Yoo Welcome to Issue #08 of Navigating Security.

🍃Quote of the week:

What To Expect 🫡

• 🐞 The Ultimate Guide To Finding Bugs With Nuclei

• 🪛 Red Team Resource List

• 🎩 From Mayor To Penetration Tester

⏱️Incase you missed the previous issue, here you go:

This Week’s YouTube Video:

People hate the OSCP, but they still want it…

⚠️ The newsletter is currently not sponsored

The Ultimate Guide To Finding Bugs With Nuclei 🐞

Nuclei stands out as a rapid, effective, and customizable tool for vulnerability scanning, capable of evaluating numerous hosts within minutes. It leverages templates defined in YAML to outline the necessary procedures for identifying vulnerabilities.

Nuclei welcomes contributions from the community to enhance the collection of templates and further develop the software. This just means it is open-source and if a new CVE comes out, the community can make a template real quick.

Resources For Red Teaming🪛

Found this post on LinkedIn with a whole list of resources for those interested in Red Teaming. The list includes:

• A red team guide

• Red team tools

• Physical pentesting guide

• Cobalt Strike guide

Here is the full list: https://www.linkedin.com/posts/daniellowrie_github-a-pocredteam-tools-tools-and-techniques-activity-7172945721392893953-uFLq?utm_source=share&utm_medium=member_desktop

From Mayor To Penetration Tester 🎩

Check out this video about how Joe Helle became a penetration tester after transitioning from being a mayor. He discusses the following with Pat:

• Certifications and whether they are a good test of pentesting skills

• Streaming 5 days a week to get his name out there

• Networking with other professionals - “Instead of making 1000 random connections on LinkedIn, make 10 meaningful ones and invest in building actual relationships with them”

• The difference between Pentesting and Red Teaming

Suggestions

Hit me up on Discord or LinkedIn if you have anything you feel would be cool to include. Thanks, Cheers.