MY Web App Sec Learning Path

FYI

To begin if you found this looking for a silver bullet on getting into the AppSec space then I am sorry to inform you I am not an expert in the field, nor am I seeking a career in AppSec. I am currently a Solutions Engineer that is interested in diving into the the field of AppSec for better knowledge. Also, it just seems like good clean fun. With that said I am sure there are better ways to get into the field or a more clear cut path and you can find many opinions of this online. I currently have been in tech for nine years with it all being customer facing technical roles.

With that said lets go ahead and talk about the route I am going to do.

Year 1 - Understanding Web App Exploitation

This year I am going to get three beginner and one moderate certifications more aimed at doing bug bounties. This is probably the first part that might make people go. “Wow, thats a waste of time and money.” The truth is though I learn best by doing things repetitively and I love doing test based learning. Actually, how I go about learning new things might be a useful post in itself.

I have already grabbed all four of these trainings and have played around with the first modules to see how I want to tackle these.

Hackinghub - Hands-on Web Exploitation Certification (HOWE) - $300

For the first milestone I am going to work through Hackinghub’s curriculum and certification. The reason I chose this certification first is not only because it is coming from a top name in Bug Bounties but because there is unlimited retries on the certification. Something I think would be great for my first time getting a certification like this. The other certifications in this category you get two retries so I feel like it will give me a better leg up when trying this. Since the training is videos I will also find it easier to digest with a lack of understanding.

TCM Security - Practical Web Pentest Associate Certification (PWPA) - $249

The reason this one is second because once again we have some hand holding with videos and a gentler approach. In fact, I would say based on the videos it seems that TCM’s are better quality and gentler. The only reason this one is not in first place is the fact that the certification test itself only has two tries.

Hack The Box - Certified Bug Bounty Hunter (HTB-CBBH) - $500

This one has no videos, which is generally how I prefer to learn things since it is hard for me to focus watching videos. However, this training seems a bit trickier and they seem to strategize on the aspect of “Thinking outside the box”. Since this ones training seems a bit trickier I have saved it as the last one of this phase.

TCM Security - Practical Web Pentest Professional (PWPP) - $500

After completing the first three certifications I am sure I will be well rounded when it comes to basic Web application vulnerabilities. Since I already purchased this training I plan on completing this before starting the next phase to give me a little more oomph.

Year 2+? - Funding Learning with Learning

In this phase I want to understand not just more complex vulnerabilities but I also want to understand how to remedy them via code review. With that said, this phase will most likely take the most time and in all honesty might take more than a year. Especially since I want to try to pay for the more costly certifications by doing bug bounties. Not only will that increase my learning it will also fund knowledge with learning. A win-win really unless I am horrible at bug bounties.

Bug Bounties

After completing those four certifications I am sure I will be well rounded when it comes to basic vulnerabilities and should be able to generate a little bit of money. My goal is to cut my teeth of the non paying bounties to get the hang of it before moving on to ones where I can get a payout. Before I continue I have to generate all the money I need for the next two certifications before I start either of them. So with that I will need to generate $2,000 to continue. As far as I know this might take me a year in itself.

MASE - Certified Application Security Engineer (CASE) - $450

This might be another part of my plan that has people confused. MASE does not have the best reputation and I have also heard these trainings take a very long time and this might get changed out or removed completely but so far this one is still up on the docket. The goal of this is to get a better understanding of secure coding best practices to give better application pentesting reports.

Hack The Box - Certified Web Exploitation Expert (HTB-CWEE)- $1,500

This one is extremely pricy, and from what I hear, very intense. I am hoping with the knowledge from the previous certifications, doing bug bounties, and understanding secure coding practices better that I will go into this training and certification well prepared.

Conclusion

Well there you have it. That is my ~2 year goal on learning web application security. It might change as I go threw these certifications but I think its a solid plan right now. At least the first year. The second year is up for debate. As I am going threw these trainings I plan on updating this with progress threw the curriculum.