Hacker News new | past | comments | ask | show | jobs | submit login

There's no standard path in information security, most schools don't offer information security degrees and many extremely successful people in security didn't come from a CS background at all.

Some general recommendations:

- follow smart security people on Twitter, which is the defacto medium for information security discussion

- read publicly disclosed bug bounty reports on Hackerone and Bugcrowd

- read The Tangled Web by Michal Zalewski

- learn to use Burp Suite




> - learn to use Burp Suite

Burp Suite is an awesome tool for devs as well. The Repeater tool is better for messing with API calls than any of the browser dev tools, imo.

For people finding the proxy setup stuff annoying: install Foxyproxy in Firefox and it makes your life really simple.


How about for proxy servers in headless browsers; what do you recommend? Any experience with how public and premium proxies vis-a-vis uptime and reliability compare?


Sorry, no experience with that.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: