The Ugly Truth About Hacking

How can you be a certified pro when every 30 mins there's new malicious coding popping up you never seen chat gpt has made it way too easy along with wizard payload

Hi there Cyber Mentor I am a new Sub ,& love your advice ,I did want to ask you can you make a video of which exactly fundamentals labs we need to do on HackTheBox or which INE labs we’d need in prior to taking on the eJPT thank you in advance if you do this 🙏🏼

Great video but you left out 2 important things get a certification speciifcally in EH first to get a good foundation and learn to seperate bs from useful info otherwise you go down a rabbit hole.

Certification part really hit home. I'm awful at exams and I do panic thinking how am I ever going to progress. Thanks for your input!

Fantastic advice!

Thanks for this, the more I deep in hacking techniques, the more overwhelming it is, and many times i just learn the technique as an algorithm, without fully understand why. Yeah, It's really important to build things to really understand why, but this helped me to deal with my impostor symdrome untill i become a really expert.

Just remember: certifications can be a fun way maybe to test your self: but like a university degree or any other certification: they are ultimately meant to prove to someone else that you can work for them. My question was always: why would you want to work for someone else? That means: you are letting that someone else decide your quality of life. The salary that they decide you are worth, decides everything about your life! In cyber security: the only people I know that work on contract for some company are the people that have the mindset “What if I can’t find any bugs?”. Stop thinking of reasons why you can’t do something and stop looking at all the negative negatives! Use that same energy to figure out how you can find bugs! Because I promise you…. If you don’t find the bugs…..SOMEONE ELSE WILL! A person who works on a contract at a cyber company is like a domesticated dog that knows when he will be fed each day! The “black hat” is the wolf outside in the woods who has to re-create each night how to find food again and he has to do it whether it is 100° outside or 0 and snowing like crazy! Who has no choice but to find the food!

Thanks for being honest about your learning experience.

Thanks, sir!!!! I’m working on improving my skills and learning to become a Pentester I was struggling but I’m not giving up!!

hearing u say that first part about not understanding everything but proceeding was such a relief to here. holy shit

"Ifølge noen brukere på Reddit, spesifikt en som allerede hadde erfaring som pentester, var TCMs praktiske etiske hackingkurs ikke verdt pengene. De mente at mye av materialet overlappet med det de allerede hadde lært fra andre kilder, og at noen av labene var tidkrevende å sette opp. Aktivitetskatalogen var også utdatert!"

First off…thank you for all of the videos, they’re awesome!!! In my current job I spend a lot of time driving so I can listen to them and try to learn something new while getting paid, woo hoo! While taking a break from learning I came across a video where a guy got a tattoo of one of your logos and got free access to all of your courses for life. Is this a real thing? If so how do you go about it, I’d definitely get a tattoo for free lifetime education!!!

Drinking from a firehose would be the most accurate description!

In the corporate world, cyber and IT cost money.. they don’t make any. And it’s all about the bottom line. Harsh but true coming from someone who lives it firsthand. It will never be at the same level as the sales org, responsible for bringing in hundreds of thousands of dollars at any organization.

if people hate pentesters... and start a fight in a JIRA ticket.... isn't that a management + HR + mental health problem?

State management in React? Let me know what you would want to understand.

I love the straight-forward-ness of this video. Clear, to the point and without over-sensationalizing. Thank you.

It feels good to hear this from a pros 🎉😊

This man is so beautiful. I want to put my face next to the arch of his foot!

What about blueteams?

Thanks for saying this out, i constantly feel like it is something I'll never understand, and just feeling alone as a beginner, unlike programing where there is a lot of people to reach out to for help.

I also felt bad when i received a real world opportunity to Pentest a website just to find out the technology and systems (lay of the land) in real world challenges are nothing like the htb(hack the box) or owasp tutorial i was doing, It broke my heart.

"There is no certification leaderboard." oof.

I joined hackers group and they told me "Hackers are people who train themselves"

It is overwhelming but cybersecurity is still my goal. However I will start from IT first and see where it gets me.

I chose this domain for myself thinking the my interest will push me further but when I came to know that we need to do certifications to prove our knowledge to industries, I was done. Those certifications are wayyyyy beyond my ability to pay 😢. I'm just a college student, Even if I wanted to learn, these expensive certifications are stopping me from doing so 😢.

We need group to support us beginners

Thanks for the video man, it’s interesting to see as someone who is just starting out. There were 2 things you said that I would like to ask about, the first is that pentesters are only brought in for regulatory stuff. What are some of the laws that pentesters are needed to help comply with? I was unaware that there were any. Second - just curious, but what is an example of an issue in a jira ticket that got escalated to an office confrontation?

Lets talk about other problems:
- Cybersecurity is always going be to the group that gets the most blame when they are trying to fix things aka you will get the most hate of all the IT groups unless you are part of are cyber focused group.
- Because cyber doesn’t make money it can be hard to justify the salaries that we make but as soon as a company is hacked these often double and triple when before they had no “budget”. We are a lost leader that constantly protects night and day but we don’t make money, we stop the bad guys from getting the money.

You don't even know how much I needed to hear this

Congratulations on 750k subs ✨
It'd be really helpful if you can make a video on how to contribute in open source from the cybersec domain

Guys help. Should i take the ejpt or pjpt. Which is better?

The funniest things about this field is graduating with a degree will still require Certifications. Your degree is supposed to cover the need of the certification, it’s supplemental. Most professional hackers are script kiddies at best. Technicians using tools. It’s become odd now.

Thanks for the videos as the beginner I constantly feel like I don’t know what’s going on. I can’t wait for everything to click.

Another good and positive video !

One thing about me is I don't know anyone (friends) that have the same energy. I see people in linkedin who always achieve certs and amazing things but they are in different places(colleges or cities), I can't connect with them. But, in my college or my friends they're always surprised by my energy toward pentesting. I can't find friends like me who are motivated to learn more and more in cybersecurity. I feel like I am all alone but it's ok, I know how to live with that I understand that one day at some point in my path I will find friends who have the same energy as me.

I think the most depressing thing about the field of Cyber is that there is a limitation to what can you learn in theory or by doing labs alone. At some point you need a personal mentor, ideally in the work context where you can work on actual projects, but with no entry level jobs anywhere I wonder how many people give up, or worse - how many get positions in dodgy online/ ransomware groups as these are the only people who want to work with you as a beginner…

Thanks a lot, you are so kind and I watch you as my mentor in cybersec

Hey guys I tell you something and my personal experience... If you're a beginner and try to learn cybersecurity and ethical hacking... And you want be a real time hacker... Then you need to understand something very clearly...

Hacking is like art, so you should spend more time to learn.

Basic
Hardware knowledge
Networking knowledge
Network+ and CCNA

Then go to learn
Web development
HTML, CSS, JavaScript, any one backend program language Python or Java.
SQL or any DBMS

Note
If you don't know how working website and database.. then you can't hack them with your own ideas...

Then go to learn
Linux kernel
And About severs like an AWS, MCSE

Then go to learn
C++ or C
Because if want be a hardware hacker this language is very powerful...
Most of malware and Antivirus written in c++ or C.

One's you learn these all then you take any CEH course then you become real time hacker...

Without knowing these knowledge then just you wasting your time... Really for beginners it's impossible to learn ethical hacking in 40 hours... Just you understand what is hacking how it's works... But you can't hack anything...

So study Hard and gain your knowledge
I hope this information is helpful to beginners.

"🎉 Congratulations on 750k subscribers!

touch of XSS humor:

<script>alert('I love PWPT!')</script>

Looking forward to diving into the world of web penetration testing with the PWPT certification. Thanks for the opportunity!"

How should I start ethical hacking as a beginner

Happy 750K Subs 🥰.
Lets see if we can grab a (free) voucher for PWPT.
Thanks,
@MuslimFromPK

being less salty in tickets...oh boy😆

Happy 750k!

Fantastic video, Alex. Thanks for the positive insights! One thing that hit home for me is how difficult pentesting can be in the beginning. I'm glad you said it gets better and more fun as time goes on, I needed to hear that :)

Should I go for ejpt?

"certifications are a necessary evil" harsh true

state management is not hardddd

Really i feel 😅 Same here
In Ethical Hacking domain