Although my work revolves around Blue Team research such as attack detection and defense mechanisms, I have been learning and studying a lot on Red Team techniques which for now mostly consists of Web Attacks. Knowing more about the attack techniques, surface, privilege escalation, lateral movement and many others have given me a much broader perspective for me to apply them in the “Blue” area.
I should, however, constrain my learning to scopes that are within the aforementioned process of translating Red Team knowledge to Blue Team processes. The reason I’m stating this so explicitly is because as I’m learning more Red Team processes, I should be aware not to go too deep into the non-attack related parts of “Penetration Testing” methodologies.
Penetrating Testing on its own consists of a much larger and broader set of processes other than Web Attacks, which includes all the mundane paperwork stuff and report writing. I have just recently attained the HTB Certified Bug Bounty Hunter title, which the examination process covers many interesting and new attacks that I have not encountered before. However, I would most probably not be taking their next examination, HTB Junior Penetration Tester. Looking at the syllabus of CBBH and JPT, there are several overlaps between the modules that pertain to Web Attacks. JPT has more modules to cover, and some of those additional ones are not attack related, but rather on how to go about the Penetration Testing process and report writing. Going back to my expected learning outcomes, it clearly does not align well together.
Perhaps this is just an excuse to just learn the sexy stuff? 🙂
So far my learning of Red Teaming Web Attacks comes from HTB and just playing a lot of CTFs under the Web category. I would love to give TryHackMe a shot, and I’ll assess again later if I’m over-saturated with Web Attacks after completing the JPT path (but not take the exam)
In any case, I’m aiming to take OSWE somewhere at the end of the year or early next year, and after which I might take a break from Web Attacks and move into Pwning, which is something I’ve always wanted to get into, but the utilitarian part of my brain tells me it’s not worth it. I’m going to do it after OSWE because I feel that it’s the pinnacle of Web Attacks, and it would finally prove my learning journey of that track to be sufficient (but never complete)