TL;DR: Burnt-out Marketing Automation Engineer (8–9 years of Salesforce/HubSpot). I hated the subjectivity of marketing and have wanted to pivot to Cyber since 2021. I finally resigned. I’ve got 1.5 years of runway and I’m spending my first week building a live lab to get my hands dirty.

The Project:
I’ve spent the weekend configuring a personal project to put on my CV. I’ve repurposed an old blog of mine to see how it handles the "real" internet. I’ve set up some monitoring to see how bots and people actually interact with it once it's live.

The "Live CTF" Challenge:
If you guys are bored, I’d love for you to try and find a way in, if you guys want me to add elements or remove elements from the pages in the website lemme know. I want to use the data from these attempts to have real-world conversations during job interviews about hardening and defense. I’ve hidden flags in ~/user and /root. (also please dont judge the content lol ty)

• URL: https://browndisappointment[.]net

• Scope: Root domain only.

• Rules: PRETTY PLEASE NO DOS or DDOS. I kinda want to keep this alive as long as possible!

Some background and questions to the community:

I previously held Pentest+, CEH, and Sec+, but they lapsed while I was stuck in the marketing grind. I’m currently aiming for the BTL1 because I realized I’m a hands-on learner.

1. How "cooked" am I starting over at this stage? (28yo)

2. Does this project make sense ?

3. Any tips for the job hunt or "tarpits" to avoid when pivoting into cybersec?

4. If anyone is looking for a Junior SOC Analyst or entry-level security person in Sydney, I’d love to chat.

I’ll be watching the logs to see what hits. Feel free to reach out if you get in or have any feedback on the setup!

( any help / guidance is appreciated & thank you for even reading this far )

Thanks all in advance <3

Cheers!