Results 1 to 10 of 10

Thread: What goes into a Penetration tester

  1. #1
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    5

    Question What goes into a Penetration tester

    I'm sure that title can generate a lot of jokes anywho movin' on...

    I want to become a Penetration Tester. And the more I research the subject the more confusing it seems to become. I also want to be able to write my own tools etc... So I have started learning Python2.7, MIT's 6.00 Computer Science course youtube lectures, and downloaded a bunch of PDF's on Computer Science, Ethical Hacking, etc...

    I have also looked into various courses on the subject and found a mountain of information that will take me well on into my 70's to finish reading. So I have come here to ask you guys where and what I need to learn in order to become a certified Pentesting nerd (and I say nerd lovingly). I live in Canada so any course/certification needs to hold weight in my country. I am also poor as hell and cannot afford to waste money on courses that will not help me achieve my goal. Thanks for your time and have a great day

  2. #2
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: What goes into a Penetration tester

    Here are the best of the best. Truly worth it, take my word on this.

    http://www.offensive-security.com/
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  3. #3
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: What goes into a Penetration tester

    Let me first give the disclaimer that I don't do pen-testing for a living (yet), but computer/network security is part of my job I can recommend Gray Hat Hacking: The Ethical Hacker's Handbook (still gleaning good nuggets of info from that). Also will recommend any of the Hacking Exposed books (specifically Hacking Exposed 6, Hacking Exposed: Windows, Hacking Exposed: Web Applications, Hacking Exposed: Wireless). Perhaps attending some local hacking conferences would help.

    Do you currently have the I/T background to do security? What I mean is stuff like: networking skills, programming experience, hardware experience, etc. If not, I'd definitely get comfortable with the pre-requisites before plunging into security.
    Last edited by scottm99; 07-19-2011 at 01:56 PM.
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  4. #4
    Senior Member
    Join Date
    Jan 2010
    Posts
    140

    Default Re: What goes into a Penetration tester

    Quote Originally Posted by sickness View Post
    Here are the best of the best. Truly worth it, take my word on this.

    http://www.offensive-security.com/
    Agreed. I have both my OSCP and OSCE. The courses are inexpensive and will give you a great starting point for Pentesting.

  5. #5
    Member
    Join Date
    Jan 2011
    Posts
    63

    Default Re: What goes into a Penetration tester

    How much programming knowledge is required to feel comfortable? I basically don't have any but I am working on a degree in computer networking and will have my CCNA after this Fall semester. In the Spring I am taking a course that touches on script coding but doesn't go much in depth. Depending on how it goes I will take the second one as well but there is only these 2 classes at my college that even touch programming in Python, Ruby, or the other popular one (getting late, memory failing). After I graduate and have the time is when I will be taking the OSWP AND OSCP courses and I just want to be prepared the best I can in a reasonable manner.

  6. #6
    Just burned his ISO ewiget's Avatar
    Join Date
    Mar 2007
    Posts
    16

    Default Re: What goes into a Penetration tester

    Just fyi, you can take all the courses in the world for pentesting and you can read all the documentation on the internet about pentesting, and I am sure you will at least have the basics methodology down. However, I have stated numerous times that pentesting and any other IS field is more a frame of mind than anything, i.e. thinking outside the box. Its more than just book smarts and trying to cover everything is asking for disaster. Pick a subject that interests you and MASTER IT. I am saying this after having been in the field since late 90's and also having taught numerous college courses in the subjects. Some people have the necessary book smarts but don't have the desire to apply it outside of the classroom.
    Ed Wiget
    "Job security -- feeding the gates empire!"

  7. #7
    Just burned his ISO
    Join Date
    Jul 2011
    Posts
    7

    Default Re: What goes into a Penetration tester

    I am kind of in the same boat as you. From the advice I have been getting a 4 year degree really helps, even if it isn't a infosec degree. As far as classes I have been told that you get a lot more out of boot camps than traditional college classes. I have not yet been to one, mainly because they are so damn expensive, but will eventually. As for just learning things on your own, there's tons of resources online. However, I would look into books as well, it seems people tend to forget about them and they are usually ten times better than the stuff you find online. I would also say don't be afraid to practice in the real world, because you are going to have to learn anything. Just do not do any thing too stupid. At least that's what I am trying to do.

    Oh, and pick up a programming langue even if you don't want to.

  8. #8
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: What goes into a Penetration tester

    Good points, ewiget I, too, am a relative graybeard in computing. Most of my professional life has been in programming, so that's my main strength. However, having a good networking background, and hardware experience has helped my coding skills, and vice versa.
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  9. #9
    Member
    Join Date
    Apr 2010
    Posts
    53

    Default Re: What goes into a Penetration tester

    A little off topic here but where can I hack to get income of probably 500-600 a month.
    I am a student and short of cash. Do something legal and within my interest will be good.
    Anyone know of a good place to start?

  10. #10
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: What goes into a Penetration tester

    You might be able to hire on, part-time, with a local computer repair shop. In many places like this, the staff is light on security experience. But these places always getting in boxes that have been blitzed with some sort of malware, or customers asking "How can I protect myself?". This comes second-hand, and you definitely won't get rich doing this kind of work, but it'll mean some money in your pocket.
    Last edited by scottm99; 01-18-2012 at 02:58 PM. Reason: forgot some stuff
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

Similar Threads

  1. Can someone teach me how to be a penetration tester
    By Side Winder in forum OLD Newbie Area
    Replies: 4
    Last Post: 01-01-2010, 02:09 PM
  2. Someone teach me to be a penetration tester overnight.
    By to learn in forum OLD Newbie Area
    Replies: 21
    Last Post: 11-12-2009, 02:36 AM
  3. Penetration Tester Selection
    By bestia in forum OLD General IT Discussion
    Replies: 7
    Last Post: 09-19-2009, 04:38 AM
  4. penetration tester's open source toolkit
    By niamain in forum OLD Newbie Area
    Replies: 109
    Last Post: 01-27-2008, 04:52 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •