Introduction
With 2024 soon coming to an end, I thought it would be a good time to reflect on my year in the world of cybersecurity.
It turns out, this has been a particularly eventful and significant year for me. I’ve faced many challenges that have led to growth, and as a result, I’ve achieved a few things I’m proud of.
In this post, I’ll share some key milestones from my year in cybersecurity.
Milestones
Blog Creation
Blogception.
On May 30, 2024, I published my first post on this blog, officially marking its launch.
Still, the idea for this blog had been brewing for quite some time. In December 2023, I purchased the domain brunorochamoura.com and had already been experimenting with Hugo even earlier.
I was hesitant to start a blog at first. As someone just beginning my career in cybersecurity, I doubted whether I had anything meaningful to contribute with so many experienced voices already out there.
But drawing inspiration from others in the field, I decided to share whatever knowledge I could, hoping it might help others who, like me, are just starting out.
And based on the feedback I’ve received from readers on Reddit, email, and Discord, it seems the blog is fulfilling that goal. My CPTS tips post has been particularly popular, and I still receive messages about it to this day.
So, I want to take this opportunity to thank everyone who reads this blog. Remember, you’re always welcome to reach out through the channels listed on the about page.
CPTS Certified
My CPTS certificate.
By the end of 2023, I had just graduated with my bachelor’s in Software Engineering and landed my first proper industry job as a Software Engineer.
But I decided to pivot my (still very early) career in Software Engineering toward Offensive Cybersecurity. I’d already dabbled with hacking on TryHackMe and discovered how much I enjoyed it, so it felt like the right move.
That’s when I set a big goal for myself: to pass Hack The Box’s Certified Penetration Tester Specialist (HTB CPTS) exam and earn my first ethical hacking certification in 2024.
I started studying on January 2024 and finally got certified in July 2024.
It wasn’t easy. The exam and course material were challenging, and I’d stopped working to focus entirely on preparing for it. Living off my savings for months while pursuing something uncertain, all while watching my peers progress in Software Engineering, was tough at times.
But it all paid off in the end. The course gave me the skills I was aiming for, and the certification helped me land the job I’d been working toward. Overall, a huge achievement for me.
I’ve already talked ad nauseam about the CPTS on this blog, so if you want to dive deeper, check out my CPTS series.
Platinum On HTB Season 6
My performance on season 6.
Before starting my CPTS preparation, I’d never used the Hack The Box platform. Still, I had some CTF experience from TryHackMe and was eager to try it out, especially since I’d heard it was more challenging.
At that time, though, my focus was solely on the CPTS path. I stuck to studying through the HTB Academy platform and didn’t spend much time on CTF practice.
After completing the CPTS exam and while waiting for my results (and starting to look for a job), I finally began exploring the main HTB platform.
Not long after, the sixth season of Hack The Box Seasons was announced. I decided to jump in and set a goal: root every easy and medium box.
Thirteen weeks later, I wrapped up the season with a Platinum rank (just below Holo) and placed in the top 1000 players. I exceeded my original goal by not only rooting every easy and medium box but also a few hard ones as well.
While it’s not a groundbreaking achievement, I had a lot of fun competing and appreciated the strong sense of community throughout the season.
First Cybersecurity Job
The highlight of my year, which I’ve saved for last for dramatic effect, was undoubtedly landing my first job in Cybersecurity.
Leaving my Software Engineering job to hunt for an entry-level position in Cybersecurity was nerve wracking, especially given the challenging job market. Looking back, though, I feel fortunate since it only took 43 days from earning my CPTS certification to receiving a job offer. For that, I’m incredibly grateful for what turned out to be a relatively smooth job search.
Even more so, I’m grateful for the job itself and the company I work for. I had often heard that breaking into an offensive role as a first job in Cybersecurity was very unlikely, so I was mentally preparing to settle for a SOC analyst or another blue team role that didn’t excite me as much.
Thankfully, the job I landed aligns with what I was hoping for. As an Application Security Engineer, I get to scratch that pentesting itch while using my Software Engineering background to identify vulnerabilities in software products. I’m also very pleased with the company itself, the work enviromnent and the benefits it offers.
First Zero-Day Vulnerability
It was also in this year that I discovered my very first zero-day vulnerability in a widely-used software product!
Until then, all of my hacking experience had been limited to CTF challenges and certification exams. It was incredibly rewarding to identify a significant vulnerability in software that wasn’t designed to be exploitable.
While I can’t share much more about the vulnerability itself, it was undoubtedly a highlight of an already great year.
Conclusion
Career-wise, this year was focused on transitioning from Software Engineering to ethical hacking, and I’m happy to say that I’ve successfully made that shift.
However, this is just the beginning of my journey in Cybersecurity, and my goal is to continue making progress each year.
With the new year approaching, I thought it would be a good idea to set some Cybersecurity-related resolutions and share them here to keep myself accountable.
Here’s what I hope to accomplish in 2025:
- Register a CVE for a vulnerability I discovered
- Find a valid bug in a Bug Bounty program
- Earn more offensive cybersecurity certifications
- Achieve Holo tier in Hack The Box Seasons
Here’s to another year of hacking and improvement! See you in 2025.
