
Ask HN: How to get into low level system security? - CbGate
My background: I have an associate degree in computer networking, I work as a security analyst (SOC 24x7 monitoring) responding to alerts and sometimes threats, I played CTF and have some reverse engineering background along with minimal background coding in C, Python and Java, as well as some Linux system administration background.<p>I watched security conference presentations of BIOS security and UEFI vulnerabilities that was presented in Blackhat and other security conferences, I have always been interested in learning those topics, except I dont know Where to go and what to look for exactly.<p>What should I do to move closer to a career path in low level system security?
======
alltakendamned
In my experience, low level security careers tend to be held by people with a
very strong background either in exploitation, code review and reversing or
hardware and electronics. Quite a few of us have been around for a "very long
time" and passed through many roles before focusing on this subject.

To get a better grip on the topic, I would suggest the following pointers:

\- challenging CTF, either exploitation (pwnable.kr, overthewire, ...),
reversing (flare-on 6 upcoming), assembly (microcorruption) or hardware
(RHME2)

\- buy a development board for a popular chip, e.g. i.MX6, STM32 or experiment
with raspberry pi

\- read datasheets and technical reference manuals for the SoC on those
boards, experiment setting up security features such as secure boot, or using
a hardware cryptographic accelerator

\- experiment with U-boot and read the source code

\- get awesome at C and assembly (x86, ARM, ...)

\- learn how to extract contents from non-volatile memory

\- learn reverse engineering of raw binaries

\- learn to work with common hardware debug interfaces (JTAG, SWD)

Just realize you're choosing a hard topic here and you won't be done anytime
soon. Persistence will be required and whatever you've done up till now is a
good start but will not be enough.

------
k4ch0w
This is a hard space to break into because it requires in depth knowledge of
operating systems. I'd play around with volatility
[https://github.com/volatilityfoundation/volatility](https://github.com/volatilityfoundation/volatility).

Next take a look at getting good with IDA, it's expensive but they have
freeware versions you can use, it just won't do x64.

Start by specializing in only one OS, pick linux/mac/windows. It's a very
niche space and requires a lot of expertise if you want it as a job.

If you're thinking long term I'd take a look at becoming a malware analyst as
it will also help you pick up skills needed to go down the path you'd like.

------
elamje
praetorian.com has some cool CTF for hiring stuff on their website:
[https://www.praetorian.com/challenges](https://www.praetorian.com/challenges)

