Bridge Safe Labs Logo

Just Build Something

Just Build Something

Just Build Something

Yes, I am a criminal. My crime is that of curiosity. A saying many people are familiar with but may not be aware of exactly where it is from. Perhaps it's the the spin off tagline for the 1995 film Hackers. Maybe they've seen it on a T-Shirt or written on an online profile on some social media profile. This phrase was part of a closing paragraph, originally written by Loyd Blankenship, aka: "The Mentor" and published in Phrack Magazine back in 1986. The Conscience of the Hacker, better known by its alternate name The Hackers Manifesto has become staple read in the hacker community. Loyd, "The Mentor" himself has stated that his motivation for writing it was due to the public perception after the release of the 1983 movie War Games, where he said "The only public perception of hackers at that time was hey, we’re going to start a nuclear war, or play tic-tac-toe, one of the two."

Now days, hackers are often stereotyped with a Guy Fawkes Masks, a comfy hoodie, and Thinkpad. Riced out linux distros and thousands of lines running by, scamming companies out of their 365 Credentials and jacking their Session Tokens. Like any stereotype, there's what the world has painted (just google image search the word 'hacker' and you'll see exactly what I am talking about.) Then there is the reality of it. The only question is: Are we going to start a nuclear war? Or just play tic-tac-toe?

Screenshot from 2025-02-08 10-05-48

Many people in cybersecurity are hackers, and pride themselves when a friend or affiliate has provided them that title, proudly flying that flag. Entire organizations are dedicated to hiring read teams to perform penetration tests on organizations, to find flaws in a network, application or environment and provide the findings back to the organization. Allowing the blue team to fill in the cracks as they are uncovered. To protect against attacks, you have to understand how the attacks happen. Does a phishing email, require a user to go to a specific site, sign in, then hook the session token? How did the phishing email get passed the email gateway? Why wasn't it filtered for spam? Did it come from a compromised service that's readily used by the organization, or a colleague in another organization? What is that payload doing? What is that obfuscated Javascript in the browser actually doing?

Learning how attacks work, learning how defensive tools like SIEMs and EDR/XDR systems work, how payloads are delivered and executed, takes a lot of work to understand comfortably. This like anything, takes time. So where do you start?

The answer is simple, and it applies everywhere. Whether cybersecurity, whether offensive red teams, or defensive blue teams, network engineering, software or web development. It boils down to one thing: JUST BUILD SOMETHING.

That's honestly the truth: Just start doing something. You will learn so much by just building things. It doesn't have to be amazing, it just has to be yours and you have to own it. Don't just build things, break them. Intentionally. Figure how how to break something you've built, so you can circle back and build it better. It gives you a deep understanding of what is happening underneath the hood. You want to learn how Windows works? Write an application in a lower level language like C/C++. How a web application works? Write a Flask or Django Project. In the hacker world it's often touted to just write your own tools and applications. I find this, annoying to be frank. Even APTs often take what one person wrote, and reintegrate it for their own purpose, or use publicly available CVE's to hit vulnerable targets. This is how you get different strands of the same malware families.

For the purpose of cybersecurity focus I can provide two examples of simple projects to understand how certain tools and systems work that are easy to script out regardless of your environment.

This one is the basics. Super simple and doesn't take much time at all which I recall from the beginning of one of my No Starch Press Books. Write your own port scanner, then you'll have a greater understanding of what is happening behind the scenes when you're running an nmap scan across an environment. It doesn't have to be one to one in terms of features. But the same base results should be the same and return open and filtered ports and services on said ports.

Another example I can provide for this that applies to cybersecurity. When I was working at a small security firm a few years ago, we would receive alerts for possible ransomware. When digging into the alert and log files associated, it turned out it was just Acronis backup running. Why did that flag? Well, make yourself a backup script. Make sure it compresses the back up files, encrypts the compressed backup, and offloads it, whether to a locally hosted network share, or a cloud provider of your choosing. Sounds a lot like how ransomware works on an endpoint doesn't it?

" And then it happened... a door opened to a world..."

There is no barrier of entry to building up cool things there is no order to the steps you need to take to learn things, as we all learn differently. You have your general rule of things, such as understanding TCP/IP and DNS, but again, you will learn these in depth as you build. Don't get frustrated with your progress. Never compare yourself to others, the internet isn't real life. Your workspace won't always be Instagram worthy, it will get messy, it will get disorganized. You'll break things, you'll have to start over, you'll fix things as you go. Give yourself frequent breaks and pauses if you're stuck. Don't be afraid to ask for help, just make sure you Google first. Break things down into smaller tasks and functions.

You'll make improvements. Add features over time. And you will learn plenty as you go. The only thing that you need to do, is just start building something.

-Kevin (Macros)

Next Post Previous Post

To Top