I've been following @theXSSrat for some time now. Watching closely, trying to understand their level of knowledge and if their content is authoritative and would be appropriate for my junior team members @possiblelv. 13 atbildes
 |
Kirils Solovjovs (2022-01-18 01:53:26) |
I've been following @theXSSrat for some time now. Watching closely, trying to understand their level of knowledge and if their content is authoritative and would be appropriate for my junior team members @possiblelv. | |
|
Kirils Solovjovs (2022-01-18 01:53:27) |
Today I finally decided I'll spend an hour and dig a bit deeper. It all unraveled kind of swiftly. Arrived at their legal name, home address, mobile phone number, education, place of work, voice sample, photo of SO, aaaaaand so on. I got carried away, no doubt, and I apologize. | |
|
Kirils Solovjovs (2022-01-18 01:53:27) |
I mention the data categories in the previous tweet so that they can take measures to protect those, if needed, because I am not sure how much of that is supposed to be public. Their name and place of work is, I think. Now back to the topic of evaluating the content. | |
|
Kirils Solovjovs (2022-01-18 01:53:28) |
I managed to find a promo to access https://t.co/Tq7d5sa3Iw for free and was able to check out some the content. I'd describe the author as a young person that's in the start of their security career. They are a software tester by trade but they have strong passion for security. | |
|
Kirils Solovjovs (2022-01-18 01:53:29) |
And that's certainly a good thing. The best way to learn is to teach others. At least that's why I teach. They have a few noticeable mistakes in quizzes, terminology is often used incorrectly (encryption vs encoding is a prime example). | |
|
Kirils Solovjovs (2022-01-18 01:53:30) |
On the plus side, the content is short and engaging which is great for a newbie who needs to catch the hacking fever, to feel the passion. Personally I prefer my material to be a bit more academically oriented but that's irrelevant. For the target audience, this is great content. | |
|
Kirils Solovjovs (2022-01-18 01:53:30) |
I addition to that: much of their content is actually free and did I mention that they are very very passionate about teaching and learning these topics? Now, I wanted to take a look into other materials as well but 400$ seemed kind of steep, so I searched for discounts. | |
|
Kirils Solovjovs (2022-01-18 01:53:31) |
There is, obviously the 70% discount for https://t.co/b6xkyYQUmg right in front of our noses at the moment. (Don't even @ me if you can't find it!) I managed to locate and validate a 80% discount. I also found a 90% discount and ordered the full access deal. | |
|
Kirils Solovjovs (2022-01-18 01:53:32) |
40 USD is easily a good amount to donate to a person for this level of passion alone! As a seasoned world class IT security professional with 20 years under my belt, would I pay 400 for the bundle? Hell, no! Should a beginner pay that much? I don't think so. | |
|
Kirils Solovjovs (2022-01-18 01:53:32) |
What about 120$ with the 70% (or more, if you can find it) discount? I, myself, see that as a good investment. I am hopeful that it will bear fruits in the coming years when they get more advanced and proceed to improve their teaching skills. | |
|
Kirils Solovjovs (2022-01-18 01:53:33) |
And even if they don't get any better (which I find unlikely), this might turn out to be a great resource for new attacks against upcoming technologies at least for the next 5, maybe 10 years. Would I recommend that a motivated beginner spend the 120$ on the full access pass? | |
|
Kirils Solovjovs (2022-01-18 01:53:34) |
I recommend that you, dear beginner, take 24 hours to take a look around https://t.co/L2tDp3aP3V. Are you okay with their teaching style? Do you have an extra hundred laying around? Then go for it while it's there! It might be worth it in the long run. https://t.co/b6xkyYQUmg | |
|
Kirils Solovjovs (2022-01-18 01:53:35) |
What if you don't have the extra hundred? Sign up for their free stuff on https://t.co/L2tDp3aP3V. I will certainly be recommending my team @possiblelv to take a look @theXSSrat offering and arranging the full access to those who request it. | |
|
Kirils Solovjovs (2022-01-18 01:53:36) |
Oh, and if you are a seasoned professional, I can certainly recommend https://t.co/AriNwXkOuV from @sec_r0. I wouldn't advise to buy the zines from @theXSSrat as those are way overpriced over there. Keep up the good work, my security folks! 0x04 | |