Follow

I'm a developer looking to get into pentesting. I've played around on hackthebox.eu a bit but is this worth my time or are there better resources?

@billy Hack The Box is about the best challenge site I know for pentesting. You could try playing in CTFs as well, but CTF puzzles may or may not be security related. However, CTF challenges from past years tend to have write-ups available online that can help you learn.

"Secondary school level" CTF: picoctf.org/

"University level": 365.csaw.io/

Find all the CTFs: ctftime.org/

@stick thanks for the tips and links! I'll have a look at some of these

@billy Don't miss the Sans holiday hack challenge. A ton of fun, and lots of opportunities for professional networking.

@gangrif thanks! I hadn't heard of this before but I went ahead and registered

@billy If you're interested, we talked to Ed Skoudis, the head elf in charge of the masterminds who cook up Holiday Hack, on our show just last week. Hope you enjoy the challenge! I'm hoping to get in and give it a shot, as always. :D

ironsysadmin.com/2020/11/19/ep

@gangrif Oh nice! I'll have to give that a listen then. Thanks!

@billy pentesterlab is pretty good when you come from a dev background and want to start pentesting / bountyhunting

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.