Make sure you have a strong
foundation of knowledge and
skills. As a beginner focus on
improving your knowledge day
today and stay up-to-date on the
latest attacks, trends, and technologies in this field.
2. NETWORKING
Networking is a key to every
domain of IT. Attend industry
events, and connect with other
cybersecurity professionals to
build your network and maintain
a good contact.
3. GAIN HANDS-ON EXPERIENCE
Having much practical experience
in cybersecurity is very important
for making yourself more
competitive in the job market. So,
consider practical-based learning
methords.
4. ONLINE PRESENCE
Having online doesn't mean
active social media 24*7, it means
your LinkedIn profile should be
up-to-date and showcases your
skills, achievements, and
experience in this domain.
5. PARTICIPATE IN HACKATHONS
Cybersecurity is a growing
domain, and the competition rate
is very high. So, If you want to
highlight your profile. You should
have some unique skills like
coding skills, blog writing, Paper
presentation even Participating
in Hackathons.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
- Do Penetration student course from @ine or Practical Ethical Hacking course from @TCMSecurity
- Learn OWASP top 10
- Go through the Web Security Academy from @PortSwigger (Burp Suite is one of the main tools for Web Pentest and it has a community edition)
- Practice your knowledge using vulnerable apps, like Webgoat, Juice Shop, @hackthebox_eu, @RealTryHackMe, @VulnHub and others. There are so many
• Blind XSS-> Type of stored XSS. (Payload gets stored on a web page)
• Where do you find them? - In places you cannot access.
> An admin panel
> A log history restricted to admins
> A feedback form that goes straight to the admin
> A chat bot message to the support team
• Where do you put the payloads?
> In headers (eg: in Referer and User-Agent headers while filling forms)
> Put the payload in your username and self-report yourself ;)
• But how will you know if the payload actually fires?
> XSShunter!