Maybe also have a look at devsecops?
Doe
joined 1 year ago
If anything that’s a great learning environment. Offensive security is a lot of reverse engineering, figuring out how stuff works based off (extremely) limited information and understanding how best to attack it.
Moreover, as these are old systems, they’re more likely to be outdated and vulnerable - not that you should try without permission or a clear understanding of what you are doing, particularly on production gear.
At any rate, no company will pay you to learn a completely different job to the one they hired you for. So you’re going to have to spend some of your own time learning about security. Where to start has been repeated ad nauseam online so I won’t attempt it.
I bought one but didn’t find it to be capable enough for what I needed it for.
I was looking for a good RFID tool, but the flipper isn’t compatible with libnfc, and its clock speed meant it couldn’t do more modern RFID chips (143333 based, eg Mifare).
It also lacked the ability to be a proper embedded device debugger as it only had UART and not much else.
Fun tool and I suppose, for it’s price, rather decent. But not useful to me; I sold it within a month.