What is the state of exploit development in 2021 and is it still worth entering the field now(as a beginner)?

Hey guys so, I have been interested in exploit dev(most precisely binary exploitation and things along those lines), but after hearing some people(like the dudes at Day[0]) claim that the field is most likely slowly dying due to modern security countermeasures(like NX, ASLR and many others) that make exploitation difficult, and also due to the fact that most apps are switching to the web I was wondering if it's still worth investing time to learn and master this craft nowadays. Also what does the future(professionally speaking) look like for an aspiring exploit dev? Are there(currently) or will there still be many job opportunities in this field in say 5 years from now? Is Kernel exploitation also worth looking into once one understands the fundamentals? And finally what is your advice for someone(a beginner) who wishes to grow and excel in this field.

Apologies for the long and possibly convoluted question, but I am currently going over the fundamentals and while I am enjoying it so far, I am beginning to see that this is quite a complex field, so If I spend a year or two learning it I would hate to later find out that there are no more opportunities for people with this skill set.

PS: I am currently 25 years old willing to spend a year or two developing the skills so if necessary be as brutal as you need to be in your answers if you think I need a reality check, for I'd rather get "tough love" now than a tougher time making ends meet in 2 years(or however long it takes to get job ready). Thanks

submitted by /u/yuyumprod
[link] [comments]

from hacking: security in practice https://ift.tt/3tPqRlc

Comments