>he isn't going for a netsec job
Why aren't you /g/? Pentesting is fun
cause im too busy banging ur mom faget
>>55399461
Rude dude
>>55399443
doing anything as a job will make it very not-fun very quickly.
>>55399494
>M-MUH NEETDOM
>not getting a job as a netsec hacker
Kys desu senpai
hi fellow hacksers! mr roboto season 2 starting soon?
>>55399443
I'm not a skiddy
>>55399584
>script kiddie leddit tier show
Why?
>>55399677
He's a paranoid schizophrenic autist like /g/ so in that aspect it is accurate
>>55399513
What he said is accurate. it has nothing to do with being a NEET.
I think you're the one who should probably kill themselves.
>>55399697
>If I do netsec then it's a job! I'd rather netsec in muh basement!
How is it not NEETDOM trash?
>>55399513
>>55399717
"what makes things fun" and "what businesses will pay you to do" are very, very different things.
Fun comes from exploration. Finding and building new things to solve interesting problems. Crucially, it requires the ability to drop something if it turns out to be, or becomes, dull, or at least the ability to come back to it some time later. None of this describes what any business wants. They want things finished on a deadline. They don't want you tinkering around, they want you solving their, or their customers', problems.
This turns things that are fun into things that are not fun. Why do you think so many free/open source programs written by volunteers have ramshackle UIs and a go-figure-it-out-yourself-and-send-a-patch attitude to support? Because programming is (or at least can be) fun, but UX and customer service is drudge work. Nobody wants to do it, and people will only slog through it if their boss, who pays them, orders them to.
You'll feel the same way about security work after the fiftieth job where you run a bunch of tests for known vulnerabilities and sign off on the result because the company doesn't care about what you think is fun, they only care about passing their PCI audit, or letting the marketing people put in a bullet point that their product's security has been verified, or some such. They generally don't even actually care about security, they care about box-ticking, avoiding bad PR and legal liability, cutting costs, and satisfying regulatory requirements with a minimum of effort.
>>55399735
Well then, I guess I'll drop one of my fun Lil zero days on them when that time comes and make it "fun"
>>55399770
If you're good enough that finding and selling zero-days is something you can support yourself on, great. Enjoy.
If you aren't, though, and most people aren't, that means being an employee of someone, and fun you will not be having. I also note that you implied this setup in the OP because you used the word "job".
>>55399833
>implying netsec jobs are shit
Explain how netsec jobs are not enjoyable?
>>55399443
The only ones to care enough about security to pay you well are huge corporations, and let's face it, you're not good enough for that.
I'd rather implement useless features into a broken piece of software in java, making more money than my greedy wife can spend, thank you
>>55399735
this is why I hate security now
breaking shit is fun, fixing it is hard, getting other people to fix shit is harder and getting people to understand and engineer with security in mind is impossible
>>55400086
do you have one?
Have you sat in front of an msf session for 14 hours straight and had all of the reports you diligently wrote up thrown out during a meeting because fixing the shitty webapps and databases would "cost too much"?
>>55400201
Dude if that happened to you I'd tell my supervisor that it isn't worth it and take that work and get a couple Bros to help you pentest there shit and force them to give a shit when you cripple there shit system senpai. Unless it's DoD
white hats are the biggest faggots
>>55400246
you're a complete faggot and have no idea how the real world works
enjoy your jail time
>>55400271
>implying I'd do that
I'm a sec analyst and I've never had shit thrown out after busting ass unlike you. I'm just shitposting on /g/ but in actuality netsec is a great field to be in and the boring shit jobs reside in programming and basic coding.
If you hate it so much then quit and go be a sys admin you cuck. Kys
What kind of education/experience did ya'll need to become a security specialist?
>>55400484
Make a portfolio of what you can do for scripts i.e pytgon/c++/ruby/bash/ssh
Get your sec+ linux+ CCNA MSME if need be and have good references senpai. Know your shit and apply. Also netsec degree helps too if need be
I'm doing network infrastructure and cybersec degree now
>>55400321
>I've never had shit thrown out after busting ass unlike you.
Then you've never dealt with big-shit companies who'd rather wrap an old-ass Windows 2000 server with 50k of security equipment than spend the 150k on actually refactoring the code running on it to not be shit
Once you actually start getting big clients that shit will happen to you more than you'd like
>>55399443
Because I'd rather actually setup the server and security, and then admin it, and then eventually move up to bossing those people around.
You know that before you get to sit around all day playing WoW pretending you're "thinking of potential vulnerabilities" you have about 15 years of solid shit ahead right?
>>55399443
OP is a skiddie faggot.
>>55400246
I have never been more confident in calling out underageb& than right now. Please go away.
>>55402065
I thought up a potential vulnerability of Sartharion one time. My raid leader was pretty happy with me
>>55399443
>Pentesting is fun
Pentesting is not fun. It's a boring slog like all other QA testing. But pentesting excites the kind of people who get off on the idea of administrator access. It's like an adult version of getting a feeling of superiority by getting a higher grade on their homework than their classmates. Sure, I'll grant the caveat that developing a novel exploit is fun and impressive, but pentesting is barely ever that.
Pentesters are the embarrassing little brother of the security world. They shit talk everyone and everything because they think reading a security advisory and running msf makes them mental gods compared to developers that aren't allocated time or training to secure their products. They brag on being bad coders while exasperatedly asking why the state of secure development is so bad. They couldn't write shellcode for a buffer overflow on a system with no exploit mitigation to save their lives.
Some security jobs are fun, some security professionals are genuinely impressive. I'm headed out for security summer camp in a 3 weeks myself, but every year I become more and more disillusioned with the fuckers. The "security awareness" dog finally caught the car, but we don't have any answers.
You fuckers acted like we had all the answers. You've only got a few more years until the baseline of security in the industry rises to the not-at-all-impressive level the security community is able to provide. Then you better have something to show for yourselves or they'll discover the emperor has no close. The money will dry up just as fast as it came flooding in.
>>55399443
I tried it. It's not as fun as programming. Sure there is a thrill from breaking into a system, but that wears off pretty fast, especially when you just start using automated tools.
>>55399443
>he thinks he's gonna get a netsec job when all he does is play games and not pay attention in class
some fag in my class who unironically wears gaymur earphones as an accessory
>>55403272
this. so hard.
Pentesting is just something I do to test my own security and play CTF. A job in pentesting is kind of like getting the shit end of the stick. A lot of people wont listen to you and you might get some praise but they'll also blame you because they decided they wanted a security audit instead of a full security analysis. I'm in no way a "security professional" I just know some pentesters who are left without a job now. Some security professionals don't even know that much about the kernel. Pentesting can also be boring as fuck, waiting for an exploit or making sure they're not vulnerable to any CVE's, which anyone can do.
>this is a test greentext
because I wouldn't enjoy seeing everyone around me do everything so goddamn wrong, and be responsible for bandaiding it all up so the bad guys don't get through.
Just a regular developer who is security conscious when designing and implementing my software.
