subtitle!
Glad you find them helpful!
Dude, you'r awesome! Keep it up! Quality content!
Will do! Thanks :)
38:32 that's a motivation right there, thank you for this great content!
Level Up!
Very good interview with informaiton, been wanting to transit to cyber securities field but totally clueless.
Thank you! Hope this video helps :)
OMG thank you for this!!
Love the sewing machine in the background! There is a phenomenal sewing machine museum in Tulsa, Oklahoma on Peoria Ave.
Thanks! Symbolizes hard work and attention to detail. Will check it out :)
Im love ur channel bcz of video quality and content 😻
We appreciate it. Thank you.
Good interview
Very informative, well done!
Thank you!
thats what i call.. " exceptional communication skills "
Thank you!
i need to work on mine
God job; good questions and interesting answers.
Thank you for watching!
Absolutely amazing content 👍
Thank you 🙌
Very helpful
Glad you think so!
exceptional content
Thank you :)
good job 👍 keep up the good work
Thanks, will do!
Awesome talk!
Appreciate your time and attention!
Thank you
So we who have master's degree are doomed if we don't have cert?
Wow great session
Thank you!
nice man enjoyed myself also learned some stuff
Glad to hear!
Awesome, Awesome, Awesome content! Simple and deep at the same time. I thought C|EH was an advanced cert, but now I know it's not as advanced as I thought.
Shoot for your OSCE!
@@Cyberspatial Still a little bit far. I'm only a support technician, but I have a Sec+ scheduled for next week. I'll take eJPT and PNPT next year, not sure if I should try to pivot to Network admin or sysadmin before trying to become a pentester. But I'll shoot for OSCP after having my eJPT and PNPT.
The real challenge for new people to get in to the industry is that there is a huge lack of hands on training and way too much focus on theory and certs. I am trying to break thorough that and I am finding it very difficult . I feel the certs I gain are a true waste of time especially when we need to renew them as well.
getting into bug bounty will help a lot keep in your mind RT focusing on attacking the system and exploiting the vulnerability and bug bounty is best a way to get your hand dirty on real world attack I know many people who become pentester , red teamer etc.. with only bug bounty background , good luck with your journey
Can someone state the certifications he mentionner ?
How do you become one or get an interview for this
We invite guests to share their experiences.
Thanks very helpful 👍
Glad it helped :)
Good info.
Glad you think so!
Awesome interview! Is it possible for someone to enter cybersecurity through the self taught route? A brick and mortar school isn't my thing.
For sure! Self-taught is normally the best way to become skilled in this field
9 months down the line. But if you didn't know some employers hire directly from hackthebox
@@shhs1227 Not too late! Thanks for the info!
How do you feel about Project Ares ??? Do you think its worth it
It's flashy.
Might be worth a shot but there's cheaper alternatives like HackTheBox or TryHackMe.
hey, for eg. he worked for a month and reported there aren't any vulnerabilities and he got paid his salary. but if somehow someone is hacked into the company and stole data. now won't the company question him like why didn't you reported about this vulnerability and what you tested last month, like?
In that scenario, the burden of fault isn't fully on the red teamer. There's a lot more people that would be on the chopping block first. More often than not, the company doesn't do anything about the vulnerabilities that do get reported. That's why they get hacked. Companies that are very proactive with a good red team tend to be quite successful.
@@Cyberspatial Gottcha!!!
This was amazing, many thanks! 1st programming I learned was Basic back in the 80's on a Radio Shack TRS80 or trash80 as we called it LULZ!
You're welcome! I think BASIC was a lot of people's first language! Is Radio Shack still in business nowadays?
I am going to press X to doubt on that bank story.
No major bank would have that vulnerability, without there being some serious legal issues. Even in the earliest days of browsers, there were ways to secure against that type of things, and banks have always used archaic infrastructure for the sole reason that those are easier to lock down.
We're talking languages that are so old, that only a handful of people in the world still knows how to use them.
And considering that I cannot find any articles about a flaw that massive, I am assuming Chris is talking about the old breakroom myth that is shared among hackers, that back in the 90's. You know, one of those "industry secrets" that some inspirational speaker or older coworker talks about from their own life story, but turns out to be something they had picked up from someone else, who picked it up from someone else, who just plainly lied about it because it sounded plausible.
And because of that, I can't take anything else he talks about here seriously. It all just sounds like he's padding his own reputation, because nobody will be able to verify it anyway.
So a pro tip is that if you're going to lie about your resume, make sure there's no verifiable information there.
As a dude who worked for the government. Major flaws are often covered up. As time goes on we become sophisticated, so don't be a victim to hindsight bias. Unless you believe a virgin can have child without penetration.
@@dopple420 Oh, yes, I know that. But as a developer myself, I also know these systems. I am very familiar with the systems that have been used as far back as the 70's. And I can tell you right now that no bank in America, EU or Australia has ever used a system with that kind of insecurity. It just wouldn't happen.
You may get many websites with that insecurity, especially back in the day, but no banking system. Which is why most banking systems still run software from the 70's and 80's.
@@morphman86
Lol why do we need pentesters?
Not questioning your experience or views but there are silly bugs out there.
@@b3twiise853 pentesters are the forefront of security, the guardians of your personal information. They collect all those silly bugs and make sure the business' server hasn't been affected by them.
Truth is stranger than fiction.
Even trillion-dollar companies in the 21st century still make mistakes.
arstechnica.com/information-technology/2017/11/macos-bug-lets-you-log-in-as-admin-with-no-password-required/
Just beautiful
Great vid - But some of the comments... -.-
Beautiful
Thanks!
Red Team sounds fun.
I'm took B. Sc (forensic science)(cyber security and data analytics), I have one doubt, eitherforensic science means cyber forensic or actual forensic,
Learning cyber forensics can probably fund your hobbies better. No reason why you can't learn actual forensics in your free time.
Is he a Filipino-American?
No, he's not.
Sorry I'm late! Thanks for waiting for me!
Ps you started off awkward af but finished strong. +1 sub +1 ding
Haha very first interview always awkward.
"type thing" -Chris M.
Theoretically anyone watching this video is now on a FBI hacker list.😂
I see that sacred geometry in the back 👀 tryna decode the universe ?
Just watched this was absolutely inspiring has that guy got any content out you could learn from or follow him his a mystery lol
Chris had requested the title redaction shortly after uploading. Quiet professionals like to keep low profiles.
Who is blue team?
People who defend. Check out the SOC Lead interview! 👉 th-cam.com/video/5oGQNu4CJL8/w-d-xo.html
Do you need to be great with you're handwriting to become master Red Team.
Well I have handwriting which needs it's own analysis like Malware analysis,if you really want to understand it .
No, it's definitely not required to be a master. ☺️
This man is the real Eliot Alderson.
There's many out there.
Someone please tell this guy about the word “hypothetical”
I'm sure he knows what it means. Humor comes in different forms.
Is this an IA or is it just meee
You would have waaay more subs if you created content regarding career changers. So much of your content is geared toward "pc lover since i was 9" type of crowd. Well thats all fun and dandy but thats now where all views are.
Thanks for the input. At some point, the career changers want to get insights from the "pc lover" crowd too!
wow
Thanks!
What the fuck kind of bank did this? What country?
So...this vulnerability exists...and you don't report it. So...potentially you're finding out that this is a horrible security vulnerability and others could be stealing information same as you, while you do nothing about it until you've done as much damage as possible(which other attackers could be doing)? Nice! Love keeping an insecure system insecure as long as possible.
You report after you dig deeper to find the extent of its impact. This intel is valuable to find more potential vulnerabilities that you wouldn't have found otherwise.
I hacked modems...
Do not cheat with the Secretary!
"im a white hat right now..." emmmm what about later???
Nice! I finally got the 1000th like on a video. The downside is the total of comments is 69, and I'm going to ruin it.
Legend!
I am certain this is AI... a quick Google search and a bit of OSINT shows this guy as an absolute ghost, lol his image doesn't even show up... 😂
Is this guy the not so Civil Engineer?
interviewer needs to write these questions down before hand. He is a bit awkward.
SOF
PS that's called calligraphy- intentionally stylized handwriting.
I'm evil and I love it!
Evil in a good way.
What’s a red team operator?? Lol
That into was jarring as fuck. The video just opens on a random sequence sentences. I almost didn't watch the video.
Glad you did though :)
This guy is paranoid. Always has to insert a “theoretically” somewhere in what he says. No one cares dude. Just fucking say you’re a HACKER! it’s a common job.
Wtf. Your own digital security? How about dont use gmail. Lmfao 42:00
Gmail has great security. Don't know what you're laughing at.
@@Cyberspatial gmail has zero security from google.
@@hmain6753 Are you sure? So what do you suggest as a better provider for email?
Too much of your face.
"operator"? Lmfao , woohoo buckle up here comes the cringe.
I'm guessing "the life" is all about bitches wanting him, dudes wanting to be him, and how he thinks everyone sees him as some kinda james bond computer hacker agent..... Theoretically ..
@O B wring, red team ops is the term and its for operations not operator like theyre special forces soldiers, lol. the certification youre talking about is not well respected, its entry level ( quick google will tell you ) and buzz word cert for noobs that think its cool
@O B your reading comprehension is poor.