Hi everyone! I am a freshmen and decided to join the net sec club at the beginning of the semester with little prior knowledge in the field (just passion for it😅). I did one entry level competition in the fall and did bad. Now, I have the opportunity to try out for the CCDC team. However, I am very nervous as I have little knowledge and will likely be the sole Windows defender. I have been working hard to try to understand and prepare but I feel very outclassed. Does anyone have any advice for the competition or resources that could help me prepare for attacks used in it?

Are you:

• Struggling with time management?
• Missing out on practice tests?
• Feeling overwhelmed by routing protocols?

This latest guide provides actionable strategies to overcome these pitfalls and excel in the JN0-664 exam.

🎯 Boost Your Skills. Reduce Stress.

https://www.nwexam.com/blog/jncip-sp-study-pitfalls-tips-overcome-them

Before starting my cybersecurity learning journey I want to have very strong knowledge and experience about networking, since it is necessary to understand basic and in-depth topics about different fields in cyber, so I decided to study ccna to build a strong foundation for networking. The question is, after I complete ccna, should I go for ccnp enterprise to strength my general networking skills and knowledge or is ccnp Enterprise overkill for cybersecurity learners?

Notes:

• I am talking about general networking

concepts and not security-wise, so I am not looking for network security based knowledge ATM.

• I chose ccna over other certs as it is required by many employers and provides both theorical and practical experience.
• In case you do suggest ccnp enterprise after ccna, should I go for it immediately or first have experience?

using event viewer and resource monitor i am trying to find the exact details of what is constantly checking my location and how to stop it.
example: recently a dev of a web app (a PWA app he mentions) i was using was asked to find out why this was happening as it was showing in privacy & security > location, in windows seemingly sporadically and very often.
he said he "fixed" it but now it just comes in as generic microsoft edge. ill attach pics.
i want to see IP info, mac address, etc, all the way I can block this.
thanks kindly!

https://preview.redd.it/89y86d8fsf8e1.png?width=908&format=png&auto=webp&s=2117e2f90716622f51a18ff9706c1eb7c1b34a88

https://preview.redd.it/7i3bdjmnsf8e1.png?width=907&format=png&auto=webp&s=b5091fa4fd6c69066f993a383a5ff3281581fab1

please bear with me if its too long :') My experience: I (25M) graduated recently with a degree in computer & communications engineering here in Egypt, i've done bug bounty for a couple of years (not full time) and got like 50 bugs in bug bounty programs and got paid many times (and have published writeups about some bugs) i can't work in my country til i finish my military service (which is very close to start and lasts around one year), if i go in i'll be 27 years old when i finsh it..

one interesting option for me is to do a masters in germany, if i do this, i can skip the military service and go straight to germany, the problem is i don't know german (i can confidently reach A2 while i prepare for the masters) and i'm afraid if i go i won't land a cybersecurity job besides doing my masters (i'm allowed to work on a student visa) and i'll have to work any retail job (so i can pay for expenses) til i finish my masters, what would you recommend me that i do ? my final goal is to work full time as a web security researcher or actually be so good in bug bounties that i can do it full time. the main problem with the masters is that i may work any bullshit job while i can work in security, and also i'm not really sure how helpful will the masters be to my work goal, i can obvsiously go to Germany and not care about the masters and just focus on getting a nice job

here are the two paths again:

1- finish military service at 27 years old, start improving resume (bounties, certs etc) and start applying for jobs (in and outside of Egypt) 2- appply for a masters in germany and hopefully try my best to land a cybersecurity related job besides my masters

note: trust me when i say i'll be 27 years old when i finish the army stuff ik the dates are kinda confusing

Hello community,

I have went to other communities and asked for some advice but I figure that more advice would be good.

Currently I am in college and got into networking from a family friend in the field and he essentially mentored me. My one issue is that I am having a hard time finding an internship or like a low level position in order to get started in order to work, experience, and learn more about the field.

I don't know if it is just late into the year and companies are stretched thin or I am just lost in trying to find something.

I have applied to basically everything and no dice. Just looking for some advice or maybe even a recommendation to a company that would be good to start at, especially for entry level or internship level.

I am enrolled in college taking engineering

I am also junos-JNCIA certified

currently studying for security + with all the free material I find ( the course is out of my budget rn )

Do not mind moving or anything of the sort

Hopefully I can get some advice and more forward in a better direction. So far, the advice from other communities has been good but not as insightful as hoped.

Hi everyone,

I’m a 25-year-old woman eager to break into Cybersecurity, specifically in the GRC (Governance, Risk, and Compliance) field. So far, I’ve earned a Professional Cybersecurity Certificate from Coursera and the (ISC)² CC certification, and I’m currently preparing for the Security+ exam.

My question is: Is it possible to land a cybersecurity job without having the Security+ certification yet, while continuing to study for it after securing a role?

The state I currently live in (New Hampshire) doesn’t offer many opportunities for tech or cybersecurity jobs, so I’m considering relocating to the DC area, where I’ve heard there are better opportunities. However, I don’t have security clearance. Would moving there still be a smart move?

For additional context:

• I have a Bachelor’s degree in Communications with minors in Business Administration and Gender Studies.
• I’ve also completed a Project Management Certificate (PMP) from Coursera.

I’m just looking for some guidance on what my next steps should be to successfully transition into this field. Thanks in advance for your advice!

Hello! I’m a student and a complete beginner in networking and cybersecurity. I know that to pursue a career in cybersecurity, I need to understand how computers and networks work. However, I’m quite confused about which certificates I should start with, as there are so many options online. I would really appreciate guidance on the proper flow for taking these certifications. Thank you so much!

Looking for mentor groups and roadmap

So boom I’m 30 got out the military almost 2 years ago as security forces abs have been contracting. While do executive protection i came across a course at my security academy that was cyber focused and decided to take it, it was only 5 weeks long but it awakened my mind to tech but more so cyber/hacking. I am currently enrolled at wgu in the cyber program but it’s not going as deep as i want it to and it’s kinda hard to meet ppl in forums and stuff when you don’t know anything really. I want to become truly great at this across all areas cyber/ hacking so if anybody can point in the right direction as far as groups roadmaps mentors in general please lmk. I should add I’m not looking to get a job i just have love for the game

Recently I wondered if it was possible to obtain a list of all (or most) of the public ipv4 ip's for a certain area, so first I decided to start with countries, I thought it would be as simple as each country being assigned a certain IP range, but this clearly isn't how it works, I tried looking into Ripe NCC for a European country but the records it gave back seemed to be outdated and from 2009.

so then I looked at ipinfo.io which gave me a much better detailed analysis of some of the IPs in the area to go off for the country but they all seem so mixed e.g :

5.92. etc. 89.21 etc. 11.78.09 etc.

there seems to be so many variables involved when it comes to ip's being assigned, I just don't get how it works.

I don't want to rely on some service to fetch all the IPs in a country or area for me and I assume this is all public data / info they're pulling from.

What resources can I look at to learn?

Hey, I have started my journey into IT and Cybersecurity and my college gave 4 year free acces to linkedin learning and O'reily. How can I use these to start learning.

To be very honest, I don't really have much idea yet and what kind of topics do I need to learn since I was bedrest for last 8 months.

It will be helpful if someone could list down important topics and subjects, I have to cover.

I will appreciate the help as I am trying to research topics by myself.

Hey I'm a 31M and I've been doing landscaping and plant health for over a decade now. My body is starting to break down from the manual labor, and I just can't gonna have to retire at 40 if I keep going like this. I was looking into a few new career paths since I got laid off at the end of November. Cyber security seems like a cool way to go, but I've never done any coding or anything of the like. I was wondering if you guys could give me some courses or other things that could at least get me into a base level job or something of the sort. I've got money to pay for courses, but I don't have enough to go back to school. Any help would be really appreciated. Thanks in advance.

I've just found this: https://www.zenarmor.com/network-security-books, please recommend me some other lists

I'm trying to figure out what free tools and resources are out there for network security students. You know, the kind of stuff that helps you learn, practice, and maybe not feel broke while doing it.

If you’ve got any tips or tricks for leveling up in netsec without emptying your wallet, drop them here. I'm all ears.

Which one is the best course for pentest or ethical hacking for beginners on coursera..

Hello! I'm a high schooler, and my dad and I recently bought a year subscription to Coursera because they had a pretty good sale going on. I'm looking to start building my foundational skills in IT and then move on to the more security-specific ones. Besides the Google Cybersecurity course, are there any others on the platform you'd recommend I use?

I know a bit of react (frontend) and some python and i have much love for cybersecurity or pentesting bt i dont know where to start or what sector should i do cause i have much love for programming and scripting bt i want to do it in cybersecurity what should i do .. Thanks for help.

Guys I am new, and I am interested in learning cyber security and Ethical hacking, I know basics of python and basic linux commands like navigation , switching to root user, cat, echo etc. what are your recommendation from where or how should I learn it. Can you guys also recommend me which part of Ethical hacking should I focus on

Hey everyone,

I wanna become a pen tester but can’t decide between a Computer Science degree or Computer Science with Cybersecurity & Networks.

In my mind, CS provides a stronger foundation in programming and other core concepts while the latter course is more relevant to my goal. For extra detail, for the first choice, I'm considering pursuing the CS degree first and then specializing with a Master's degree in Cyber Security.

Would it be better to start broad with CS for long-term flexibility or go straight into the specialized degree? Any advice from people in the industry would be nice.

Thanks.

Im just about to start my degree In IT specializing in Cyber Security begining of 2025 and want to be ahead of the curve by collecting a bunch of certifications but the problem is i dont knowe where to start. Bear in mind im starting from 0 experiance so i would like some roadmap recommendations on where to start and where i should be just before i finish my 3 year bachelors.

I have been looking for a good tool for converting pcaps/live packets to a csv file.. found out cicflowmeter does that..but omg.. no variant of the tools works for windows.. it works just fine for linx.. but if anyone has a working variation.. any help would be great..

A vulnerability in the ksthunk.sys CKSAutomationThunk::ThunkEnableEventIrp allows a local attacker to exploit an Integer Overflow vulnerability which can be used to gain elevated privileges in the Windows OS: https://ssd-disclosure.com/ssd-advisory-ksthunk-sys-integer-overflow-pe/

I'm supposed to make an end-of-year project focused on the conception of a machine learning-based NIDS.

Is it reasonable to implement such a system by integrating Zeek, Snort, and Suricata for their complementary strengths in traffic analysis, signature-based detection, and performance validation, despite the challenges of integration, data handling, and real-time efficiency?

thanks in advance

I am testing the efficiency of OWASP CRS with a fuzz based testing tool GotestWAF where it fuzzes the payload by encoding and it places it in different placeholder such as URLpath , URL param, HTMLform and HTMLmultipart form . However I am having a doubt if xss in URLpath is valid .

Hey, this is my first time asking here.

A bit about myself: I'm currently a cybersecurity student at a university, not in the US. Things are a bit different in my country, but to give you an idea of my academic background, we can say it's similar to having a bachelor's degree in computer science, and now I'm in a master's cybersecurity program.

Recently, I have been thinking that I should specialize in some cybersecurity domains. The motivation for this thought process is that cybersecurity is a huge multidisciplinary field, and you can't be an expert in everything (network security, IAM, cloud security, Android security, Windows security, etc.).

Before specializing, I believe it's important to have a solid foundation, and I think I do. My background includes:

• Networking: LAN (equipment, VLAN, subnetting, routing), WAN, dynamic routing, firewalls, network services (DNS, DHCP, NFS, SAMBA, ), OSI model, different TCP/IP protocols... - Programming: HTML/CSS, JS, C/C++, Java, Python, and shell scripting. - A good understanding of Linux, cryptography, among other topics.

Now, the question is: which domains should I focus on? After doing some research https://pauljerimy.com/security-certification-roadmap/ and based on discussions with my professors and based on my personal interests, I have chosen the following areas:

• OS Security
• Malware Analysis
• Digital Forensics

Thus, I plan to delve deeply only into these domains. For example, regarding OS security, my plan is to:

1. Study the theory of how operating systems work. For this, I have begun reading the famous book "Operating Systems: Three Easy Pieces" You might wonder why I'm revisiting this topic since I have a bachelor's in computer science; the answer is that most courses don't go into too much detail, and I want to refresh my memory.
2. Explore the design decisions of specific operating systems (for Linux, I plan to read "Linux Kernel Development" by Robert Love; for Windows, I will read "Windows Internals").
3. Participate in CTFs and challenges that focus on OS security.

The goal of this post is to share my thoughts and to ask the community what they think of this thought process. Any thoughts, tips, or recommendations are very welcome.

EDIT: formatting.