I am currently trying to learn cyber security, specifically pentesting. I also do blue team things now and then, but not too often. I’ve started about 2 years ago with programming in python, later golang. I feel like I am decent in both. However when it comes to pentesting and security in general. It doesn’t feel like I’m doing progress whatsoever. I know about theoretical Linux, networking, programming and that stuff, but when it comes to the hands on tasks, I fail miserably. I know know how HTTP works, but can’t do easy Hack the Box CTFs without a complete writeup (not just little hints). I solved a few CTFs on different platforms with the help of writeups because I thought I just lacked the creative thinking part, but I don’t see any progress. And when I feel like doing CTFs, I quickly loose motivation because I don’t get anything done. Can anyone relate? How can I overcome this?
It can take years of practice. Keep at it, everyone feels this way, and the ones that don’t break through are the ones that give up
Like anything else, start slow. Do easy CTF challenges without the write up. Or at least go through the logic of how you’d approach the solving the problem. If you need help using tools, that’s just experience and reading the documentation. Tools come and go (some quicker than others). But the logic and problem solving skills are the foundation. If you always use a crutch/training wheels, you’ll always rely on them.
Like riding a bike, take it slow. Set a timer to problem solve. When the timer goes off, implement what you came up with. If it doesn’t, go back to the write ups and see what they did. Keep doing that for longer cycles until you solve one without write ups.
IMO penetration testing is a skill that is built upon knowledge of the fundamentals in a pretty long list of topics. System admin using the command line only for Linux and Windows, network administration like switches, routers and firewalls, web applications, databases, and programming. Again, the fundamentals. No need to be an expert. Knowing command line is key because usually you won’t have GUI access to targets.
So what I tell folks is to look at where they have gaps and do some introduction courses on those topics.
For example if databases are a weak area learn the basics on some SQL and no-SQL databases. That will help lay a foundation for later learning database attacks like SQL Injection.
Same applies to many penetration testing concepts. One needs to understand the underlying fundamentals that support the attack to really get it.
Then it’s a matter of building skill in identifying weaknesses and matching those up with a technique that can exploit the weakness. That is a continuous learning process because tech never sits still. It’s perfect for the perpetual student type.
Read, reproduce, understand. Think of how the programmer was solving a problem and left a problem. Did they probably didn’t understand the problems. The synthetic challenges are often a skill to themselves.
Re attention span, consider different expectations. Professional product engagements are often 2 ftes/2 weeks. Getting a few good findings out in that time is the goal.
Sometimes they run out of time on a thread they are looking at. Sometimes they pull on a thread only to find out there’s no way from here. Sometimes years later there’s an insight that x could work.
Building up that last skill is what makes you more effective. Find someone to bounce ideas off of that’s in the learning curve with you.
Hacking my local ISP, electricity provider, university and a bunch of companies. Back in the late 90’s, quite a few of those took little more than dissecting cgi scripts in public folders to gain ftp credentials, uploading a script to some autostart/cronjob folder and waiting for the next reboot, that inevitably came within 72h.
