Profile of a Hacker
As a continuation of our Hack Through the Holiday's profile of the top-performers; our next winner profile features Matt Pardo, an active member in the security community that has given back in numerous ways.
Matt helps manage the OpenToAll CTF team, a group that provides a team-oriented focus on learning through Capture The Flag (CTF) events. Matt also runs BSides Austin, coordinates the education program for Austin’s OWASP chapter, helps with LASCON and works at Rapid7. Thanks for all you do to help grow the security community Matt, and great job in our Cyber Range!
SI: How did you get into security testing?
Matt: I was lucky enough to work at a university early in my career. While there, I was introduced to Usenet, which led to finding things like Phrack magazine. After reading about security topics, I became obsessed with it and have been working in some form of security ever since.
SI: What is the most interesting exploit, vulnerability, or finding that you’ve discovered (and are willing to share)?
Matt: There are so many interesting exploits. One that was most interesting for me was a blind XXE. It took a lot of work and some luck to discover it. Right now, I am very interested in exploit chains, i.e. how to go from a simple exploit that isn't much of a finding to a series of exploits that lead to higher privileges.
SI: It can be difficult to build up the knowledge and skills needed to become a good hacker. How did you learn these skills?
Matt: I think of it as more time-intensive than difficult. There is no one thing you can learn to become an expert. You have to dedicate a tremendous amount of time and work to build expertise. My passion for security has really served me well because it has driven me to keep learning. I am always reading about security and attending training for it. I think getting involved with CTFs early on through OpenToAll helped me learn about even more resources.
SI: What recommendations would you have for others that are interested in learning more about security and hacking?
Matt: I believe you always have to be reading, listening, and attending to security. There is an enormous amount of information available. That might seem overwhelming, but the first step is to figure out what media works for your learning style. Once you know that, you can narrow down the options to something that is manageable. You also have to figure out a way to avoid burnout.
For new people, who are interested in hacking or pen testing, I would recommend the following path:
1. Pick either network or web application security. You will eventually get into both, but pick one to start.
2. Pick a couple of books on the subject and read them.
3. Start working on war game sites, e.g. root-me.org or ringzer0ctf.com are two great examples. There are lots of others out there too, but these have a great range of challenges. Figure out which categories really appeal to you.
4. Join a CTF team. Something like OpenToAll. It has a fantastic community and is all about learning. You can sign up here: https://opentoallctf.github.io/. Of course, you can start your own, as well.
5. Hack boxes from Vulnhub
6. Start working on hacking boxes on HackTheBox
Once you have rooted 20-30 boxes, you could then take a shot at something like the OSCP
SI: Other than Cyber Ranges like CMD+CTRL, what tools would you recommend to others looking to extend their skill sets?
Matt: Wargame sites, CTFs and HackTheBox
SI: What were the main factors that drove you to become a top scorer in the CMD+CTRL Cyber Range?
Matt: The scoreboard was one thing, but knowing that there were 48 challenges was even more of a driver. I really wanted to find every single vulnerability.
SI: What other guidance would you give to people interested in building their hacking skills?
1. Stick with learning and don't give up. It will take a long time. Be OK with that.
2. Join a security group in your city or online (if your city doesn't have one). Don't forget, you can start one, too!
3. There are many communities out there. Find the ones that fits you.
4. Go to local conferences. I recommend the smaller ones to start with, especially any BSides.
5. Go to trainings when you can. Organize trainings if you can't afford them.
6. Volunteer and be involved in the security community and/or conferences.
7.Find a mentor or a couple of people who can give you suggestions when you need them. You can turn to your community for this. Also consider starting a mastermind group.
*SI Note: There are lots of great security learning tools and blogs out there. We’re clearly biased and recommend starting with ours: Security Innovation Blog
You can subscribe to our monthly blog updates at the top of this page.
We also highly recommend our webinar, BrightTalk channel as well for valuable information.
You can find it here: Security Innovation BrightTalk Channel
And Our YouTube Channel Here: Security Innovation You Tube Channel
Happy Hacking! Thanks again to everyone who participated in our Hack Through the Holiday's event. Stay-tuned for our next CMD+CTRL event coming sometime in March, 2019. And be on the look out for opportunities to participate in a live CMD+CTRL Cyber Range through local OWASP chapters, other security related groups and conferences in your area.