Kyser Clark - Cybersecurity

Hey, everyone who tunes into my livestreams. My primary computer officially died just before today's livestream was supposed to start (after 9 years of service).

Unfortunately, today's stream has been rescheduled for next week.

I have already ordered a new laptop, which should be delivered in the next few days.

I was running Windows 10. Coincidence? I'll let you be the judge of that one.

It's low-key a win because I've been wanting a laptop so I can lab/create content on the go, but I couldn't justify the purchase because my desktop had been working fine.

Now I get a guilt-free laptop purchase lol

1 month ago (edited) | [YT] | 18

Kyser Clark - Cybersecurity

Wild West Hackin' Fest Conference Day 2



I attended:



Run with BHIS



AI Agents in Action: Protecting Against Synthetic Media and Human RIsk Exploits



Giving Swords to Our Future AI Overlords



Learn Faster With AI: Sampling Broadly, Delving Efficiently, and Absorbing Fully



Practical Cybersecurity Control Auditing: From Preparation to Reporting



Augmenting Your Offensiveness With AI for Fun and Job Security





Key Takeaways:



There are a ton of AI tools I can use to speed up learning and work output.



I'm not using AI as efficiently as I thought I was. Specifically, Agentic AI.



Prompt Injection is basically the only attack vector with AI (for now).



It was a fun conference. I'm glad I got to meet new people and see familiar faces!



#WWHF

2 months ago | [YT] | 12

Kyser Clark - Cybersecurity

Wild West Hackin' Fest Conference Day 1

I attended:

Attacking AI - The New Frontier

Web Application Authorization: Taming the Perfect Storm

Golden Age of AI Agents: Think Like a Boss and Work Like a Hacker

Security AI Systems


Key Takeaways:

AI Pentests take longer than traditional web app pentests.

If you're not finding broken access control, you're missing them.

Don't use crt.sh to find sub-domains.

AI skeptics still exist (even people who know a lot about it)



I had a lot of fun and learned a lot. And had great conversations with great people! #InfoSec is such a great community!


I'm looking forward to the 2nd day of the conference tomorrow.


P.S. Apologies for the bad photo. It's the best one I have for this post. I'm a practitioner who happens to make content. I'm not a lifestyle blogger lol.

#WWHF

2 months ago (edited) | [YT] | 11

Kyser Clark - Cybersecurity

Wild West Hackin' Fest Training Day 2.

The training has been great so far. It made me realize that red teaming is closer to my current skill set than I previously thought.

Shout out KirkpatrickPrice for sending our entire pentest team to #WWHF to level up.

I'm grateful to work for a company that invests in people and allows me to reach my career goals (and have fun doing it!).

Joseph Kirkpatrick, CPA, CISSP, CISA, CGEIT, CRISC, QSA asked the group: "What's one thing each of you learned in your class training today?"

My response: "That successful red teams and real world data breaches don't have to follow the cyber kill chain step by step."

Thank you, Michael Allen, for the Paradigm shift. Following the same steps/methodology makes the attacker more predictable. Ultimately, attackers are employing every means possible to breach organizations.

2 months ago (edited) | [YT] | 24

Kyser Clark - Cybersecurity

No livestream this week, as I'm at the Wild West Hackin' Fest.

I'm in the Red Team Initial Access in-person training today and tomorrow.

I'm looking forward to meeting everyone at the conference.

2 months ago (edited) | [YT] | 21

Kyser Clark - Cybersecurity

Yesterday, I became CRT Certified (CREST Registered Penetration Tester).

Back in June, I passed the CREST Practitioner Security Analyst (CPSA) exam. Since I already hold OSCP, I was able to apply through the CREST Equivalency program and obtain CRT without taking another exam.

To be clear: I didn’t pursue this because I wanted another certification. I did it because some of our clients REQUIRE a CREST-certified penetration tester.

When they told us that, I scheduled the CPSA exam almost immediately and passed it two weeks later, without studying.

Here’s the real takeaway for the “certs don’t matter” crowd:

Business value - Holding CRT means my company can retain clients. In many parts of Europe, CREST is mandatory.

Preparation compounds - Because I’ve studied for 9+ multiple-choice certs over the years, I could walk into the exam with zero prep and pass confidently. Without that foundation, this would have taken months of study.

Stacking certifications over time gave me the ability to get this done quickly without stepping away from billable penetration testing work. That translates directly into revenue and client trust.

Certifications matter more than people want to admit. Not because they define skill, but because clients and customers often expect them.

2 months ago | [YT] | 54

Kyser Clark - Cybersecurity

The Flipper Zero has been hyped, banned in some countries, and made headlines across the tech world. But is it actually worth the $199 price tag?

In my latest blog post, I break down what the Flipper Zero does well, where it falls short, who should consider buying it, and why it is more of a gateway into cybersecurity than a professional tool.

If you are a beginner, a student, or simply curious about hacking, this post will help you understand whether the Flipper Zero deserves a place in your toolkit.

Read the full breakdown here: www.kyserclark.com/post/is-the-flipper-zero-worth-…
Watch the video: https://youtu.be/hfaaGE_RPiM

2 months ago | [YT] | 9

Kyser Clark - Cybersecurity

Is the TryHackMe PT1 worth your time?

PT1 is TryHackMe’s junior penetration testing certification that mixes web, network, and Active Directory testing into one exam. A lot of people are calling it a game changer. Others think it’s just another entry-level cert.

I put together a full breakdown comparing PT1 against eJPT, PJPT, and PWPA. In the post, I cover:

✅ The strengths that make PT1 unique
✅ Weaknesses and trade-offs you need to know
✅ Who should (and shouldn’t) take PT1
✅ Why PT1 is a launchpad, not a destination

If you’re deciding on your first hacking certification, this post will help you determine if PT1 is the right choice, or a distraction from the certifications that actually make a difference.

👉 Read the full post here: www.kyserclark.com/post/tryhackme-pt1-is-it-worth-…

Watch the video: https://youtu.be/yHei8DhMRzc

What do you think? Is PT1 worth it, or would you skip it for another path?

3 months ago | [YT] | 9

Kyser Clark - Cybersecurity

I’ve stayed silent about politics and world events on this platform. Not because I didn’t care, but because I told myself it wasn’t my expertise. Because I thought everyone was entitled to their opinion. Because I didn’t want to get cancelled, hated, or attacked for saying something unpopular.

That silence ends today.

We are in the position we’re in right now because people like me didn’t speak up against a radical and destructive ideology. I’ll take my share of the blame for staying quiet this long.

The assassination of Charlie Kirk this week was a wake-up call. The message could not be clearer: “Anyone who dares oppose the radical left deserves to die.” And yes, people celebrated his death.

I was never Charlie Kirk’s biggest fan, but I respected much of what he stood for. Yet according to the radical left, sharing any of those beliefs makes me a “fascist,” a “racist,” or guilty of “hate speech.”

I don’t take threats like that lightly. And this needs to be said:

The radical left’s ideology is a cancer. We tolerated it for years. Every time we let it slide, it grew stronger and chipped away at our country.

So I’m calling on fellow Americans who still believe in American values: stop being afraid to expose the lies, the manipulation, and the bullying. Stop letting these woke ideas be forced down our throats. I’m not afraid to lose followers for saying this. I’ve traveled this country, met thousands of people, and I know the majority of Americans feel the same way. The loud minority is just that, loud.

They branded Charlie Kirk a “fascist,” yet they’re the ones killing political opponents. Do not forget the multiple assassination attempts on President Trump. They call us hateful while claiming they’re “peaceful.” If one of their top voices were killed, cities would already be burning. You know I’m right.

And those who cheer Charlie Kirk’s death, or look the other way while others celebrate? These are the same people who would turn on you in a heartbeat when the breadlines come under the Communist regime they’re blindly helping usher in.

If this message resonated with you, I highly recommend watching/listening to the Latest RealAF with Andy Frisella podcast episode (Ep 936): https://www.youtube.com/watch?v=-jpkn...

3 months ago | [YT] | 14

Kyser Clark - Cybersecurity

🚀 I just published a new guide: How to Start a Cybersecurity Career in 2025 (Step-by-Step Roadmap)

If you’re overwhelmed by all the certs, roadmaps, and opinions floating around online, this blog post cuts through the noise. I break down exactly where to start, what fundamentals actually matter, and how to build a path that fits your goals.

💡 Key takeaways:

You don’t need to be a genius to get into cybersecurity

Master the fundamentals: networking, Linux, and security basics

Level up with coding and cloud computing

Reverse-engineer real job descriptions to choose your specialization

Stop passively consuming content and start taking action

This is the 2025 edition of my “break into cybersecurity” guide. If you’re serious about landing your first role this year, this roadmap will get you moving in the right direction.

👉 Read the full blog here: www.kyserclark.com/post/how-to-start-a-cybersecuri…
Watch the video: https://www.youtube.com/watch?v=TWBFk...



P.S. If you want the full picture, with résumé strategies, interview prep, and salary negotiation tips, I also recommend pairing this with my 2024 edition.

3 months ago | [YT] | 10