Hello, World! Welcome To My Hacking Blog
Introduction
At the time of this writing, I’ve worked in cybersecurity for two+ years as a penetration testing consultant (aka an ethical hacker). Each week, I target a new company’s systems, identifying and reporting vulnerabilities that I find. The fast-paced and varied nature of this work has provided me experience with a wide range of organizations, frameworks, and technologies. Along the way, I’ve encountered many severe and fascinating vulnerabilities—some technically intricate, others foolishly simple. This blog is my space to document the most interesting things I’ve come across: research, notable vulnerabilities, and reflections on the field of cybersecurity.
My motivation is twofold. First, I want to chronicle my hacking journey. The cybersecurity landscape evolves constantly, and I want to share the issues that I see most commonly and find most pressing at this point in time. For example, it seems like some vulnerability classes (i.e. SQL Injection) will never go away, while others such as Cross-Site Request Forgery (CSRF) have already become far less common in the wild due to Chrome’s implementation of a SameSite=lax default cookie policy which prevents cookies from being included on most cross-site requests .12
Secondly, I want to give back to the cybersecurity community. By and large, hacking is a peer-to-peer knowledge base. This is partly because of the experience gap that cybersecurity faces. The skill set to become a penetration tester isn’t taught in most schools, and it can be difficult to learn independently. Yet, in an increasingly digital world, practically every company needs security professionals to harden their networks and prepare for breaches. To learn penetration testing, you must be self-motivated and driven to learn on your own. So, what helps? A cool blog like this one!
Fifty years before I was a student at Princeton University, “electrical engineering & computer science” was a single major one could pursue. Eventually, these fields split as their theories became more distinct and robust. Currently, only some universities offer cybersecurity as an independent master’s degree or as an area of focus within computer science. I predict that over the next 30 years—much like electrical engineering and computer science—cybersecurity will branch off from other tangential fields and become its own legitimate area of study at the university level.
Fun Fact About Me: In the future, I want to develop the cybersecurity department at a major university.
How Did I Start?
I started by completing every free box in HackTheBox‘s Starting Point track. While they do a good job at introducing the hacker mentality, the subject matter isn’t very realistic for most beginner hackers. The HTB environment more closely emulates an internal network penetration test rather than an external web application test. When you start learning cybersecurity, it’s generally recommended to begin with web app testing. Why? Because web applications and external networks are the most common types of penetration tests.
At its core, a web application involves communication between a client and a server via HTTP(S). Web app testing is about knowing how to tamper with that communication and how to explore scenarios where it can go wrong. In other words, how can you trick the server into doing something it’s not supposed to? Most other subfields of cybersecurity (mobile app testing, thick client/application testing, IoT devices) also rely on HTTP(S) communication, so a foundation in web app testing will benefit almost any type of hacking.
Okay, so where is the best place to learn web vulnerabilities? PortSwigger. PortSwigger is an incredible resource for learning in-depth classes of vulnerabilities. They regularly produce research on the latest types of exploits and offer labs (actual vulnerable machines) you can hack to test your knowledge.
Bonus Tip: Keep notes.
Every hacker is unique, because there’s no single learning path. Cybersecurity is a vast subject, and personal notes (in whatever form works best for you) will help organize your knowledge base and save you time when you’re looking for that one specific payload.
Who is this blog for?
You, the interested reader! My goal is to write in a technical yet approachable style so whether you are new to cyber security or a seasoned penetration tester, there will be takeaways with each post.