Results 1 to 5 of 5

Thread: Can someone teach me how to be a penetration tester

  1. #1
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    5

    Default Can someone teach me how to be a penetration tester

    Hi
    I want to get into pentesting and networking.
    I know basics of using a Linux, but every where i go requires some knowledge of it.
    I was looking at taking courses at Offensive Security, but they require basic networking knowledge and other stuff i dont have.
    Where should i go to learn about this?
    And, i have a EEPC im buying off my little brother for 50$, its a ASUS EEPC N900 Series or something, that work for Backtrack? Only four gigs of storage but it will do. Im messing with it right now, its got some weird linux distro.
    The only real knowledge of hacking i have is i have passed things like Hack this Site and HellBound Hackers (HTML, PHP) and i messs with computers alot. I use Cain and Abel on windows if that is at all similair, but i only know basics like using the sniffer.
    Where can i go to learn the basics, like basic networking, ettercap, and another thing that has nothing to do with everything else is SQL Injection.
    If somene could point me in the right dirrection t hat would be great,

  2. #2

    Default

    Where can i go to learn the basics, like basic networking
    You want to be a pentester? IMHO, you need to learn as a basic set of skills, the following:
    Linux and Windows to a system admin level.
    TCP/IP
    Network Devices, their functions and some basic commands of these.
    Popular applications and how to configure/set them up (web, dns, mail etc...)

    Once you've gathered that information, then start with the computer security portion of your education: How to secure various O/S's, understand access control lists, firewall rules (i.e. iptables), understand various threats against each O/S and network devices, and various popular applications. A basic knowledge of packet analysis is very useful at this stage as is basic scripting languages such as VB, bash, perl, python or ruby.

    Then once you have a knowledge of those concepts, you can apply that knowledge to testing these systems and devices as to whether they are secure or not.

    I have been told the offensive security courses are very good. I would not take them until I got to this last stage (application of knowledge), that way you would get the most for your time and money.

    Luckily, the internet has most of the pre-requisite information for free!

    As a start, IBM has a "redbook" site that contains in-depth information about various protocols and configurations. I would recommend the redbook on TCP/IP to start your education on TCP/IP and networking. The link is HERE

    For networking devices, Cisco has detailed documentation all over their site on their various products.

    You seem to have the basic equipment at your disposal, so I would recommend you start reading and practicing. There are tutorials and howto's all over the net. Start at step 1: "how to configure X" before you jump to Step 3: "pentest X"

    Good luck, it's a great journey if you are willing to dedicate the time.

    Regards,
    cybrsnpr

  3. #3
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    You've got to look the part too lol Get yourself one of these T-shirt Bio Homme | Backtrack-fr, put a pair of theses Superman Brief 100% official DC Comics - Mens underwear, swimwear, clothing and accessories. Men's briefs, boxers, hipsters. Australia on over your trousers, tie your tie round your head and your half way there. Then just everything what cybrsnpr said and finally call your mum in the room and show her how cool your are hehehe Kidding

  4. #4
    Senior Member MikeCa's Avatar
    Join Date
    Jan 2010
    Location
    DC
    Posts
    129

    Default

    Something about a cart and a horse comes to mind...

    Google my friend, you have the terms, just take those terms and search with them. Your results will return books, wikipedia articles and tutorials, read and perform them.

  5. #5
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    8

    Wink It's just a state of mind.

    Quote Originally Posted by Side Winder View Post
    Hi
    I want to get into pentesting and networking.
    I know basics of using a Linux, but every where i go requires some knowledge of it.
    ---cut---

    If somene could point me in the right dirrection t hat would be great,
    It's really very simple.

    You are ANYTHING you want to be, however there will allways be folks that are better then you.

    Do as they did.

    Learn how to find the info you need, then study it.
    Make mistakes and learn from them.

    Security is a state of mind, so is pentesting.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •