A Day in the Life of an Ethical Hacker / Penetration Tester

แชร์
ฝัง
  • เผยแพร่เมื่อ 20 พ.ย. 2024

ความคิดเห็น • 317

  • @TCMSecurityAcademy
    @TCMSecurityAcademy  3 ปีที่แล้ว +21

    I hope you enjoyed this video! If so, please consider dropping a like and subscribing.

    • @moesparc
      @moesparc 3 ปีที่แล้ว +1

      As a pen tester are you forced to travel a lot. I worry about starting a family in the future and being away from home often.

    • @admajoremdeigloriam7772
      @admajoremdeigloriam7772 2 ปีที่แล้ว

      What is the difference between TCM academy and a cybersecurity boot camp?

    • @MakingworldBetter88
      @MakingworldBetter88 2 ปีที่แล้ว

      @@moesparc 7777777777777777777777777777777777777777777777777777777777777777777777777777777777777&7777777777777777777777777777777777777

    • @edmondkovacs6327
      @edmondkovacs6327 2 ปีที่แล้ว

      Hey bro how can I talk you privately

    • @profesurtom
      @profesurtom 4 หลายเดือนก่อน

      @@moesparc hey two years ago you commented . i am 17 yr old and dont want to have a problem of family too.
      please can you tell me if you are a pentester now that we get a problem of travelling or not?

  • @Jfigueroa43
    @Jfigueroa43 5 ปีที่แล้ว +294

    Can you make a video on how you personally got to the position you are in now? Like how did you get started? What were your first steps personally? What do you recommend for the upcoming generations?

    • @ultimitham
      @ultimitham 5 ปีที่แล้ว +9

      Love to see this

    • @joverflow1050
      @joverflow1050 5 ปีที่แล้ว +82

      Jfigueroa43 Hi,
      I might no be at his level but I do work as a penetration tester as well. What I can say to get started is watch videos on youtube related to hacking. Then if you have money maybe go for OSCP you’ll learn a lot from it. If knowledge is not enough try elearnsecurity first it was good as well highly recommended. Penetration Testing is huge I mean it have many fields as well, although idk if they call it as a field but what I’m trying to say is look for something also where you want to focus first whether it is on web app, sysytem/network, mobile, etc.. For example, focus on webapp pentesting first then you’ll learn to do other stuff along the way. Good luck and never stop learning :)!

    • @monchurmiah1229
      @monchurmiah1229 5 ปีที่แล้ว +11

      @@joverflow1050 Hi i realy like your comment i am student in cyber security winch is a ethical hacking i am bit shy about my course by college did not tech me any coding as u say Ur a hacker or pen tester can you tell me do i need to know coding most for pen testing job thank you it is will be helpful if u reply back kindly.

    • @episode6815
      @episode6815 4 ปีที่แล้ว +2

      @@monchurmiah1229 You do.

    • @a1kev
      @a1kev 4 ปีที่แล้ว +2

      Zero Thanks for the insight man.

  • @daslyn3854
    @daslyn3854 2 ปีที่แล้ว +4

    I just signed my offer letter as a Junior Pen tester! So excited to start!

    • @tracyracy
      @tracyracy 2 ปีที่แล้ว

      How are you enjoying the job?

    • @samhoho8113
      @samhoho8113 9 หลายเดือนก่อน

      How are you enjoying the job?

  • @lelouchvibritannia4495
    @lelouchvibritannia4495 5 ปีที่แล้ว +221

    This guy's got RGB fans and a Bugatti Chiron in the background... That's how you know this profession makes money.

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +50

      Well, a miniature model because the real thing will never happen :)

    • @AniruddhPatil03
      @AniruddhPatil03 4 ปีที่แล้ว +11

      @@TCMSecurityAcademy I hope 1 day it will be happen.

    • @thedarkthrone4699
      @thedarkthrone4699 4 ปีที่แล้ว +3

      You do realize you just cursed yourself?

    • @unite527
      @unite527 4 ปีที่แล้ว +2

      @@thedarkthrone4699 he cursed himself a year ago

    • @bertmeza8673
      @bertmeza8673 3 ปีที่แล้ว +2

      The salaries of this field are insane, they range from the 6 figure range and I have met people making up to 200k pending their knowledge and experience in this field.

  • @somelazyimp
    @somelazyimp 4 ปีที่แล้ว +12

    I enrolled in College for a Cyber Security degree and I haven’t been sure if it was the degree I’d like to run with but after this, I’m sure that I want to work as a Pen Tester. Thank you so much for this video

    • @batalorian7997
      @batalorian7997 2 ปีที่แล้ว

      hows it going so far?

    • @somelazyimp
      @somelazyimp 2 ปีที่แล้ว +2

      @@batalorian7997 well so far I’ve had to delay multiple times from catching COVID, I have COVID again currently 😅

  • @hxmo656
    @hxmo656 5 ปีที่แล้ว +66

    Amazing insight into the field! Definitely makes me want to work even harder to become a PenTester

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +12

      Thank you for the constant support, hxmo

    • @nicolaspope5599
      @nicolaspope5599 ปีที่แล้ว

      Did you ever get into it?

    • @hxmo656
      @hxmo656 ปีที่แล้ว

      @@nicolaspope5599 yes, been working as a Pentester for over 2 years now, thanks for commenting this brings back so many memories wow
      Got my OSCP in 2020

    • @hxmo656
      @hxmo656 ปีที่แล้ว

      I can also confirm this is an accurate summary of a pentesters daily life lol

  • @haize198
    @haize198 4 ปีที่แล้ว +2

    The BEST MENTOR I HAVE COME ACROSS. I am soo glad I found you.

  • @PrincePalmUwU
    @PrincePalmUwU 2 ปีที่แล้ว +1

    that's pretty awesome! you're not just working in one field you're working in multiple fields. I like that! i'm not always stuck with just one same job.

  • @bobthompson2776
    @bobthompson2776 4 ปีที่แล้ว +2

    I've watched a few videos and you do a great job of defining Purple Teams as Red + Blue teams, but you never define Red or Blue teams. I presume one team attacks the other's network, but it isn't obvious to someone watching to learn about pentesting with absolutely no background because the boss tossed a post it on their desk late Friday that reads, "Hey, we need the new web app pentested. We're going live Monday." Otherwise, very much enjoying the 15 hour course and learning enough to ask better questions, which is fantastic. Thank you for sharing this.

  • @agb2329
    @agb2329 2 ปีที่แล้ว

    Didn't realize this was an older post. It made excited to see your 4,000 subscribers turned into 286,000!

  • @friedmystery9123
    @friedmystery9123 5 ปีที่แล้ว +5

    I don't know if this intro is new since I came for the zero to hero pentesting but if it is new then congrats and I really like it.

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว

      Intro has been around a little bit, just not on the zero to hero vids. Glad you enjoy it!

  • @STYLUS_EDM
    @STYLUS_EDM 2 ปีที่แล้ว +1

    Really enjoying your vids. Its honest and it's to the point. People ask to subscribe before videos but its drawn out and annoying. You are to the point with no over done intros lol. You do it without acting either. You do it like it's done in reality. Well done. Keep it up.

  • @gmartinez5760
    @gmartinez5760 5 ปีที่แล้ว +2

    Just found your video and it gave me an insight into my future career once I am done with my master degree in cyber security network operations.

  • @danieltr94
    @danieltr94 4 ปีที่แล้ว +1

    I've been a System Administrator for 7 years with the DoD and I was looking on changing over to become a Pentester. It is something I've always had a passion for growing up and was wondering where I should start in regards of getting a job. I have A+, Sec+ and Linux+.

  • @skeppy8925
    @skeppy8925 3 ปีที่แล้ว +2

    Going to a cybersecurity bootcamp soon, and after gaining my experience + certs + even more learning, I hope I can become a Pen Tester. Love the video

    • @moodz271
      @moodz271 2 ปีที่แล้ว

      We need a update

    • @skeppy8925
      @skeppy8925 2 ปีที่แล้ว +4

      @@moodz271 Well I finished my bootcamp in November 2021, and I just passed my Sec+ cert this week. Looking at this comment I left months ago made my day from the progress I've made since then lol

    • @tracyracy
      @tracyracy 2 ปีที่แล้ว +1

      @@skeppy8925 !!!! Congratulations

    • @awesomemikeinc
      @awesomemikeinc 2 ปีที่แล้ว

      @@skeppy8925 congratulations bro. Hope the journey has been enriching?

  • @louiem5985
    @louiem5985 5 ปีที่แล้ว +7

    This was a good video. I think the only thing I'm a little scared of talking to a group of people, plus writing reports. I know that's part of the job of being pentester. Keep up the group videos.

  • @kusapaul2336
    @kusapaul2336 ปีที่แล้ว

    Am really enjoying this journey since i started following this channel. God will surely bless Adams in multiple folds. Am just a beginner but looking forward to becoming like him someday. I really admire your career.

  • @kw8538
    @kw8538 5 ปีที่แล้ว +27

    LEDs... so hypnotic O.o.O.o

  • @thegripmaster666
    @thegripmaster666 4 ปีที่แล้ว

    The idea about using drones to survey the site, that's awesome. Never crossed my mind

  • @Liryn
    @Liryn 4 ปีที่แล้ว +3

    Hi, I am here because a friend of mine told me about you. Nice videos.

  • @andyd1805
    @andyd1805 4 ปีที่แล้ว

    Damnnn Black and Blue Bugatti Chiron huh, mans out here FLEXIN

  • @omermujtaba6511
    @omermujtaba6511 5 ปีที่แล้ว +38

    Hey awsome video 👍 Can you guide us on the certs and their importance?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +6

      Thank you. Check out this video for that: th-cam.com/video/MM7qPnJSnLQ/w-d-xo.html

  • @jahangirakbar4524
    @jahangirakbar4524 4 ปีที่แล้ว +1

    After one year now he have 141k Subscribers. Great 👍

  • @BoBch97
    @BoBch97 5 ปีที่แล้ว +6

    Great video with lots of useful info. Quick question from someone who's interested in starting out - can you dive straight into testing web apps, without any previous pen testing experience, or is it better to firstly start off with networks?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +5

      Yes. Web apps are their own separate thing. A lot of similar methodology, but the tools and exploits vastly differ. There are people who only know how to do web apps, for example

  • @Hezz3y
    @Hezz3y 4 ปีที่แล้ว +1

    The physical part of it sounds like a lot of fun I’d take those jobs

  • @jacoels2712
    @jacoels2712 5 ปีที่แล้ว +4

    Great video, If you need a idea maybe focus on making that magical connection from external to internal networks, I understand what you said about credential stuffing and possibly coming over a vpn but if that is not possible what do you do social engineering or physical pentesting? Try and expand on that? I am not sure if I missed the video, I still need to watch all of your training video.

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +2

      Thanks for the ideas :) I do have a couple of videos discussing credential stuffing and alternative ideas. In most assessments for an external, social engineering is out of scope. That and physical pentesting fall under their own category unfortunately.

    • @jacoels2712
      @jacoels2712 5 ปีที่แล้ว +3

      @@TCMSecurityAcademy I am in charge of our cybersecuriy and wow everything can be so overwhelming, I am studying evey min I can if I am not busy responding or investigating alerts from our SIEM/AV/Firewall your vids is helping allot.

    • @jacoels2712
      @jacoels2712 5 ปีที่แล้ว +1

      Your Purple teaming idea has opened a new way of thinking.

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +1

      Thank you for the kind words sir. I really appreciate it

  • @KaanAkkoyunlu-b9u
    @KaanAkkoyunlu-b9u 2 หลายเดือนก่อน

    great video, cleared a lot of questions I had. Thank you so much and keep up the good work

  • @chrisamelio1
    @chrisamelio1 5 ปีที่แล้ว +26

    I’ve always been interested in pentesting and cyber-security overall, I’d say it’s my passion and know a little bit of it. I went to college for IT Engineering but I decided to drop it after 3 years since it was not giving me the tools I needed and just felt like I was wasting time I could spend learning new stuff or working and saving money, plus it was outside the US and it was not the level of knowledge I thought it would be. It’s been almost a year, I’m in the US, I’m 24, I have a decent job in Marketing as a PPC Analyst but I still think about it on a daily basis if I should still aim for a job like this. My question is, do you think it’s too late to get in the field? Do I need a degree or can I work in strong certifications to get a good job in it?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +34

      It's never too late. Check out my story: veteransec.com/2018/09/11/how-i-landed-my-first-infosec-job-in-a-competitive-market-advice-and-takeaways/. I left accounting at 26 and worked my way into cybersecurity. I make close to triple now in 3 years. If you work hard and stay motivated, nothing can get in your way. A degree doesn't matter if you have the knowledge.

    • @reda4632
      @reda4632 5 ปีที่แล้ว +9

      It's Never too late

    • @bakemonodesu103
      @bakemonodesu103 5 ปีที่แล้ว

      ...Never

    • @MrKnockout66
      @MrKnockout66 5 ปีที่แล้ว

      @@TCMSecurityAcademy do you have a degree? Certs? I am just getting started and am wondering what is the best path

    • @vexifyonipad7281
      @vexifyonipad7281 5 ปีที่แล้ว +1

      Would you say you regret going to college was a waste of time and money?

  • @orca2162
    @orca2162 4 ปีที่แล้ว

    Keep up the good work, understand you are now chasing paper, enjoy, have fun

  • @dankmemes7658
    @dankmemes7658 5 ปีที่แล้ว +12

    out of curiosity is penetration tester the same thing as a security engineer?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +15

      Titles are kind of overrated. It's more about the job description. Typically, no. However, I know people working as security engineers who do pentesting.

  • @treyv6804
    @treyv6804 4 ปีที่แล้ว

    Great to have people like you guys in this world.

  • @grippysockgf
    @grippysockgf 4 ปีที่แล้ว +17

    Working on my CCT and CCNA, also an A+ cert then some python and a degree in Network Administration, I really like the idea of trying to crack stuff... what should I do next education wise

  • @SgtArmstrongX
    @SgtArmstrongX 3 ปีที่แล้ว

    Been watching a few of your vids, as I listened to this one I like how you went on a random rant about your cat! Subscribed

  • @BoricuaFez
    @BoricuaFez 5 ปีที่แล้ว +6

    Great video! A lot of good information.
    Recently purchase Burp Suite to expand my technical skills.

  • @AlghostUnit
    @AlghostUnit 2 ปีที่แล้ว

    I don't understand why everyone seems to dislike making the reports... To me it seems fun and badass to make the assessement of the hacks that you did during your journey and the results, as much fun than doing the actual hacking work lol

  • @MrRiddler12a
    @MrRiddler12a ปีที่แล้ว

    Amazing the difference 4 years make

  • @markooo4429
    @markooo4429 5 ปีที่แล้ว +4

    Excellent video. What is the day like when you don't have an engagement, what do you do, do you get paid for those days or only per engagement?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +12

      Ah, I knew I left something out! We call that "bench time". Yes, we still get paid. Perfect time to write a blog, study for a cert, read some news, build a new tool, etc. :)

    • @aviralrastogi
      @aviralrastogi 5 ปีที่แล้ว +6

      @@TCMSecurityAcademy or make a cool video helping others!

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +5

      That too :)

  • @sd-sre
    @sd-sre 4 ปีที่แล้ว +4

    Thanks for making all this content. For people like myself it's invaluable.

  • @chicconumber1
    @chicconumber1 4 ปีที่แล้ว +1

    Hi, I'm an aspiring Pen-tester. I would like to know more about Penetration Testing job. Do you usually work alone or do you have a pentest team. One more question, as a pen-tester do you have to know how to pen-test into everything... lets say, the network, software, system, people (social engineering) or is this divided into the teams?

  • @Neox9114
    @Neox9114 5 ปีที่แล้ว +4

    do you travel a lot to do on location assessments? Great Vid Btw!

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +4

      No I work remote unless absolutely impossible to do so

  • @AwesomeMrT-007
    @AwesomeMrT-007 2 ปีที่แล้ว +1

    Hi. Excellent video and info; Appreciated. I am in a very high paying IT field but want to transition in to CyberSec and create a company to do so (like I have done in the afore-mentioned field). However the bottom line dollar amounts will dictate if it is feasible.
    - Could you please give us an idea of what the industry average is for the 40hr assignment you mention (what range is feasible to charge the client)
    - how does one find clients initially?

  • @amandas.7546
    @amandas.7546 5 ปีที่แล้ว +4

    Great video! Do you have any advice as to how to set up a resume for a starter in this career? I did my masters in Digital Forensics and wrote a sample thesis for WiFi Penetrating Testing. I don’t exactly have to much work experience in this career, but everyone (those who are in this field of work) keeps telling me I am a great candidate for this career.

  • @onlylikenerd
    @onlylikenerd 5 ปีที่แล้ว +3

    Thank you for this video. I'm a junior in University majoring in Cyber security. This year I plan on (hopefully) getting an internship. My ultimate goal is to be able to work from home, so hearing that's what you do is reassuring. Do you set your own schedules? I'm more of an early bird so I like to begin my work around 4 a.m or 5.

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว

      I set my schedule around my clients, which is pretty flexible

    • @bebetonseyani2801
      @bebetonseyani2801 2 ปีที่แล้ว

      @@TCMSecurityAcademy looking for a mentor

  • @CristiVladZ
    @CristiVladZ 5 ปีที่แล้ว +3

    Very informative Heath. Thank you!

  • @ampzeehd740
    @ampzeehd740 4 ปีที่แล้ว

    At the external penetration section you are talking about network pentesting. Does that mean that you are trying to break in or find vulns on wi-fi networks? Or do you mean like a server? Can a server be considered as a network?
    Btw nice and informative video :)

  • @Actechnologys
    @Actechnologys 3 ปีที่แล้ว +1

    Bro make a video on bsc cybersecurity and it's syllabus

  • @boblegree1213
    @boblegree1213 5 ปีที่แล้ว +2

    Thanks for the video, i also read your story and found it fascinating how you left accounting to get into IT. Very motivational since i'm in a similar fork in my life, and am about to pull the trigger on switching careers. You said you landed a help desk job by convincing them you're worth training; any tips on what certifications or skills i should acquire in order to land a help desk job? I don't have anything on my resume to show for (construction work for 10 years), but i have a lot of time and dedication.

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +4

      Thanks. I didn't have any skills or certifications. Just confidence that I could do the work, which I think helped. You have to find someone willing to take a chance on you. If you want a leg up, the A+ will help immensely with your basic computer knowledge and troubleshooting skills. It will also help land an entry level job.

    • @boblegree1213
      @boblegree1213 5 ปีที่แล้ว +1

      @@TCMSecurityAcademy got it, people were saying the a+ is unnecessary but for someone with no experience i think its better than nothing. And i know every jobs has its hardships, but are you satisfied with choosing cyber security in the IT field, or would you take a different path looking back on it

  • @ladyhaze7016
    @ladyhaze7016 3 ปีที่แล้ว

    You’re living my dream life!

  • @Andrei-ds8qv
    @Andrei-ds8qv 3 ปีที่แล้ว

    17.00 you made me laugh so much with the consideraions about the cat 😂😂😂

  • @davyrogersuk
    @davyrogersuk 5 ปีที่แล้ว +4

    Beautiful... this was a super good video.

  • @giorgiocelestre6801
    @giorgiocelestre6801 2 ปีที่แล้ว

    Hi, thank you for your awesome content, is your course for ethical hacking (the 25hours one) ok for completely newbies, please?

  • @jb-hz9of
    @jb-hz9of 4 ปีที่แล้ว

    Hey, what a great course you have on Udemy. With you working remotely what sort of machine spec do you send your client and what sort of software do you have to call home on? Do you work on the remote machine or do you proxy chain your traffic from your machine to the remote machine?

  • @aleksandarrikic9208
    @aleksandarrikic9208 4 ปีที่แล้ว +5

    Hi there! Im currently finishing up my comptia security+, looking to get into entry level security first. I always wanted to be pen tester. Im sure once I get experience in security I will move forward into ethical hacking.
    Question: my goal is to work on remote access and travel the world. Is that possible or difficult to achieve as security analyst or ethical hacker? Thx in advance.

    • @Haidderispro
      @Haidderispro 2 ปีที่แล้ว

      Bro this is the most relatable comment I've seen in a long time. I'm literally finishing up my security+ exam and planning on taking the test in the next 2-3 weeks. And I'm planning on getting into entry level security and am Interested in pen testing as well. I also have the same dream/plan to work remotely while traveling to different countries. Did you figure out more about this and do you know how it works?

    • @aleksandarrikic9208
      @aleksandarrikic9208 2 ปีที่แล้ว

      @@Haidderispro I actually got the job in cyber security 13 months ago. So far they don't let me work remotely due to security reasons. At this point I am not sure if it's possible to work remotely in cyber security somewhere else. I think coding is easier to work on remote access.

    • @Haidderispro
      @Haidderispro 2 ปีที่แล้ว

      @@aleksandarrikic9208 Thanks for the response and I was thinking that could be a possibility. I know people who work remotely but don't know if they can work outside the country. Maybe its dependent on the type of company though.

    • @aleksandarrikic9208
      @aleksandarrikic9208 2 ปีที่แล้ว

      @@Haidderispro on top of everything cyber security is very stressful and boring. be well aware if you wanna step into this.

  • @optimisticblackorange
    @optimisticblackorange 4 ปีที่แล้ว

    Thanks for the Vid! I have just started programming and currently learning python, I have gone through quite a few tutorials and a lot of people have been suggesting to me that I should start a project asap so that I can try and apply what I have learnt so far into making something practical. I have been thinking for a while now whether I could start a project related to cyber security as this is the field that I am more interested in. What do you think? If you think that it's not half bad of an idea, would you mind suggesting a couple of feasible projects ideas? Thanks Cyber Mentor!

  • @uti894
    @uti894 2 ปีที่แล้ว

    Can you switch from software testing to penetration testing? What would be the first steps, courses or is there a course that covers the main subjects and includes certification?

  • @wambamcamcam
    @wambamcamcam 2 ปีที่แล้ว

    I threw all your recommended books into an Amazon shopping list. Working on my eJPT and I feel like there's a lot I still just don't know. Just tired of being n00b and I want to be at least decent before my 30th bday...
    Now my only question is whether I should get all physical copies or should I get a Kindle and put them on there...?

  • @grayson1200
    @grayson1200 2 ปีที่แล้ว

    Thanks for a great video! Super informative!

  • @GeekyGizmo007
    @GeekyGizmo007 5 ปีที่แล้ว +1

    Do you vpn into a shared workspace from home and then do assessments into client networks from there? Or do you use your own tools on your rig and vpn into client's network(for inteneral) and do your assessments?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +3

      No either the client whitelists my IP (external testing) or I send a machine and remote into it. The machine automatically phones home on a VPN.

  • @donniedarkodies
    @donniedarkodies 5 ปีที่แล้ว +2

    Hey dude, since you took the WAPT course lemme ask you something! I just started my journey trying to change careers and I'm doing the PTS while also following your series and reading a book here and there. Ideally I'd love to do both PTP and WAPT afterwards, but money and time being an issue, what do you reckon would be the best next step? Web apps pentesting seems a bit more promising money-wise, but being well rounded is also pretty nice. PTP apparently goes into web pentesting as well, but I'm not sure how deep or how the two courses overlap. Maybe taking the PTP and reading The Web Application Hackers Handbook is enough to kickstart a career? Anyway, haha, I'm writing too much already. Would love to hear your ideas! Thanks :)

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +3

      Howdy. Start with PTP and build a hacking foundation first. The web app can come later. I think doing PTP + WAHH is a great idea. If you're passionate about web apps after that book, give the WAPT a go. It's a fantastic course, but definitely get some general pentesting chops first.

    • @deansmith2012
      @deansmith2012 5 ปีที่แล้ว +1

      Yeah I agree with TCM, I passed my PTS and then moved straight on to OSCP and just grinded and eventually passed. I'm now doing PTP and find it sooooooo useful! There's so much in PTP that can be put to use in real pentest engagements

    • @sqari4536
      @sqari4536 4 ปีที่แล้ว

      I just recently started my course in cyber security, not much fun just all theory. I really like what you do and what would your advice be for starter pen tester?

  • @justinheehaw
    @justinheehaw 4 ปีที่แล้ว +1

    I'm getting into your Udemy course!

  • @leo-k1m4g
    @leo-k1m4g 4 ปีที่แล้ว

    I may have missed it but how important is Wireshark or a packet analyzer to your assessments? I couldn't imagine not firing Wireshark up when doing an internal pentest at least

  • @mf-11111
    @mf-11111 ปีที่แล้ว

    thnks you so much! it was motivational for me and also informative too. Great video

  • @jpineda79
    @jpineda79 2 ปีที่แล้ว

    Hi, as beginner in cybersecurity, how do you setup your laptop? How do you secure it from being hacked?

  • @nenitabalahibo6473
    @nenitabalahibo6473 4 ปีที่แล้ว

    Security Researchers have a lot of hacking tools... And those tools are used by Black Hackers as well.

  • @harishsharma9621
    @harishsharma9621 5 ปีที่แล้ว +2

    On the video with Chuck you mentioned that you worked at a help desk early on in your career, how long did you do that for?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +1

      About a year and a half. If you're curious about my journey into infosec: veteransec.com/2018/09/11/how-i-landed-my-first-infosec-job-in-a-competitive-market-advice-and-takeaways/

  • @justinboudreau6362
    @justinboudreau6362 5 ปีที่แล้ว +3

    Subscribed, SMASHED the like button.

  • @sureshchand1131
    @sureshchand1131 4 ปีที่แล้ว

    Your cpu is mind blowing and terrible monster thing awesome

  • @karthibalaji3817
    @karthibalaji3817 5 ปีที่แล้ว +6

    Great info buddy!

  • @paulseldn
    @paulseldn 4 ปีที่แล้ว

    Very informative Keith..Many thanks :)

  • @柯旭鴻
    @柯旭鴻 4 ปีที่แล้ว

    Too bad the coupon has expired. Would love to enroll in your Udemy course to learn the hacking techniques

  • @Zerael071
    @Zerael071 3 ปีที่แล้ว

    For someone starting off in school on this path, do you think it’s better to have a windows computer or MacBook?

  • @idk-pf8du
    @idk-pf8du 5 ปีที่แล้ว

    Would you say you enjoy your job? Do you work for a company that contracts you to other businesses? Like do you have to travel to businesses around the area

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +1

      I work for myself now and I did enjoy my job at the time of the video. Companies pay to do pentest work as a consultant not a contractor (in my work experience). I did not travel much and now only travel if the client wants me there. Usually they dont want to front that bill :)

  • @Ps3JessicaBr
    @Ps3JessicaBr 3 ปีที่แล้ว

    I think I saw you in a Linux course, are u a teacher? The content was amazing I’m pretty sure it was you XD

  • @youtrip1037
    @youtrip1037 3 ปีที่แล้ว

    what laptop do you recommend for a part time pentester and cyberseucurity professional

  • @jaydeecrous4404
    @jaydeecrous4404 5 ปีที่แล้ว +4

    Hey man i had to drop out in highschool becuase of personal reasons i dont have my grade 8 or amything im supposed to be in grade 10 this year and i want to become a pen tester its always been a goal of mine i bought 2 courses of of udemy and i was wondering am i able to get a job as a pentester without school ... if so i want to do it online cuz i live in south africa and there arent alot of jobs here so could i work overseas from here in sa and where do i look for jobs its alot to ask im just wondering and also do i have to freelance and look for clients or do i work for a company

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +4

      Is it possible? Sure. It's going to be an uphill battle though. You're going to have to prove you're knowledgeable on the topic and have the drive to stay focused and finish tasks at hand. School is only partly for education. It also shows you're able to finish what you started. I don't know your situation, so just focus on being the best version of you that you can be. Start working on Hack The Box and other cheap resources. If you can get to a really high level, even Omni, you might get taken more seriously through their job boards. That's just one thought path. There are many avenues in, but they all consist of hard work. Remote is also possible with a ton of patience and good skill level. It will be hard to obtain as a first job, but it's possible because I did it :)

    • @jaydeecrous4404
      @jaydeecrous4404 5 ปีที่แล้ว +1

      @@TCMSecurityAcademy thanks man i was worried i have money saved up for couses i just wanted to know if its possible aprecuate it man im subbed now :)

    • @jaydeecrous4404
      @jaydeecrous4404 5 ปีที่แล้ว

      A video idea maybe is to show wbat is required to be a pentester what knowledge is required i jave been messing with linix since i was 13 its just a idea if youre interested

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว

      @@jaydeecrous4404 You mean....like this one? th-cam.com/video/MM7qPnJSnLQ/w-d-xo.html :)

  • @DDBAA24
    @DDBAA24 5 ปีที่แล้ว

    Alright this is definitely not the question I want to ask you but when you mention your Alfa card, you also say GPS dongle ? I just wanted to know the uses of a GPS dongle on an internal/external pentest ? I still have another important question for you , its about my career. Is there an inbox where I can send you a short message ? Its not crazy personal or anything I just do not feel comfortable putting information like that on TH-cam. Thanks

  • @niclorenzo2603
    @niclorenzo2603 4 ปีที่แล้ว

    Great video bro!

  • @fightforfreedom21
    @fightforfreedom21 2 ปีที่แล้ว

    Hi, what type of certificate do you recommend to take and if they are necessary

  • @dannylee9639
    @dannylee9639 4 ปีที่แล้ว

    Simply put... Thank you

  • @ketonicm8504
    @ketonicm8504 3 ปีที่แล้ว +1

    Is it a relaxing job? (Apart from the report writing) Sorry if the questions sounds dumb but while you descibe everything you do in the video, one can't see you doing it and it's still hard to imagine how a day of you/ a pentester actually looks like :/

    • @vel6979
      @vel6979 3 ปีที่แล้ว

      That looks far from relaxing. You want relaxing be a lifeguard.

  • @Eddini
    @Eddini 3 ปีที่แล้ว

    What's your favorite password cracker ? I'm definitely no hacker but I here Cain and Abel is great as you can test for a MITM attack, arp poisoning ...etc. Also what DoS [Denial of Service] tool do you prefer most to see if a client has good DoS mitigation ?

  • @r00tginger
    @r00tginger 5 ปีที่แล้ว

    With you working from home primarily how do you go about wireless assessment? Do you deploy a machine and network card to the client site and remote into it?

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว

      I usually go on site for a wireless, but we are starting to figure out that even that can be done with a deployed machine. :)

  • @psychorockz123
    @psychorockz123 4 ปีที่แล้ว

    Could you please share the checklist that you use?

  • @theodore2067
    @theodore2067 5 ปีที่แล้ว +3

    Do ethical hackers need to know programming languages? It's kinda like my fear..

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +11

      Nah. I'm a terrible coder. It helps, certainly. At minimum, you should understand coding concepts and logic, but you don't have to be a full on dev to be successful. Start with Python and go from there

    • @theodore2067
      @theodore2067 5 ปีที่แล้ว

      The Cyber Mentor good to know, and yes I’m pretty sure I know most concepts. im thinking about getting an ethical hacker certification from a boot camp. Do you think employers would like to see that on a resume? I’ve hear programmers from boot camps are particularly lucky.

    • @ivachaspati
      @ivachaspati 5 ปีที่แล้ว

      @@theodore2067 how you get job.
      I mean what kind of job.

  • @nelk28
    @nelk28 5 ปีที่แล้ว +2

    hey great content in your channel new sub here!...one question im gonna take your zero to hero course but i'm trying to hackthebox do u think i can get it? or i need to study more from some books? ....i'm gonna try to do this as my main job and thanks again!....sorry for my english i'snt my native language saludos from venezuela!

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +2

      Put in the work and anything is possible my friend

  • @hxdaro
    @hxdaro 4 ปีที่แล้ว

    How much traveling does the average pentester do? I'd want to be a consultant for different companies!

  • @sd3116
    @sd3116 4 ปีที่แล้ว

    What's your opinion on becoming a pen-tester with automated pen-testing emerging. Companies would want to purchase a.i testing as it's faster, makes less mistakes than humans and is a 1 off cost in some cases. Is the future of pen-testers doomed like factory workers? Software from companies like pcysys/netsparker

  • @voidhorizon7406
    @voidhorizon7406 4 ปีที่แล้ว

    For physical Assessments, social engineering, won't the workers know who you are or is it a freelance job?

  • @vinodvasudevan9638
    @vinodvasudevan9638 5 ปีที่แล้ว +2

    super video sir thank you

  • @git-tauseef
    @git-tauseef 4 ปีที่แล้ว

    Your course on udemy on ethical hacking the preview part is not working,.

  • @swag-yw7ut
    @swag-yw7ut 3 ปีที่แล้ว

    Do you do any programming in this field?

  • @Kas_Styles
    @Kas_Styles 5 ปีที่แล้ว +1

    Do you do any risk assessments? If so can you talk about them

    • @TCMSecurityAcademy
      @TCMSecurityAcademy  5 ปีที่แล้ว +3

      Yes, but it's really rare. The ones I have done were checklists provided by a client for compliance purposes. You fill out the checklist like an audit.
      We also sometimes do console assessments where we review security postures (take a firewall for example) or cloud assessments, which also assesses security posture.
      These are all few and far between, so I dont count them as day to day. Some shops might not do them at all.

    • @Kas_Styles
      @Kas_Styles 5 ปีที่แล้ว +2

      @@TCMSecurityAcademy More people should do them. Especially osint risk assessments. Osint is one of the first things I go to for pretty much everything. I want to be a pentester (social engineer) after I get done with school. (I'm doing my AAS in network engineering then hopefully a BAS in Cybersecurity at my school.)

  • @rss235
    @rss235 3 ปีที่แล้ว

    This is very helpful!

  • @notawolf494
    @notawolf494 4 ปีที่แล้ว

    What about like physically pen testing (really any pen testing/cyber security position that doesn't have you sitting at a desk all day).. is there a position that mostly does that?

    • @Ickytreyyy
      @Ickytreyyy 8 หลายเดือนก่อน

      I think that’d be red teaming tbh

  • @joeycavazos6746
    @joeycavazos6746 3 ปีที่แล้ว

    I want to do the exact same. How can I help others keep their devices safe and how to stay a ghost online?

  • @danj8038
    @danj8038 3 ปีที่แล้ว

    I tried computer system technician program and I failed and hated it. And I love technology but that program messed me up. Cybersecurity seems to be something up my alley, do you think I should go for certification or a diploma? Id rather not waste money on diploma and just get a cert

  • @LinkWave290
    @LinkWave290 5 ปีที่แล้ว +4

    2:35 Would a security researcher/exploit developer follow a similar 'methodology'?

  • @Liryn
    @Liryn 4 ปีที่แล้ว

    Do you have any video about Mobsf?

  • @paulmolyneux4873
    @paulmolyneux4873 2 ปีที่แล้ว

    Hey hope you are good. I am 38 and just in the process of retraining from a completely different career into IT.
    I am working towards cyber security qualifications, am I too old at 38?

  • @rjcarmineglorso7323
    @rjcarmineglorso7323 5 ปีที่แล้ว +5

    Yesss Ava is so cute! =^..^= Great video, thanks