TCM Security

We're halfway through the year 🎉 The last six months have gone by in a whirlwind! We've released new courses, new certs, and hired some top-notch content creators. So much has happened that you might need a recap to remember it all. Don't worry, we've gotcha covered with today's newsletter, highlighting what's happened so far this year at TCM Security. We've also included a sneak peak of some of what's to come for the rest of the year. We have several live workshops planned (like our Live Web App Pentesting Training with Alex Olsen) and a few appearances at DEFCON and WWHF! Let us know in the comments if we'll see you there. Are you planning to take our newest cert, the PWPT (Practical Web Penetration Tester)? https://lnkd.in/g3qQtVYD 

Feeling awkward about asking your employer to pay for your training? You might be surprised by how often they're willing to help! Did you know that US Companies spent $102 billion on employee training in 2023? In this edition of The Cyber Mentor newsletter, we're giving you all the info you need to confidently make training budget requests - including a free template to make it easier. Learn what to include, how to approach the topic, and how to bounce back if your request is rejected. Check out the newsletter and start taking the next step in your lifelong learner journey today!

Want to become a Web App Pentester? We've got a roadmap for you. 🗺️ We just launched the PWPT (Practical Web Penetration Tester), and here are the steps to get PWPT-ready. 🥊 Step #1 - Practical Bug Bounty Course: Start here. This course will help you understand web app exploitation and boost your bug bounty skills. Step #2 - Practical Junior Web Tester (PJWT) Exam: Modeled after real-world scenarios, this exam will put your knowledge to the test! Step #3 - Practical Web Hacking Course: After acing the PJWT, dive deeper with Practical Web Hacking where you'll explore vulnerabilities and remediation. Step #4 - Practical API Hacking Course: Focusing on APIs is your last step before the PWPT. You'll perform attacks against vulnerable API endpoints. 🔨 Step #5 - The PWPT Exam: Now you're ready for the final boss: the PWPT. Test everything you've learned in real-world scenarios and become a better web app pentester. Ready to tackle the PWPT? Sign up here: https://lnkd.in/g3qQtVYD Already taken the PWPT? Tell us how it went! 🗣️

LIVE Hacking with TryHackMe | Cyber Security | Pentesting | AppSec Join Alex to learn more about web hacking. He takes audience questions on a number of security-related topics, does some live hacking, and shares a little bit about future plans here at TCM Security. We livestream at 12 PM ET every Wednesday, so please subscribe to see the next time we're live!

Join us this Thursday for Part 2 of our LIVE Academy Workshop with Andrew Bellini, "IoT Hacking 101: Reverse Engineering Firmware to Hunt for Vulnerabilities." Great news! These workshops are free for ALL TCM Security Academy members. If you've ever been curious about IoT hacking, now's the perfect time to dive in. Got any smart devices you’ve always wanted to hack? Asking for a friend. 😉 https://lnkd.in/gnTWDtrq

Ready to dive into Hardware and IoT hacking but aren't sure where to begin? Towards the end of 2023, Alex Olsen started his hardware and IoT hacking journey and today is sharing that adventure with you! Here's a highlight of how Alex got started in IoT & Hardware hacking: 1️⃣ The Course: Alex began with the Beginner’s Guide to IoT and Hardware Hacking. It's perfect for absolute beginners and covers essential topics like electrical engineering. 2️⃣ Accessibility: The course is designed for those with zero experience in things like electrical engineering or soldering. It even includes non-soldering options to ease you in. And the scenarios? Super fun and engaging! 3️⃣ Getting Started: Alex spent about £120/130 ($160) on equipment, but you can start the theory modules while waiting for your gear. Dive in and learn as you go! 4️⃣ Expert Advice: Alex caught up with Andrew Bellini, the course author, for some expert insights and advice. You can watch the full Q&A in today's video!If you're considering hardware and IoT hacking, we hope this motivates you to take the plunge. Want to see more updates on Alex's progress? Let us know in the comments! https://lnkd.in/eAgQRhPx

We often get asked how to get experience in Pentesting when applying for jobs. Here are 5 side projects that Alex Olsen recommends that can make you stand out in your next interview: ✅Set Up a Honeypot: Deploy a decoy system to attract and detect threats. You'll gain hands-on experience and insights into attacker behavior. Whether you start with a pre-built honeypot or build one from scratch, it's a flexible and rewarding project! ✅Bug Bounty Workflow Dashboard: Create a custom app to organize your bug bounty efforts. Integrate checklists, payload generators, and more. This project helps you understand the end-to-end testing process and web application development, which is important to know for Pentesting interviews. 🕵️♂️ ️ ✅ Report Generator/Converter: Automate your notetaking and reporting. Building a tool that formats your findings into a clear report can save time and demonstrate your ability to enhance and streamline processes. ✅ Capture the Flag Challenge: Design and build a CTF challenge. It’s a fun way to deepen your understanding of vulnerabilities and their contexts. Share it on GitHub or platforms like TryHackMe to engage with the community. ✅ Contribute to Open Source Apps: Whether pentesting or developing, working on open source projects sharpens your skills and builds your understanding of software. Dive into GitHub, find a project, and start contributing! Is there a project you're working on throughout your learning journey that you're excited about? Let us know down in the comments ⬇️ https://lnkd.in/gwmkjsgJ

Wishing everyone a wonderful American Independence Day from the team here at TCMS! 🎆

Cybersecurity AMA with Heath Adams | Hacking | Pentesting | AppSec Join Heath Adams, AKA The Cyber Mentor, in today's stream where we answer all of your questions about cybersecurity! Level up your skills with our new intermediate-level web app pentesting cert, the PWPT! If you’ve aced the PJWT, this is your next challenge: https://lnkd.in/g3qQtVYD

📢 Alex Olsen is back with a week-long Live Web Application Penetration Testing Training! Join him to go deeper into web app pentesting. Thinking about the PWPT (Practical Web Penetration Tester) cert? This will help you ace that exam. Just want to continue to build your web app testing skills? You're welcome to join us, too! This training is a little more advanced, so to take it, you need to at least have a year of web app pentesting training experience, the PJPT, or have gone through Practical Web Hacking and Practical API Hacking in our Academy. The training starts July 26th, and registration is officially open. 🔥 Our 20% discount for first responders, current & former military members, educators, and students applies for this training. https://lnkd.in/gpGFv2yz