In early 2020, I was staring down the barrel of a major career change. After almost a decade in the United States Marine Corps, I looked at the career progression in front of me and found no desire to go down that path. Luckily, I stayed in close contact with one of my Marines who had recently graduated from Towson University and was working as a Penetration Tester. Over some beers in my kitchen, he explained to me how he makes a living on acting like a criminal to help organizations shore up their security posture. I was considering pre-law and law school at the time and had no prior cybersecurity training outside of what was required in the military every year. The thought of jumping feet first into cyber seemed a completely illogical choice, but it ended up being the right one.
August of 2020 came and I started my first round of cybersecurity classes, then came the struggles and doubts about my choice. I struggled in programming and found the tedious nature of writing code frustrating, where having a single tab or space in the wrong location could wreck hours’ worth of work. The following spring, I had the pleasure of crunching subnet math by hand and configuring cisco routers ad nauseam. I ended up transferring to a smaller school in western North Carolina where my education continued with more classes involving network security. I was doing well in my classes after the first-semester culture shock and began my first certification training with SANS. I poured myself into it and would spend 2-3 hours a day going over the material, labs, and making my index. I passed the first two certification exams by June and started the Penetration Testing centric coursework. When it came time to take GPEN, I fell flat on my face and failed with a 73%. The first sting of failure was a real wake-up call, not only on the importance of staying focused on your goal but also not putting too much on your plate at one time. College, work, SANS, and life, in general, became a heavy load and after getting my results, I knew I had lost focus because of it.
After gaining a lot of good lessons from failing GPEN, I reattacked it with an even bigger motivator than just simply passing. My networking in the kitchen over a cheap beer back in 2020 brought about an amazing opportunity, I would get to be an intern at Triaxiom Security. I would observe as much as I could on web application, external, and internal penetration tests. Being able to see what I had been learning about for the past two years was a phenomenal experience and has allowed me to gain even more valuable lessons. During one of my virtual observation sessions, I was asked to use the Linux command line tools to parse data for a password spray attack. Admittedly, my Linux experience had been tailored for me in labs and other coursework and I had also not done the best job of staying proficient. The engineer I was shadowing walked me through how to condense the data down to what was needed using the command tools and assigned me some more exercises to try on my own. The next few nights I struggled with the tools but after a fair amount of trial and error, I was able to finally get the username list that was required. More importantly, I learned the importance of staying current with Linux and other tools that are essential to be an effective penetration tester.
The next lesson I learned during the first few weeks of my internship came when I was asked to explain how Responder works and how protocols such as NBNS and LLMNR can be exploited. During my shadowing, I had been taking notes but since they were on paper the information I was looking for was difficult to find. After finally finding the information, I attempted to walk the engineer through how Responder works but it ended up being a poor explanation. He then showed me where I went wrong and had me teach the concept to another engineer. In about one week I learned several valuable lessons the first with how teaching a concept to another can help you understand the material better. I also learned the importance of keeping notes electronically for two reasons the first being that they are much easier to search and can be constantly added to. More importantly, they can be passed on to others and you are sharing the knowledge with other members of your team.
In short, my journey to being an intern at Triaxiom Security has been filled with some valuable lessons. I have experienced some challenges along the way, but they have provided me with the best opportunities to learn. I hope that people who read this and are considering a career in cybersecurity, can learn from my mistakes and avoid some of the pitfalls I encountered. I also hope that you take the opportunity to network with professionals that are in this space, they are a wealth of knowledge, and those relationships you build may provide you with a great opportunity down the road.