Sunday, September 29, 2024

Navigating the Cybersecurity Landscape: My Journey to Becoming a Source Code Reviewer

 

My Journey to Becoming a Source Code Reviewer

Hey guys! I’m Richard, and I’ve been interested in cybersecurity for a while now. My journey started from a place of curiosity—I wanted to understand how things work. Of course, the desire to break things is something that many of us share, especially me! 😂 Money was also a pretty interesting reason for me to join this field, as the potential for a lucrative career in cybersecurity is quite appealing. 💰

I created this blog as a sort of resume to showcase what I’m learning and hopefully provide some value to those who read it. Recently, I transitioned from full-time hacking and bug bounty hunting to focusing on learning cybersecurity more deeply. This shift has allowed me to explore the theoretical aspects of cybersecurity, which I find equally fascinating as the practical side. 🔍

I’m a "learn as you go" kind of person, and I’ve already become somewhat proficient in using Linux and basic networking. Whenever I need to learn something new, I dive in and figure it out along the way. This hands-on approach has helped me grasp complex concepts more effectively, and I enjoy the challenge of solving problems as they arise. 💪

Resources I Use

1. PentesterLab
PentesterLab is an amazing platform for learning code review and hacking in general. You can check it out here. Although I’ve only completed one lab in the code review badge so far, I find it incredibly valuable. My challenge has been that I don’t yet know JavaScript well enough to read or understand it in depth. I often find myself wanting to go through the labs with spoilers instead of fully learning the material, but the resource is fantastic nonetheless. I highly recommend it to anyone interested in this field! The hands-on labs provide a practical approach to learning, which is essential in cybersecurity. 🔐

2. You Don’t Know JS (Up & Going)
I’m also reading You Don’t Know JS (Up & Going), which you can find here. This book is available for free, and I opted for the eBook version. It’s a great resource that teaches you the concepts of JavaScript while encouraging you to practice what you learn. I often find myself applying the concepts in the developer tools command environment (just hit Shift + Ctrl + I in Firefox to access it). The book's clear explanations and practical examples have been instrumental in building my JavaScript skills. 📚

3. FreeCodeCamp
I also use FreeCodeCamp for hands-on coding practice and projects. The platform offers a structured curriculum that covers a wide range of topics, from HTML and CSS to JavaScript and data visualization. I appreciate the community aspect of FreeCodeCamp, where I can connect with other learners and share my progress. 🤝

4. Assetnote
Another great resource I plan to check out is Assetnote, which offers tools and insights for security research. Their focus on vulnerability management and security testing aligns perfectly with my learning goals, and I’m eager to explore their offerings to enhance my skills further. 🔧

5. JavaScript Libraries
I plan to start by reviewing JavaScript libraries to deepen my understanding. I’ll be looking for vulnerabilities and best practices in popular libraries. This hands-on experience will not only improve my coding skills but also help me understand common security pitfalls in web development. 🛡️

6. JavaScript Mailing List
I also subscribe to the JavaScript Weekly mailing list to stay updated on the latest news and resources in the JavaScript community. This weekly digest provides valuable insights into new tools, frameworks, and best practices, keeping me informed about the ever-evolving landscape of JavaScript development. 📬

Notable Names to Follow

On Twitter, I follow some notable names in the cybersecurity and tech space, including Shubs from Assetnote and other influential figures who share valuable insights. I monitor their posts and engagement using a Twitter list, which helps me stay updated.

Closing Message

Thank you for taking the time to read about my journey! I hope you found some useful resources and insights that can help you in your own path in cybersecurity. Feel free to reach out if you have any questions or want to share your experiences. Let’s learn and grow together! 🚀

THE FIRST ONE

Welcome to My Blog

Hey there, I’m Richard, and I’m super excited to kick off this blogging journey with you. As a part-time bug bounty hunter and a computer science student, I’ve got my hands full, but honestly, I wouldn’t have it any other way. I’m joking—if I had a dollar for every late-night hacking lab session, I could probably buy a tiny island.

Lately, I’ve been diving into web hacking, and I’m on the path to semi-understanding it. I’m joking—it’s an extremely vast field, and I’m almost mentally exhausted, lol. But it pays well and is a lot of fun, so what am I to do? I can’t wait to explore more attack surfaces, like mobile apps and desktop applications, and share what I learn with you. My goal is to create a sort of accountability for myself and maybe even for others—who knows.

You might be wondering how I plan to organize these blog posts. Starting this week, I’ll be posting updates every Monday, curating content throughout the week. Each post will focus on my learning process, sharing tips, and documenting my experiences from Monday to friday. Then, on saturday, I’ll compile everything into a cohesive blog post and post it. Think of it as a weekly tech diary.

Now, speaking of updates, it’s been a while since I last posted. I hope you’re having a great year so far and enjoying lots of fun. I’m currently on holiday until around February, which has given me some time to reflect and recharge. This break is also related to a course I’m taking with some friends, and it’s going well. I plan to write about that experience if I can fit it into my schedule.

I started writing again recently as a way to summarize my week, mostly inspired by my ADHD brain and Monkiehack's inspiring blog post. if you haven’t checked it out yet, you should definitely give it a look. It’s a great reminder that we’re all in this together, navigating the ups and downs of learning.

I’ll also be sharing resources that I find helpful along the way, so stay tuned for that. Whether it’s a cool tool, a mind-blowing article, or a funny meme, I’ll make sure to pass it along. Please pray for me, as I find writing a bit challenging at the moment.

A special thanks to my friend who helped me polish this blog post. As a non-native English speaker, I sometimes make mistakes, and their support, along with the assistance I received from a helpful AI language model, has been invaluable in making my thoughts clearer and more engaging.

Thanks for stopping by and reading my blog. I’m looking forward to sharing my journey with you. Feel free to connect with me on Twitter: @richard_onyeka_. I’d love to hear from you. And remember, if you ever feel overwhelmed, just take a deep breath and watch something not tech-related, like the Twilight Saga. At least that’s what I always do. I’m joking—work hard, but remember to have fun. We’ve got this! 💪

Hack the planet

 

 

How I Earned a $617 Bounty from GitHub

  Not Essential (Intro) Hey folks, it's been a while since my last blog post. To be honest, i suffer from a serious case of procrasti...