I guess that many of us working on IT for so many years at some point had this dream (specially the gamers): Develop my very own video game and, why not, actually do some type of career / profit with it.

My studies on AI and Unity have ups and downs every time, since I actually need a full time job to support a family of four, and whenever I have a moment, must be invested on research on my current work field (infosec)

But today the rebirth of the idea just happened when I found the game: Mekorama by @MartinMagni.
My original dream was falling apart just with the though of how many people will require to put a good quality game up, but after finding this game and see that a single developer did everything, from music, artwork, and programming, just revived the though: "It is possible!".

Another incredible example: Astrokat by @minionsart. I had the curiosity and asked her about how much time put into the game and the answer was: "2 years of time while trying to figure everything out/learning". Starting from the very very scratch, and learning the way up.

Now not only has an beautiful looking game in progress, but also shares gold class tutorials about 3D modeling, textures and lots, lots of knowledge so we can join the adventure by ourselves.

The message is clear

Just put some time in the things you want for the future, and before you know, you will be doing exactly what you may desire.

That was my case when I switched from developer to infosec, and now, should I start looking a future change to gamedev?

Why not? :)

Taking as opportunity the recent re-design of my site, I decided to answer (or at least try) one of the most repeated question I get: How can I switch my career to IT security / "hacking"?

Learn all the things

A good friend of mine game me that answer for question about a particular research on hardware security. I was so frustrated that didn't understand a thing about and was looking for a way out with the thought: "Would be worthy to learn this?".

Frustration is one of the things that we must deal on a daily basis on this path, because there is so much learning involved on everything you want to test or achieve, but its so rewarding when you, at the end of all the pain, get a shell, or just get a program to act contrary of its original purpose.

Lets workout the bases first

Before jumping into Virtual machines and CTF's, make sure that you have a strong programming language, specially with the Python language. Its more easy than you may think, since python is one of the most "easy to learn" languages you can see around. You can visit my old Python Crash Course where you can actually learn the language by doing.

Once you are done, the next in the list is to catch up with some networking knowledge. Just grab a simple networking basics tutorial, where you can learn from what is an IP address, to what are sockets and ports, and how can you play with them. Will try to post soon a tutorial for this on a "learning by doing" way.

Don't forget about Linux

Yes, you will need to polish your Linux powers, and specially the command line. But of course, there are so many tutorials around that you will up and running in no time.

My suggestion, the Kali Free course where you can also get a free copy of the Kali Revealed Book.

Take your time with the course, since it contains a LOT of information and complete all the exercises (you can see the solutions there). This will grant you the required knowledge for one of the most used tools in the IT Security Industry.

I'm ready

If you are already done (but seriously, no skipping allowed), lets continue the learning with your first vulnerable application for research and fun:
DVWA - Damn Vulnerable Web Application.

After you complete the challenges of this site, the next "Level Up" will be complete your first CTF's (capture the flag) at:
Vulnerable By Design ~ VulnHub

Let's talk about!

Do you like my selection for starters? Do you have a better approach / idea? Hit me on twitter, will love to get more points of view in this popular question.