The Hacker's Cache
Kyser Clark - Cybersecurity
The show that decrypts the secrets of offensive cybersecurity, one byte at a time. Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.
All episodes
Best episodes
Top 10 The Hacker's Cache Episodes
Goodpods has curated a list of the 10 best The Hacker's Cache episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to The Hacker's Cache for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite The Hacker's Cache episode by adding your comments to the episode page.
#17 Unpacking Bug Bounty Strategies with RootSploit: Zero Days, Recon, and Vulnerabilities
The Hacker's Cache
10/16/24 • 37 min
Cybersecurity professionals Kyser Clark and Pranit Garud (RootSploit) discuss their experiences in the field. They cover topics such as bug bounty programs, the role of an offensive security engineer, and the differences between consulting and working for a Fortune 500 company. Pranit shares tips for getting started in bug bounty hunting and emphasizes the importance of understanding the business logic of a company. He also highlights the need for a mindset shift when transitioning from consulting to an internal security role.
Connect with Pranit on LinkedIn: https://www.linkedin.com/in/pranit-garud/
Takeaways
- Bug bounty hunting requires a proactive and research-oriented mindset, as well as a deep understanding of the target company's technologies and business logic.
- Working as an offensive security engineer in a Fortune 500 company offers the opportunity to see the inner workings of the organization and make a greater impact on security.
- Transitioning from consulting to an internal security role requires a shift in focus from exploitation to securing and collaborating with developers.
- Building a close relationship with developers and understanding their challenges can lead to more effective security measures.
- The pace of work in a Fortune 500 company may be slower due to approval processes and the need for careful consideration of potential impacts.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#9 Red Teaming & Malware Development ft. Nathan Rice
The Hacker's Cache
08/21/24 • 35 min
In this conversation, Kyser Clark interviews Nathan Rice, a senior penetration tester, about his background and experience in cybersecurity. They discuss the differences between penetration testing and red team operations, the importance of starting with penetration testing before moving to red teaming, and the challenges and rewards of obtaining certifications. They also touch on the skills required for malware development and the importance of staying up to date with evolving techniques. Nathan shares advice for aspiring red team operators and emphasizes the need to be proactive and not be afraid to ask questions.
Connect with Nathan Rice: https://www.linkedin.com/in/nathan-rice-b52209123/
Takeaways
- Penetration testing and red team operations have distinct differences, with red teaming requiring more patience, stealth, and intent to emulate real-world threat adversaries.
- Starting with penetration testing before transitioning to red team operations is recommended, as the skills learned in penetration testing translate well to red teaming.
- Obtaining certifications in cybersecurity, such as OSCP and OSEP, can be challenging and may require multiple attempts, but they provide valuable knowledge and recognition in the field.
- Malware development skills are important for red team operators, as having the ability to create custom tools and bypass EDRs is crucial for success.
- Aspiring red team operators should not be afraid to ask questions, be proactive, and not get caught up in analysis paralysis. Getting caught is part of the learning process and should be used as an opportunity to improve.
- Moving with intent and being able to think creatively are essential skills for red team operators, as they need to constantly adapt and find new ways to bypass defenses.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
12/11/24 • 41 min
Kyser Clark engages with cybersecurity expert Albert Corzo, who shares his extensive experience in ethical hacking, bug bounty programs, and the importance of certifications in the field. Albert discusses his past experiences, including hacking the U.S. government, and emphasizes the need for understanding cybercrime and threat actors to better protect organizations. The conversation also covers the differences between compliance and security, the challenges of bug bounty hunting, and the significance of mentorship in cybersecurity careers.
Bug bounty programs can serve as a practical playground for ethical hackers.
Understanding how cybercriminals operate is crucial for effective security measures.
Compliance does not equate to security; companies must prioritize actual data protection.
Phishing remains a significant threat, accounting for 70% of attacks.
Real-world experience is invaluable in cybersecurity, beyond just certifications.
Adversary simulations can help organizations prepare for potential attacks.
Networking and mentorship are key components for success in cybersecurity careers.
Connect with Albert on LinkedIn: https://www.linkedin.com/in/alberto-corzo-gonzalez/
Check out the Coffee&&Pizza Podcast: https://youtu.be/hcLMYEb8yA4?si=UmoHImLAUTNOxce4
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#30 Uncovering a $200M Fraud Ring with David Taxer
The Hacker's Cache
01/15/25 • 43 min
David Taxer, a cybersecurity expert with over 12 years of experience, shares the incredible story of uncovering a $200 million fraud ring disguised under a major corporation. Learn how his unique background in SEO and intelligence helped him expose insider threats and fraudulent schemes, as well as the challenges he faced as a whistleblower. This episode dives deep into protecting yourself from identity theft, understanding corporate vulnerabilities, and adopting the hacker mindset to uncover hidden truths.
Connect with David Taxer on LinkedIn: https://www.linkedin.com/in/davidtaxer/
and at Texas Cyber Solutions: https://www.texascybersolutions.com/
Takeaways
- David Taxer uncovered a $200 million identity theft ring involving a major corporation.
- Insider threats and social engineering were key elements in executing the fraudulent scheme.
- His unique transition from SEO to cybersecurity demonstrates how unconventional skills can drive success in offensive security.
- Weak state regulatory systems often fail to prevent or address large-scale corporate fraud.
- Staying curious and adopting the hacker mindset is essential for uncovering hidden threats and solving complex problems.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#24 Building a Career Together: Lessons from Clint & Si The Hackers
The Hacker's Cache
12/04/24 • 39 min
Kyser Clark is joined by Simon and Clint from the YouTube channel 'Clint & Si The Hackers.' They discuss their journey into cybersecurity, the importance of practical experience over formal education, and the benefits of collaboration in building a successful career. The conversation covers various aspects of penetration testing, the challenges faced in their careers, and the significance of certifications and continuous learning in the field.
Watch Clint & Si The Hackers On YouTube: https://www.youtube.com/@_The_hackers
Connect with Clint on Linkedin: https://www.linkedin.com/in/clinton-elves-180ba0148/
Connect with Simon on Linkedin: https://www.linkedin.com/in/simon-exley-355816194/
Takeaways
- A college degree is not essential for a cybersecurity career.
- Practical experience is more valuable than theoretical knowledge.
- Collaboration can significantly enhance career growth.
- Networking and building relationships are crucial in the industry.
- Certifications can help in career advancement.
- Learning from peers can accelerate skill development.
- The cybersecurity field is diverse with many specializations.
- Challenges faced in moving countries can lead to personal growth.
- Engaging with the community through platforms like LinkedIn is beneficial.
- Continuous learning is key to staying relevant in cybersecurity.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#23 SOC Analyst Life: Challenges & Secrets from Trent Williams
The Hacker's Cache
11/27/24 • 39 min
Kyser Clark and Trent Williams talk about the roles and experiences of a SOC analyst. They discuss the challenges faced in the field, the importance of continuous learning, and the impact of AI on cybersecurity jobs. Trent shares insights from his career journey, the significance of certifications, and the necessity of understanding both offensive and defensive security practices. The conversation also touches on the recent changes in certification names and the relevance of transferable skills in the tech industry. In this conversation, Trent W and Kyser Clark discuss various aspects of cybersecurity, focusing on the importance of continuous learning, the transition between red and blue team roles, and the challenges faced in the field. They emphasize the need for certifications, practical skills, and effective client engagement in a hybrid work environment. The discussion also touches on the complexities of managing multiple clients and the significance of community support in overcoming challenges.
Connect with Trent Williams on Linkedin: https://www.linkedin.com/in/trentonw/
Takeaways:
Continuous Learning: Staying updated and adaptable is essential in cybersecurity due to its ever-evolving nature.
Transferable Skills and Practical Experience: Leveraging prior knowledge and hands-on practice is crucial for transitioning and excelling in the field.
Communication and Networking: Strong communication skills and learning from peers can significantly enhance professional growth.
Cross-Disciplinary Understanding: Gaining knowledge in both offensive and defensive security improves overall effectiveness and perspective.
Certifications and Command Line Proficiency: Certifications build credibility, while command-line expertise is vital for daily cybersecurity tasks.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#20 What it REALLY Takes to Pass OSCP (and What They Don’t Tell You) ft. Trent Miller
The Hacker's Cache
11/06/24 • 36 min
Kyser Clark interviews Trent Miller, a cybersecurity professional with a diverse background in IT and security roles. They discuss Trent's career journey, the challenges of breaking into cybersecurity, the importance of networking, and insights on certifications like OSCP. Trent shares his experiences with the job market, the reality of skill shortages, and the significance of community engagement through groups like DC608. The conversation emphasizes the need for collaboration and continuous learning in the cybersecurity field.
Connect with Trent Miller on LinkedIn: https://www.linkedin.com/in/azureadtrent/
Takeaways
Networking is crucial for breaking into cybersecurity.
The OSCP certification can boost confidence and job prospects.
Employers often seek unrealistic qualifications, creating a perceived skill shortage.
Hands-on experience and collaboration are key to success in cybersecurity.
The job market can be challenging, but persistence pays off.
Community groups like DC608 provide valuable support and resources.
It's important to balance study and personal life when pursuing certifications.
Anyone can enter the field with dedication and the right mindset.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#13 Hacking Time: Real World Skills They Don't Teach You | Trent Darrow
The Hacker's Cache
09/18/24 • 39 min
Kyser Clark interviews Trent Darrow, a senior penetration tester and cyber protection team crew lead. They discuss Trent's background, certifications, and his role in building a red team. They also touch on ethical dilemmas in the industry, the effectiveness of certifications in preparing for real-world pen testing, and the importance of skills like time management and effective communication. In this conversation, Trent and Kyser discuss time management in cybersecurity exams, the challenges of scanning large networks, the role of a cyber warfare technician, the transition between civilian and military careers, strategies for preparing for the OSCP and OSEP exams, the value of participating in CTFs, and the future of the cybersecurity field.
Connect with Trent Darrow on LinkedIn: https://www.linkedin.com/in/trenton-darrow/
Takeaways:
Trent's background spans help desk, IT specialist roles, network engineering, and cybersecurity contracting, with certifications like OSCP, GCFA, GWAPT, GPEN, and GCPN.
Real-world skills like time management, note-taking, and communication are crucial, differing from those needed for exams or CTFs.
Ethical dilemmas, such as downgrading findings to please clients, can be common in the industry.
Preparing for certifications like OSCP and OSEP requires practice, extensive note-taking, and ensuring tools work properly through a proxy.
AI isn't a threat to cybersecurity jobs, but learning web application security is essential for staying competitive.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
10/30/24 • 35 min
Kyser Clark interviews James Scott, a cybersecurity professional with a diverse background in the military and digital forensics. They discuss James's journey into penetration testing, the challenges he faced in landing his first role, and the importance of networking and creating personal tools. The conversation also covers the significance of programming skills in cybersecurity, the value of digital forensics knowledge, and the impact of volunteering at conferences. James shares insights on pursuing a PhD in cybersecurity, focusing on weaponizing forensics and compliance training. The episode concludes with advice on persistence and standing out in a competitive field.
Connect with James Scott on Linkedin: https://www.linkedin.com/in/james011616/
Takeaways
- Networking is crucial for career growth in cybersecurity.
- Persistence is key; never give up on your goals.
- Creating your own tools can set you apart from others.
- Digital forensics knowledge enhances penetration testing skills.
- Programming becomes essential as you advance in your career.
- Volunteering at conferences can lead to valuable connections.
- Federal resumes require more detail than private sector ones.
- Stand out from the competition with unique qualifications.
- Pursuing a PhD can help you contribute to the field significantly.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
#29 InfoSec Pat’s Journey From Network Engineer to Cyber Mentor:
The Hacker's Cache
01/08/25 • 41 min
Kyser Clark interviews Patrick Gorman, also known as InfoSec Pat, a seasoned cybersecurity professional with over 23 years of experience. They discuss the importance of certifications in the cybersecurity field, the challenges of retaining knowledge, and the journey of creating educational content on YouTube. Pat shares insights on his motivations for teaching and mentoring others, as well as his thoughts on bug bounty programs and the value of collaborative learning.
Check out InfoSec Pat on YouTube: https://www.youtube.com/c/InfoSecPat
And Connect with Patrick Gorman on LinkedIn: https://www.linkedin.com/in/infosecpat/
Takeaways
- Certifications are valuable but do not guarantee knowledge.
- Creating content can be a way to reinforce one's own learning.
- Bug bounty programs can be approached collaboratively for better results.
- Teaching others can be a fulfilling way to give back to the community.
- Staying updated with technology is essential in the fast-paced field of cybersecurity.
- Networking with peers can enhance learning experiences.
- The journey of creating educational content can be challenging yet rewarding.
- Certifications should align with personal interests and career goals.
- Mentoring others can help bridge the knowledge gap in the industry. Unique perspectives in teaching can enhance learning.
- Mentoring should be valued and compensated.
- Burnout is a real challenge in cybersecurity careers.
- Engaging instructors can make a significant difference in learning.
- Networking is crucial for career advancement in cybersecurity.
- Free help often leads to a lack of appreciation.
- Taking breaks is essential to avoid burnout.
- Having a structured schedule can help manage time effectively.
- Family should always be prioritized over work.
- Different instructors resonate with different learners.
Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY
Music by Karl Casey @ White Bat Audio
Attention Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.
Opinions are my own and may not represent the positions of my employer.
Show more best episodes
Show more best episodes
FAQ
How many episodes does The Hacker's Cache have?
The Hacker's Cache currently has 42 episodes available.
What topics does The Hacker's Cache cover?
The podcast is about Infosec, Pentesting, Hacking, Podcasts, Technology, Business, Hacker, Careers and Cybersecurity.
What is the most popular episode on The Hacker's Cache?
The episode title '#23 SOC Analyst Life: Challenges & Secrets from Trent Williams' is the most popular.
What is the average episode length on The Hacker's Cache?
The average episode length on The Hacker's Cache is 37 minutes.
How often are episodes of The Hacker's Cache released?
Episodes of The Hacker's Cache are typically released every 7 days.
When was the first episode of The Hacker's Cache?
The first episode of The Hacker's Cache was released on Jul 1, 2024.
Show more FAQ
Show more FAQ