Reprinted from: https://mp.weixin.qq.com/s/ZXRI6KUtu6IwCYrjuy_3Tg
Meet is the edge , a lot of white hat became friends. 6 years my friends to and fro, and some have become colleagues, and some vendors' efforts, some turned to get big business, and some switch to real estate sales, website development, net red, fruits and so on.
Many people have left this circle, bless them; more people are still so today we want to talk soon turns into the next little friends often wonder how to grow the white hat? Try to talk from several angles initiate Whitecaps hope to inspire.
"A" to find a good direction
Direction What's the use? You determine when confronted with a new knowledge, it is still free to good research to know whether it even lower.
From the origin of the ability to speak, vulnerability discovery is the basis of the ability of white hat, derived, generally white hat techniques can select from three directions growing:
1. The ability to dig deep vulnerability professional direction : either web or iot, whether it is java or php, if you have thoroughly studied this verse assembly Daniel direction, which needs to have the ability to master the code proficiency is also required for official detailed interpretation of the document, most of the features not depend fuzz out, but understand the safety of people reading documents found defective design, multi-master a few of you have nuclear weapons;
2. vulnerability exploiting cross-cutting capacity across the field : web to do more projects always encounter some of the app, iot's activities when encountered, stop killing God, God, adopted piecemeal, are studied again after you find no attack the system is not broken, you have not only begun to study the loopholes, often have cross-cutting issues common tasted it ended, it is recommended no matter what direction to dig, to all those who could assess the level of high-risk vulnerabilities look into;
3. shifted from the attacker Defense: Sometimes you will find that some people do not understand vulnerabilities, you let him repair a blocked alert xss his argument, as if the defense side, sometimes you need to try to underestimate the ability of his teammates, but on their own unlimited high demands put, this vulnerability if you should be how to repair, security development lifecycle what should we learn what to do, you're more research enterprise security and defense experts, most companies are very need for such a role;
We look at the business - setting for the white hat is relatively matched, general analysis, automated mining (scanner) posts will be based on vulnerability vulnerability itself, based on the penetration of the red team post exploit, vulnerability-based security offensive and defensive defense operations & blue team jobs, services and security experts, offensive and defensive operations expert community posts. Operations is a very broad concept, technical operations post is technology.
In my opinion I entered a business and entrepreneurship have one thing in common, is that you need to identify a point or a direction. Ability will fit relatively little success, or lack the ability to easily misplaced uncomfortable. Of course business complex.
"Two" to find the method
The method is the path, determine what method you use to grow.
Technical grow many ways, but it always is in the accumulation of new ways to experience, you can not dig half a year or only use a few xss poc try to try to grow three elements: learning, practice, thinking. ASRC hope you become more powerful. Several paths of growth:
1. The real growth , to find an authorized project to do, SRC's vulnerability reward, B's project services, project all the test platform, H1 and other overseas platform, do not do private projects to prevent unauthorized to do more new SRC project authorization or dig a new domain name, can not solve the problems encountered consult learning solution, stuck looking to explore new ideas to use extended, where there is a very effective way is to look at those loopholes open, how to dig what vulnerabilities principle behind this is that the process of looking for what;
2. devote themselves to learning , a lot of books and articles in the Internet, ppt various General Assembly is everywhere, is like looking for a book in 5000 took some time to digest it, and then do an experiment to achieve it, if a teacher Professor, the establishment of a research question to let you solve the material, so will be very fast, and now many ctf is such a route, but some low-quality ctf brain teasers title is purely manual labor. Many people use real retreat for some time to come out and then retreat again real way, it is very good;
3.经验的工具化,让自己的字典更加强大,让poc集更多,让信息收集和利用的过程更加简易,让原来10分钟的事情现在10秒完成,网络安全发展这么多年其实能称之为新的突破的知识其实更新频次是非常低的,但是把所有现有的经验沉淀下来非常不容易,成型的metasploit神器对你来说已经够用,但有些人还会在上面封装一层去优化,让工具更便捷、让渗透更高效。不管你擅长c、php、python或者是java,你都需要思考工具化,ASRC有位大哥易语言贼6。
「三」设立目标
职业生涯黄金年龄就那么十几年,之后很难再起。阶段性的给自己一个“胶带”很重要。
做技术理想状态下给自己三年无论在哪潜心修炼摸索实践,三年后一波小爆发。其中设立一些里程碑、进度条。三年完成再下一个三年。
实际来看大多人本是平凡人,太长远的目标虚无缥缈,所以回归短期来看,可以以一个荣誉为目标,获得后再争取更高的荣誉;以写一个工具为目标,拥有自己的渗透套件;以一个厂商的严重漏洞、cve等为目标,物质+荣誉;以一个证书为目标,oscp类考试学习成长很大;以一个岗位为目标,看岗位要求努力学习面试。目标必须是为之努力的过程确实能给自己带来能力上的提升,或者拿到后给自己有buff加成的,否则意义不大。
是不是有一种玩游戏的感觉,过一关又过一关。职业生涯其实也是一种游戏,掌握游戏规则最重要。
「四」找到合适的环境
人与人不同,很多人原本向往大甲方,但真正去了后又离开投入别的事业。就像爱情,总要找到合适的人。
一去甲方,大型互联网公司如阿里往往有很高的天花板资源多足够学习挺久施展空间也很大,为上亿用户提供安全保障,服务上千万商家,如果能力还要成长那先找个公司服务几万用户也不错,但总要来见识下;
二在乙方,安全服务工程师大部分项目制,做完赶赴另一个项目节奏感明显,研究团队则能在技术领域钻研较深,乙方有不以结果重导向的环境;
三是自由职业,这一点和轻松的甲方及大部分乙方可以并存。五六年前就有人说,做白帽子挖漏洞不长久,其实不然。我们处在信息化飞速发展的时代,每年大型互联网公司中都有数百个创新的项目在等待开发上线,也有无数的功能被更新、代码被回滚,而即使是强如谷歌微软阿里,也总有开发新人换旧人而自带安全技能的开发没那么多,还有无数的传统企业正在经历互联网的洗礼逐渐开启安全的心智上网上云,你不测试总有别人发现宝藏。SRC和众测作为业内成熟的形态,若你在一个圈子玩久了成为核心,总能有更多机会获得更有利的资源,也会认识更多优秀的伙伴互相帮助成长,加入一个团队也是很好的选择。
本月初ASRC与先知联合推出了王牌A计划2.0,旨在打造一个更好的白帽社区环境,王牌A简单说是会员体系。
ASRC平台获得奖金最多的白帽已经在平台累计获得了200万+的税后奖金, 先知平台的顶尖白帽年入百万。我们给予表现突出的白帽更优的福利,黑桃A可以额外获得100%,且能参与大部分先知私密项目,但是获得难度也非常大。
王牌A意味着什么?用奖励简单说,黑桃A意味着月入30万的能力,红桃A意味着月入5万的能力,方块A意味着月入2万的能力。当然这只是baseline,大多方块月入远超。王牌A们聚在一起,战斗力爆棚!
除了上述这些,认识一些安全圈的朋友,多见识见识参加一些会议甚至BlackHat,有较好的英语-国际化能力与外国黑客互动,都能为成长带来一些非技术的成长。如果你是社区核心,有时不需要你主动寻找去参加,像1月10日阿里白帽大会都会主动找阿里核心白帽来与其他白帽一聚。有朋自远方来又能倾听学习猪猪侠、jkgh006、二哥gainover、顶尖白帽小灰灰的卓越演讲,参与讨论了解别人的故事集思广益说不定能为你来带新的成长,不亦乐乎?不沉迷此道即可。
安全已经不是几年前那种靠一点技术脑门一热就能博眼球show技能搞pr的时代,今年是一个节点,如今硬碰硬的对抗无处不在,唯有沉心修炼循序渐进方能开云见日修成正果。
