The Journey to Zero Day

It has been a while since I have posted here but it's time to get back to the adventures of vulnerability discovery. With the new year of 2019 coming in strong, I wanted to put together a simple plan that allows me to do something each day to work towards my goals of finding "undiscovered" vulnerabilities.

The guideline I am proposing to myself is below:

  • Review my past with C/C++
  • Review basic vulnerabilities
    • Mix of low level vulnerabilities
    • Mix of web application vulnerabilities
  • Participate in Wargames
  • Participate in CTFs
  • Study real world vulnerabilities
  • Practice, Practice, Practice
  • Vulnerability discovered!

I believe the above guideline will help keep me on track and motivated for continuous discovery and learning. It's also worth mentioning, that although this seems straight forward from an outline perspective, when embarking on this journey, it will be important to continue to improve my developer experience. Considering my programming languages of choice these days are Python and GoLang, understanding fundamental development will help me through each of the above bullet points.

Lastly, as I travel through this journey, I will do my best to update progress across each line item. This will serve as a historical reference record for me and also so that others can learn from my successes and mistakes. Hopefully this guideline and record keeping will inspire you to start your own journey.