I'm a developer looking to get into pentesting. I've played around on hackthebox.eu a bit but is this worth my time or are there better resources?
@billy Hack The Box is about the best challenge site I know for pentesting. You could try playing in CTFs as well, but CTF puzzles may or may not be security related. However, CTF challenges from past years tend to have write-ups available online that can help you learn.
"Secondary school level" CTF: https://picoctf.org/
"University level": https://365.csaw.io/
Find all the CTFs: https://ctftime.org/
@billy Don't miss the Sans holiday hack challenge. A ton of fun, and lots of opportunities for professional networking.
@billy If you're interested, we talked to Ed Skoudis, the head elf in charge of the masterminds who cook up Holiday Hack, on our show just last week. Hope you enjoy the challenge! I'm hoping to get in and give it a shot, as always. :D
@billy pentesterlab is pretty good when you come from a dev background and want to start pentesting / bountyhunting
A Mastodon instance for info/cyber security-minded people.