The Hacker's Cache

Kyser Clark - Cybersecurity

The show that decrypts the secrets of offensive cybersecurity, one byte at a time. Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.

read less
TechnologyTechnology
BusinessBusiness
ScienceScience
CareersCareers

Episodes

#24 Building a Career Together: Lessons from Clint & Si The Hackers
5d ago
#24 Building a Career Together: Lessons from Clint & Si The Hackers
Kyser Clark is joined by Simon and Clint from the YouTube channel 'Clint & Si The Hackers.' They discuss their journey into cybersecurity, the importance of practical experience over formal education, and the benefits of collaboration in building a successful career. The conversation covers various aspects of penetration testing, the challenges faced in their careers, and the significance of certifications and continuous learning in the field.Watch Clint & Si The Hackers On YouTube: https://www.youtube.com/@_The_hackersConnect with Clint on Linkedin: https://www.linkedin.com/in/clinton-elves-180ba0148/Connect with Simon on Linkedin: https://www.linkedin.com/in/simon-exley-355816194/TakeawaysA college degree is not essential for a cybersecurity career.Practical experience is more valuable than theoretical knowledge.Collaboration can significantly enhance career growth.Networking and building relationships are crucial in the industry.Certifications can help in career advancement.Learning from peers can accelerate skill development.The cybersecurity field is diverse with many specializations.Challenges faced in moving countries can lead to personal growth.Engaging with the community through platforms like LinkedIn is beneficial.Continuous learning is key to staying relevant in cybersecurity.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#23 SOC Analyst Life: Challenges & Secrets from Trent Williams
Nov 27 2024
#23 SOC Analyst Life: Challenges & Secrets from Trent Williams
Kyser Clark and Trent Williams talk about the roles and experiences of a SOC analyst. They discuss the challenges faced in the field, the importance of continuous learning, and the impact of AI on cybersecurity jobs. Trent shares insights from his career journey, the significance of certifications, and the necessity of understanding both offensive and defensive security practices. The conversation also touches on the recent changes in certification names and the relevance of transferable skills in the tech industry. In this conversation, Trent W and Kyser Clark discuss various aspects of cybersecurity, focusing on the importance of continuous learning, the transition between red and blue team roles, and the challenges faced in the field. They emphasize the need for certifications, practical skills, and effective client engagement in a hybrid work environment. The discussion also touches on the complexities of managing multiple clients and the significance of community support in overcoming challenges.Connect with Trent Williams on Linkedin: https://www.linkedin.com/in/trentonw/Takeaways:Continuous Learning: Staying updated and adaptable is essential in cybersecurity due to its ever-evolving nature.Transferable Skills and Practical Experience: Leveraging prior knowledge and hands-on practice is crucial for transitioning and excelling in the field.Communication and Networking: Strong communication skills and learning from peers can significantly enhance professional growth.Cross-Disciplinary Understanding: Gaining knowledge in both offensive and defensive security improves overall effectiveness and perspective.Certifications and Command Line Proficiency: Certifications build credibility, while command-line expertise is vital for daily cybersecurity tasks.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#22 Q&A: Cybercrime, Certifications, and Sacrifice in Cybersecurity Careers
Nov 20 2024
#22 Q&A: Cybercrime, Certifications, and Sacrifice in Cybersecurity Careers
Kyser Clark introduces a new Q&A format where he answers listener questions about cybersecurity, ethical hacking, and career development. He discusses the allure of cyber crime, the importance of networking certifications, and the sacrifices necessary to succeed in the field. Kyser emphasizes that while certifications can enhance career prospects, they are not the only path to success. He encourages listeners to manage their finances wisely and invest in their education to achieve their career goals.TakeawaysMany people turn to cyber crime due to desperation and thrill.The anonymity of the internet contributes to cyber crime.Certifications like Net Plus and CCNA are important for cybersecurity roles.Networking knowledge is essential for securing networks.Sacrifices are necessary to earn certifications and succeed in cybersecurity.Money management plays a crucial role in career advancement.You don't need certifications to work in cybersecurity, but they help.Investing in training is one of the best investments you can make.Hard work and dedication are key to breaking into the field.Finding a balance between work and personal life is important.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#21 Unpacking AppSec: Lessons and Insights with Jonathon Fuller
Nov 13 2024
#21 Unpacking AppSec: Lessons and Insights with Jonathon Fuller
Kyser Clark interviews Jonathan Fuller, a seasoned cybersecurity professional with a diverse background in various roles, including penetration testing and application security. Jonathan shares his journey from being a NOC engineer to founding Advict Security, emphasizing the importance of delivering comprehensive information to clients during penetration tests. He discusses the balance between his day job and entrepreneurial efforts, the differences between penetration testing and application security, and his contributions to the PNPT course. The conversation concludes with Jonathan offering insights and advice for aspiring cybersecurity professionals and entrepreneurs.Connect with Jonathon Fuller on LinkedIn: https://www.linkedin.com/in/jonathon-fuller/Penetration testing often leaves out valuable information in reports.Balancing a full-time job with entrepreneurship requires dedication.AppSec offers a more personal relationship with the applications being secured.Automation is key in creating consistent environments for students.Finding a need in the market is crucial for starting a business.Building a home lab can be done affordably with the right equipment.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#20 What it REALLY Takes to Pass OSCP (and What They Don’t Tell You) ft. Trent Miller
Nov 6 2024
#20 What it REALLY Takes to Pass OSCP (and What They Don’t Tell You) ft. Trent Miller
Kyser Clark interviews Trent Miller, a cybersecurity professional with a diverse background in IT and security roles. They discuss Trent's career journey, the challenges of breaking into cybersecurity, the importance of networking, and insights on certifications like OSCP. Trent shares his experiences with the job market, the reality of skill shortages, and the significance of community engagement through groups like DC608. The conversation emphasizes the need for collaboration and continuous learning in the cybersecurity field.Connect with Trent Miller on LinkedIn: https://www.linkedin.com/in/azureadtrent/TakeawaysNetworking is crucial for breaking into cybersecurity.The OSCP certification can boost confidence and job prospects.Employers often seek unrealistic qualifications, creating a perceived skill shortage.Hands-on experience and collaboration are key to success in cybersecurity.The job market can be challenging, but persistence pays off.Community groups like DC608 provide valuable support and resources.It's important to balance study and personal life when pursuing certifications.Anyone can enter the field with dedication and the right mindset.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#19 Beating the Odds in Cybersecurity: What It Really Takes ft. James Scott
Oct 30 2024
#19 Beating the Odds in Cybersecurity: What It Really Takes ft. James Scott
Kyser Clark interviews James Scott, a cybersecurity professional with a diverse background in the military and digital forensics. They discuss James's journey into penetration testing, the challenges he faced in landing his first role, and the importance of networking and creating personal tools. The conversation also covers the significance of programming skills in cybersecurity, the value of digital forensics knowledge, and the impact of volunteering at conferences. James shares insights on pursuing a PhD in cybersecurity, focusing on weaponizing forensics and compliance training. The episode concludes with advice on persistence and standing out in a competitive field.Connect with James Scott on Linkedin: https://www.linkedin.com/in/james011616/TakeawaysNetworking is crucial for career growth in cybersecurity.Persistence is key; never give up on your goals.Creating your own tools can set you apart from others.Digital forensics knowledge enhances penetration testing skills.Programming becomes essential as you advance in your career.Volunteering at conferences can lead to valuable connections.Federal resumes require more detail than private sector ones.Stand out from the competition with unique qualifications.Pursuing a PhD can help you contribute to the field significantly.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#18 16 Years in IT, Now a Fortune 100 Pentester: 0xD1CE Shares His Journey
Oct 23 2024
#18 16 Years in IT, Now a Fortune 100 Pentester: 0xD1CE Shares His Journey
Kyser Clark interviews 0xD1CE, a seasoned penetration tester, who shares his extensive journey from IT to cybersecurity. 0xD1CE discusses his various roles, certifications, and the impact of COVID on his career shift. The conversation gets into the differences between consulting and internal roles, the value of certain cybersecurity certifications, and the emerging trends in AI testing. 0xD1CE also provides insights on how to succeed in obtaining the OSEP certification and emphasizes the importance of self-research in career development.Takeaways:0xD1CE transitioned from IT to cybersecurity due to a growing interest sparked by his blue team experience.Consulting roles differ significantly from internal testing roles, impacting work pace and responsibilities.AI testing is an emerging field with limited resources available for training.Self-research and initiative are crucial for career growth in cybersecurity.The Network+ certification may be overrated in the context of penetration testing.Hands-on experience and practical knowledge are essential for success in certifications like OSEP.Web application testing is a critical skill for penetration testers, especially in consulting roles.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#17 Unpacking Bug Bounty Strategies with RootSploit: Zero Days, Recon, and Vulnerabilities
Oct 16 2024
#17 Unpacking Bug Bounty Strategies with RootSploit: Zero Days, Recon, and Vulnerabilities
Cybersecurity professionals Kyser Clark and Pranit Garud (RootSploit) discuss their experiences in the field. They cover topics such as bug bounty programs, the role of an offensive security engineer, and the differences between consulting and working for a Fortune 500 company. Pranit shares tips for getting started in bug bounty hunting and emphasizes the importance of understanding the business logic of a company. He also highlights the need for a mindset shift when transitioning from consulting to an internal security role.Connect with Pranit on LinkedIn: https://www.linkedin.com/in/pranit-garud/TakeawaysBug bounty hunting requires a proactive and research-oriented mindset, as well as a deep understanding of the target company's technologies and business logic.Working as an offensive security engineer in a Fortune 500 company offers the opportunity to see the inner workings of the organization and make a greater impact on security.Transitioning from consulting to an internal security role requires a shift in focus from exploitation to securing and collaborating with developers.Building a close relationship with developers and understanding their challenges can lead to more effective security measures.The pace of work in a Fortune 500 company may be slower due to approval processes and the need for careful consideration of potential impacts.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#16 Why Cybersecurity Is Stressful and How to Succeed with Opeyemi Kolawole (Hacking Insights)
Oct 9 2024
#16 Why Cybersecurity Is Stressful and How to Succeed with Opeyemi Kolawole (Hacking Insights)
Kyser Clark interviews Opeyemi Kolawole, a full-time red teamer and cybersecurity professional. They discuss Opeyemi's background in biology and his transition into the cybersecurity field. Opeyemi shares his experience and insights on various certifications, including the Cyberwarfare Lab Certified Red Team Analyst (CPTA) and the importance of staying up to date in the field. They also discuss the benefits of building a personal brand on platforms like LinkedIn and YouTube.Connect with Opeyemi on LinkedIn: https://www.linkedin.com/in/opeyemi-v-kolawole/TakeawaysTransitioning from a different field into cybersecurity is possible with passion and dedication.Certifications like the Cyberwarfare Lab Certified Red Team Analyst (CPTA) can be valuable for starting a career in red teaming.Staying up to date and continuously learning is crucial in the cybersecurity field.Building a personal brand on platforms like LinkedIn and YouTube can help establish credibility and connect with others in the industry.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#15 From Zero to Hero: How Anyone Can Succeed in Cybersecurity
Oct 2 2024
#15 From Zero to Hero: How Anyone Can Succeed in Cybersecurity
In this solo episode, Kyser Clark discusses the accessibility of cybersecurity careers, emphasizing that anyone can enter the field regardless of their background. He shares his personal journey from blue-collar jobs to becoming a penetration tester, highlighting the importance of certifications and continuous learning. Kyser provides actionable steps for breaking into cybersecurity, including gaining tech experience, obtaining certifications, and effectively marketing oneself. He concludes by encouraging listeners to remain persistent and adaptable in their job search, reminding them that while anyone can enter the field, competition is fierce.TakeawaysAnyone can get into cybersecurity regardless of background.Certifications are often more beneficial than college degrees.Learning from failure is a crucial part of the process.You don't need to be good at math to work in tech.Discipline and hard work are essential for success.Aggressive patience is key in the job search process.Rejections are often due to cultural fit, not skill level.Networking and marketing oneself are vital for job hunting.Internships are a great way to gain experience.Continuous learning is necessary to advance in cybersecurity.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#14 Social Engineering Unleashed: DEF CON Insights from Jacob Villarreal
Sep 25 2024
#14 Social Engineering Unleashed: DEF CON Insights from Jacob Villarreal
Kyser Clark interviews Jacob Villarreal, a penetration tester, about his journey into the cybersecurity field, his experiences at DEFCON, and various topics related to cybersecurity. Jacob shares his background, including his education, certifications, and transition from IT roles to penetration testing. The discussion covers the importance of networking, volunteering at conferences, and key cybersecurity issues such as biometrics, automation, boot camps, and the role of certifications. Jacob also offers insights into social engineering and advice for those interested in pursuing a cybersecurity career. Connect with Jacob Villarreal on LinkedIn: https://www.linkedin.com/in/jacob-villarreal-utsa/Takeaways:Cybersecurity should be a top priority for companies, but financial considerations often take precedence.Networking is crucial in the cybersecurity field and can lead to valuable connections and opportunities.Social engineering is an important skill for red teamers, and building rapport and trust is essential in these engagements. Studying sales techniques can be helpful in this regard.Conferences like DEFCON offer valuable learning and networking opportunities, though the cost should be carefully considered.Engaging in conversations with people in public settings can improve social skills and lead to unexpected connections.Reaching out to professionals in the cybersecurity field through platforms like LinkedIn can provide valuable insights and advice.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#13 Hacking Time: Real World Skills They Don't Teach You | Trent Darrow
Sep 18 2024
#13 Hacking Time: Real World Skills They Don't Teach You | Trent Darrow
Kyser Clark interviews Trent Darrow, a senior penetration tester and cyber protection team crew lead. They discuss Trent's background, certifications, and his role in building a red team. They also touch on ethical dilemmas in the industry, the effectiveness of certifications in preparing for real-world pen testing, and the importance of skills like time management and effective communication. In this conversation, Trent and Kyser discuss time management in cybersecurity exams, the challenges of scanning large networks, the role of a cyber warfare technician, the transition between civilian and military careers, strategies for preparing for the OSCP and OSEP exams, the value of participating in CTFs, and the future of the cybersecurity field.Connect with Trent Darrow on LinkedIn: https://www.linkedin.com/in/trenton-darrow/Takeaways:Trent's background spans help desk, IT specialist roles, network engineering, and cybersecurity contracting, with certifications like OSCP, GCFA, GWAPT, GPEN, and GCPN.Real-world skills like time management, note-taking, and communication are crucial, differing from those needed for exams or CTFs.Ethical dilemmas, such as downgrading findings to please clients, can be common in the industry.Preparing for certifications like OSCP and OSEP requires practice, extensive note-taking, and ensuring tools work properly through a proxy.AI isn't a threat to cybersecurity jobs, but learning web application security is essential for staying competitive.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#12 Why OSCP Might Not Be Worth It - A Surprising Take by Evan Isaac
Sep 11 2024
#12 Why OSCP Might Not Be Worth It - A Surprising Take by Evan Isaac
Kyser Clark and Evan Isaac discuss their experiences and insights in cybersecurity. They cover topics such as certifications, content creation on LinkedIn, web hacking resources, job searching advice, and the importance of offensive and defensive cybersecurity skills.Connect with Evan Isaac on LinkedIn: https://www.linkedin.com/in/evan-isaac/ TakeawaysCertifications like OSCP and eWPTX are valuable in cybersecurity, but other certifications like PMPT and CPTS are gaining recognition.Creating content on LinkedIn and other platforms can help build your personal brand and network in the cybersecurity industry.Web hacking resources like PortSwigger Academy, TryHackMe, and Hack The Box are great for learning and practicing web application security.When searching for a job, networking and building connections are crucial. Contact recruiters and professionals in the field, and consider posting content to showcase your knowledge and skills.Both offensive and defensive skills are essential in cybersecurity. Gaining experience in blue team roles can provide valuable insights for red teaming and penetration testing.Stay consistent, never give up, and continue learning and growing in cybersecurity.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#11 Stay Creative Together: Insights from Nouha Ben Brahim
Sep 4 2024
#11 Stay Creative Together: Insights from Nouha Ben Brahim
Kyser Clark interviews Nouha Ben Brahim, a Python programmer turned bug bounty hunter and founder of No Breach. They discuss Nouha's journey into cybersecurity, the most concerning cyber breach, common web hacking vulnerabilities, becoming a speaker at events, starting a cybersecurity company, and Nouha's podcast, The Hackers Line.Connect with Nouha Ben Brahim on LinkedIn: https://www.linkedin.com/in/nouha-ben-brahim-4b749b278/ TakeawaysTransitioning from programming to bug bounty hunting requires experimentation and learning the basics of hacking.Common web hacking vulnerabilities include GraphQL flaws, authentication issues, and IDOR.To become a speaker at events, choose a topic that tells a compelling story and resonates with the audience.Starting a cybersecurity company requires building trust, providing high-quality solutions, and staying up to date with industry trends.Podcasts are a valuable platform for sharing knowledge and connecting with experts in the cybersecurity field.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#10 Breaking into Cybersecurity: Tips from a Pro ft. Jake Mayhew
Aug 28 2024
#10 Breaking into Cybersecurity: Tips from a Pro ft. Jake Mayhew
In this conversation, Kyser Clark interviews Jake Mayhew, a senior penetration tester, about his background and experiences in cybersecurity. They discuss the importance of internships, the value of creating a home lab, and the benefits of networking at local conferences and meetups. Jake also shares advice for job seekers, including the significance of standing out through proactive actions like writing reports and asking questions. Jake Mayhew and Kyser Clark discuss their favorite hacker movies and shows, as well as their experiences with different hacking certifications. They also explore the challenges of pursuing higher-level certifications and offer advice for those entering the cybersecurity field. The conversation concludes with a discussion on the importance of perseverance and community involvement in the job search process.Connect with Jake Mayhew: https://www.linkedin.com/in/jake-mayhew-osce-oscp/TakeawaysInternships can be a valuable way to gain experience and get your foot in the door in the cybersecurity field.Creating a home lab and actively using it to learn and practice cybersecurity skills can demonstrate your passion and dedication to potential employers.Attending local conferences and meetups can provide opportunities for networking and building relationships with professionals in the industry.Proactively standing out in the job search process, such as by writing reports or asking questions, can make a candidate more memorable and increase their chances of getting hired.Continuous learning and pursuing certifications can help job seekers demonstrate their commitment to improving their skills and staying up-to-date in the field. The OSCP certification is highly regarded and a good starting point for those interested in network penetration testing.Higher-level certifications like OSEP, OSWE, and OSED require a deeper understanding of specific topics and may be more challenging.Real-world experience and practical application of skills are crucial for success in advanced certifications.Perseverance is key in the job search process, as rejection is common in the cybersecurity field.Getting involved in the cybersecurity community can provide valuable networking opportunities and support.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#9 Red Teaming & Malware Development ft. Nathan Rice
Aug 21 2024
#9 Red Teaming & Malware Development ft. Nathan Rice
In this conversation, Kyser Clark interviews Nathan Rice, a senior penetration tester, about his background and experience in cybersecurity. They discuss the differences between penetration testing and red team operations, the importance of starting with penetration testing before moving to red teaming, and the challenges and rewards of obtaining certifications. They also touch on the skills required for malware development and the importance of staying up to date with evolving techniques. Nathan shares advice for aspiring red team operators and emphasizes the need to be proactive and not be afraid to ask questions.Connect with Nathan Rice: https://www.linkedin.com/in/nathan-rice-b52209123/TakeawaysPenetration testing and red team operations have distinct differences, with red teaming requiring more patience, stealth, and intent to emulate real-world threat adversaries.Starting with penetration testing before transitioning to red team operations is recommended, as the skills learned in penetration testing translate well to red teaming.Obtaining certifications in cybersecurity, such as OSCP and OSEP, can be challenging and may require multiple attempts, but they provide valuable knowledge and recognition in the field.Malware development skills are important for red team operators, as having the ability to create custom tools and bypass EDRs is crucial for success.Aspiring red team operators should not be afraid to ask questions, be proactive, and not get caught up in analysis paralysis. Getting caught is part of the learning process and should be used as an opportunity to improve.Moving with intent and being able to think creatively are essential skills for red team operators, as they need to constantly adapt and find new ways to bypass defenses.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#8 Cybersecurity Is a Beautiful Field: There's People That Don't Like Me ft. Aaron Tran
Aug 14 2024
#8 Cybersecurity Is a Beautiful Field: There's People That Don't Like Me ft. Aaron Tran
Kyser Clark interviews Aaron Tran, a military veteran who successfully transitioned into a career in cybersecurity. They discuss Aaron's journey from the military to becoming a penetration tester, the challenges he faced, and the steps he took to bridge the gap between non-cyber and cyber roles. They also touch on the importance of having a plan and utilizing resources like the SkillBridge internship program. Aaron shares his insights on paying ransomware demands, the value of the TCM Practical Career Ready Professional program, and the need for kindness and collaboration in the cybersecurity field.Connect with Aaron Tran on LinkedIn: https://www.linkedin.com/in/aarontran-anasec/TakeawaysHaving a plan is crucial when transitioning from the military to a career in cybersecurityUtilize resources like the SkillBridge internship program to gain real-world experiencePaying ransomware demands is not recommended, but there may be situations where it's the only optionThe TCM Practical Career Ready Professional program can provide valuable training and networking opportunitiesSoft skills are essential in cybersecurity, as they help with client interactions and job interviewsDon't let the noise and conflicting advice in the cybersecurity field discourage youReach out to fellow veterans for support and camaraderieKindness and collaboration are important in the cybersecurity fieldConnect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#7 Think Outside the Box to Land First Pentesting Job ft. Ryan Daub
Aug 7 2024
#7 Think Outside the Box to Land First Pentesting Job ft. Ryan Daub
In this conversation, Kyser Clark interviews Ryan Daub, an Offensive Security Analyst Associate, about his journey in cybersecurity and his current role as an internal penetration tester for healthcare organizations. They discuss topics such as landing a job in cybersecurity, the role of AI in penetration testing, the differences between internal and consulting pentesting, the importance of collaboration between red and blue teams, and the value of continuous learning in the field. Ryan also shares his advice for aspiring cybersecurity professionals.Connect with Ryan Daub on LinkedIn: https://www.linkedin.com/in/ryan-daub-b87b9b216/TakeawaysLanding a job in cybersecurity requires dedication, self-awareness, and demonstrating your skills through personal projects and documentation.AI is a useful tool in penetration testing, but it is not yet capable of fully automating the process due to the complexity and constant evolution of technology and environments.The role of an internal penetration tester in healthcare organizations involves conducting compliance testing, red team engagements, and collaborating closely with the blue team.Continuous learning and staying up to date with industry trends and certifications, such as OSCP and CRTO, are essential for career growth in offensive security.Collaboration and knowledge sharing within the cybersecurity community are crucial for personal and professional development.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#6 Is AI Going to Cause Bad Stuff? Of Course, Everything Does ft. Mike Finkel
Jul 31 2024
#6 Is AI Going to Cause Bad Stuff? Of Course, Everything Does ft. Mike Finkel
In this conversation, Kyser Clark interviews Mike Finkel, a penetration tester, about his background and experiences in the cybersecurity field. They discuss certifications, the importance of customer service skills in pentesting, and the role of AI in the industry. Mike shares his hot take on AI, expressing his excitement for its potential in pentesting. They also touch on the value of getting out of one's comfort zone and overcoming social anxiety. Overall, the conversation provides insights into pentesting and the skills and knowledge needed to succeed.TakeawaysCertifications such as OSCP, OSWE, and CRTP can be valuable in pentesting, providing a baseline of knowledge and helping with specific areas like web application testing and source code review.Customer service skills are important in pentesting, as effective communication with clients can lead to better relationships and repeat business.Getting out of your comfort zone and overcoming social anxiety can benefit personal and professional growth.AI is a hot topic in the cybersecurity field, with potential applications in pentesting, but it should be used with caution and not relied upon as the sole solution.AI tools like ChatGPT can be helpful in research and information gathering, but their results should be verified and not blindly trusted.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...
#5 Pay It Forward ft. George Raileanu
Jul 24 2024
#5 Pay It Forward ft. George Raileanu
In this conversation, George Raileanu discusses the importance of mentoring, strategies for finding a mentor, and the benefits of building a strong network in cybersecurity. He also shares advice on continuous learning, dealing with imposter syndrome and burnout, and the value of paying it forward in the industry.Connect with George Raileanu on LinkedIn: https://www.linkedin.com/in/george-raileanu/ TakeawaysMentoring is a crucial aspect of career development in cybersecurity, regardless of experience level.To find a mentor, attend local cybersecurity conferences, join online communities, and reach out to professionals in the field.Building a strong network in cybersecurity involves being genuine, reaching out to like-minded individuals, and asking for advice and guidance.Continuous learning in cybersecurity requires understanding your learning style, considering your flexibility, and identifying your goals.Dealing with imposter syndrome and burnout involves finding hobbies outside of technology, checking in with yourself regularly, and recognizing your progress.Paying it forward by sharing knowledge and experiences with others is essential for personal growth and the advancement of the cybersecurity community.Connect---------------------------------------------------https://www.KyserClark.comhttps://www.KyserClark.com/Newsletterhttps://youtube.com/KyserClarkhttps://www.linkedin.com/in/KyserClarkhttps://www.twitter.com/KyserClarkhttps://www.instagram/KyserClarkhttps://facebook.com/CyberKyserhttps://twitch.tv/KyserClark_Cybersecurityhttps://www.tiktok.com/@kyserclarkhttps://discord.gg/ZPQYdBV9YYMusic by Karl Casey @ White Bat AudioAttention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.The postings on this site are my own and may not represent the positions of ...