There are so many ways to get into cyber security. Tried to gain a skill on bug bounty (web sec) but seems this is not my cup of tea. I am a male(37) from India. A brief about me , I have only 3.3 years experience as a software tester(manual). I was depressed for many years but I am alright now . Wanna do something I like. As a regular path, I am now good at coding (have coded c++ 12000 lines of code), learnt java, selenium(automation). But heart still doesn’t feel right. I am not on a job.
When I look at moving into cyber security, I wanna keep base on atleast programming skills. There is pentesting, websec, android security ( which I think of because Java is involved).
Is it so that if I learn ASM, read books on malware analysis, still no one will give me a job. They all want experienced guys. I feel I will be able to grasp ASM and concepts around malware analysis.
Or should I learn about pentesting like windows,linux privilege escalation, enumeration and nmap, metasploit and stuff like that and get my foot in the door. Gather learnings from tryhackme and attempt hackthebox.
You cyber sec guys might see my aptitude and by your experiences can plz suggest me. I am in this some sorta delirium since 6 months. In parallel like an alternate mind, I kept learning about java, selenium to gain something.
Please guide me. I appreciate you took time in reading this.