Continuing from my last post. Although, I’ll definitely try it out again, OSCP is on the backburner for now. I went to one other conference in September. It was a 3-day one so it wasn’t a full week.
Two big takeaways from the past 2 months is that that AI is everywhere. It’s all anyone is talking about. Everyone, everywhere is talking about AI.
It was apparent as while I was studying for the OSCP folks were also using ChatGPT ( the most popular one) to help them in some way. Although, it’s use is disallowed on the exam. I think it’s a natural thing to gander over to the Bug Bounty side of things while doing pentesting or even red teaming. The big news was that an AI powered platform (XBOW) had taken the reigns at the top of the bug bounty mountain. Ref: https://www.csoonline.com/article/4012801/the-top-red-teamer-in-the-us-is-an-ai-bot.html
Top bug hunters were also leveraging AI to assist/automate their workflows. It was already competitive out there and now you have to compete with machines.
I’ve had some small talks with people and there are some people on one side that don’t like it and don’t trust it at all – so they refuse to use it. They feel like they will become dumb by using it. Then there’s the complete other side of the spectrum where people are throwing caution to the wind and plugging in all their data – IP, PII, you name it into some AI platform. AI is here and IMHO you have to get on board and use it supplement your workflows or get left behind. You want to be in the middle of that spectrum. Embrace change. You don’t have to completely trust it 100%.
I’m going all in with taking this ML/AI and learning as much as I can. I’ll post some links and thoughts along the way. For instance, although I have a few years of python programming experience I haven’t used the following until the past month. Knowing and using these modules are foundational:
- https://pandas.pydata.org/docs/
- https://numpy.org/doc/stable/user/quickstart.html
- https://matplotlib.org/stable/
- https://plotly.com/python/
- https://seaborn.pydata.org/
- https://scipy.org/
Maybe in my next post I’ll let you know what my favorite python modules (not the ones above) are.
Leave a Reply