As a pen tester are you forced to travel a lot. I worry about starting a family in the future and being away from home often.

What is the difference between TCM academy and a cybersecurity boot camp?

@@moesparc 7777777777777777777777777777777777777777777777777777777777777777777777777777777777777&7777777777777777777777777777777777777

Hey bro how can I talk you privately

@@moesparc hey two years ago you commented . i am 17 yr old and dont want to have a problem of family too. please can you tell me if you are a pentester now that we get a problem of travelling or not?

Love to see this

Jfigueroa43 Hi, I might no be at his level but I do work as a penetration tester as well. What I can say to get started is watch videos on youtube related to hacking. Then if you have money maybe go for OSCP you’ll learn a lot from it. If knowledge is not enough try elearnsecurity first it was good as well highly recommended. Penetration Testing is huge I mean it have many fields as well, although idk if they call it as a field but what I’m trying to say is look for something also where you want to focus first whether it is on web app, sysytem/network, mobile, etc.. For example, focus on webapp pentesting first then you’ll learn to do other stuff along the way. Good luck and never stop learning :)!

@@joverflow1050 Hi i realy like your comment i am student in cyber security winch is a ethical hacking i am bit shy about my course by college did not tech me any coding as u say Ur a hacker or pen tester can you tell me do i need to know coding most for pen testing job thank you it is will be helpful if u reply back kindly.

@@monchurmiah1229 You do.

Zero Thanks for the insight man.

Well, a miniature model because the real thing will never happen :)

@@TCMSecurityAcademy I hope 1 day it will be happen.

You do realize you just cursed yourself?

@@thedarkthrone4699 he cursed himself a year ago

The salaries of this field are insane, they range from the 6 figure range and I have met people making up to 200k pending their knowledge and experience in this field.

Thank you for the constant support, hxmo

Did you ever get into it?

@@nicolaspope5599 yes, been working as a Pentester for over 2 years now, thanks for commenting this brings back so many memories wow Got my OSCP in 2020

I can also confirm this is an accurate summary of a pentesters daily life lol

How are you enjoying the job?

How are you enjoying the job?

Intro has been around a little bit, just not on the zero to hero vids. Glad you enjoy it!

hows it going so far?

@@batalorian7997 well so far I’ve had to delay multiple times from catching COVID, I have COVID again currently 😅

That's great :)

Thanks man. You get used to it as you go :)

We need a update

@@moodz271 Well I finished my bootcamp in November 2021, and I just passed my Sec+ cert this week. Looking at this comment I left months ago made my day from the progress I've made since then lol

@@skeppy8925 !!!! Congratulations

@@skeppy8925 congratulations bro. Hope the journey has been enriching?

Glad you like them :)

It's never too late. Check out my story: veteransec.com/2018/09/11/how-i-landed-my-first-infosec-job-in-a-competitive-market-advice-and-takeaways/. I left accounting at 26 and worked my way into cybersecurity. I make close to triple now in 3 years. If you work hard and stay motivated, nothing can get in your way. A degree doesn't matter if you have the knowledge.

It's Never too late

...Never

@@TCMSecurityAcademy do you have a degree? Certs? I am just getting started and am wondering what is the best path

Would you say you regret going to college was a waste of time and money?

Titles are kind of overrated. It's more about the job description. Typically, no. However, I know people working as security engineers who do pentesting.

Thanks for the ideas :) I do have a couple of videos discussing credential stuffing and alternative ideas. In most assessments for an external, social engineering is out of scope. That and physical pentesting fall under their own category unfortunately.

@@TCMSecurityAcademy I am in charge of our cybersecuriy and wow everything can be so overwhelming, I am studying evey min I can if I am not busy responding or investigating alerts from our SIEM/AV/Firewall your vids is helping allot.

Your Purple teaming idea has opened a new way of thinking.

Thank you for the kind words sir. I really appreciate it

Thank you. Check out this video for that: kzbin.info/www/bejne/g36aooOkf7ihgrM

Yes. Web apps are their own separate thing. A lot of similar methodology, but the tools and exploits vastly differ. There are people who only know how to do web apps, for example

Thank you

Thanks as always, Cristi

Ah, I knew I left something out! We call that "bench time". Yes, we still get paid. Perfect time to write a blog, study for a cert, read some news, build a new tool, etc. :)

@@TCMSecurityAcademy or make a cool video helping others!

That too :)

Thank you, Davy!

No I work remote unless absolutely impossible to do so

Awesome. It's such a great tool!

Thanks. I didn't have any skills or certifications. Just confidence that I could do the work, which I think helped. You have to find someone willing to take a chance on you. If you want a leg up, the A+ will help immensely with your basic computer knowledge and troubleshooting skills. It will also help land an entry level job.

@@TCMSecurityAcademy got it, people were saying the a+ is unnecessary but for someone with no experience i think its better than nothing. And i know every jobs has its hardships, but are you satisfied with choosing cyber security in the IT field, or would you take a different path looking back on it

Bro this is the most relatable comment I've seen in a long time. I'm literally finishing up my security+ exam and planning on taking the test in the next 2-3 weeks. And I'm planning on getting into entry level security and am Interested in pen testing as well. I also have the same dream/plan to work remotely while traveling to different countries. Did you figure out more about this and do you know how it works?

@@Haidderispro I actually got the job in cyber security 13 months ago. So far they don't let me work remotely due to security reasons. At this point I am not sure if it's possible to work remotely in cyber security somewhere else. I think coding is easier to work on remote access.

@@aleksandarrikic9208 Thanks for the response and I was thinking that could be a possibility. I know people who work remotely but don't know if they can work outside the country. Maybe its dependent on the type of company though.

@@Haidderispro on top of everything cyber security is very stressful and boring. be well aware if you wanna step into this.

DonGaming phd in theoretical physics

No either the client whitelists my IP (external testing) or I send a machine and remote into it. The machine automatically phones home on a VPN.

Is it possible? Sure. It's going to be an uphill battle though. You're going to have to prove you're knowledgeable on the topic and have the drive to stay focused and finish tasks at hand. School is only partly for education. It also shows you're able to finish what you started. I don't know your situation, so just focus on being the best version of you that you can be. Start working on Hack The Box and other cheap resources. If you can get to a really high level, even Omni, you might get taken more seriously through their job boards. That's just one thought path. There are many avenues in, but they all consist of hard work. Remote is also possible with a ton of patience and good skill level. It will be hard to obtain as a first job, but it's possible because I did it :)

@@TCMSecurityAcademy thanks man i was worried i have money saved up for couses i just wanted to know if its possible aprecuate it man im subbed now :)

A video idea maybe is to show wbat is required to be a pentester what knowledge is required i jave been messing with linix since i was 13 its just a idea if youre interested

@@jaydeecrous4404 You mean....like this one? kzbin.info/www/bejne/g36aooOkf7ihgrM :)

Howdy. Start with PTP and build a hacking foundation first. The web app can come later. I think doing PTP + WAHH is a great idea. If you're passionate about web apps after that book, give the WAPT a go. It's a fantastic course, but definitely get some general pentesting chops first.

Yeah I agree with TCM, I passed my PTS and then moved straight on to OSCP and just grinded and eventually passed. I'm now doing PTP and find it sooooooo useful! There's so much in PTP that can be put to use in real pentest engagements

I just recently started my course in cyber security, not much fun just all theory. I really like what you do and what would your advice be for starter pen tester?

About a year and a half. If you're curious about my journey into infosec: veteransec.com/2018/09/11/how-i-landed-my-first-infosec-job-in-a-competitive-market-advice-and-takeaways/

That looks far from relaxing. You want relaxing be a lifeguard.

I usually go on site for a wireless, but we are starting to figure out that even that can be done with a deployed machine. :)

I work for myself now and I did enjoy my job at the time of the video. Companies pay to do pentest work as a consultant not a contractor (in my work experience). I did not travel much and now only travel if the client wants me there. Usually they dont want to front that bill :)

I think that’d be red teaming tbh

I set my schedule around my clients, which is pretty flexible

@@TCMSecurityAcademy looking for a mentor

Put in the work and anything is possible my friend

Yes, but it's really rare. The ones I have done were checklists provided by a client for compliance purposes. You fill out the checklist like an audit. We also sometimes do console assessments where we review security postures (take a firewall for example) or cloud assessments, which also assesses security posture. These are all few and far between, so I dont count them as day to day. Some shops might not do them at all.

@@TCMSecurityAcademy More people should do them. Especially osint risk assessments. Osint is one of the first things I go to for pretty much everything. I want to be a pentester (social engineer) after I get done with school. (I'm doing my AAS in network engineering then hopefully a BAS in Cybersecurity at my school.)

Both

You're welcome!