Penetration Testing mailing list archives
Re: How to become a pentester
From: Danux <danuxx () gmail com>
Date: Sat, 11 Dec 2010 02:29:01 -0600
It depends, there are different levels of pen testers, the ones who only run tools, in which case Organizations does not need them since they can do the same thing, and the ones who create their one exploits based on the Organization being tested. You will not be able to cover all the pieces by yourself, commonly, there should be a team with different skills, some with good experience in the networking side (routes, switches, firewalls, ids/ips, etc), other with background in Application Security, other in different flavors of Operating Systems and so on, so I kinda disagree with Andres, since for me to become a real pen tester which means acting as real hacker is too too far away from I guy who holds CE|H and or Security +. Now, you as a student, you gotta start from scratch (as all of us), I mean, you need to join a Company doing pen testing, be part of the testing team, learn, learn and learn and then you will get to a point where is up to you to decide if you wanna become a high-skill pentester by getting training from different sources and mainly doing your own research or as I said, the other option is just keep running hundreds of tools as taught by CE|H, sorry, I am not a fan of this certification, actually ... it sucks!!!! specially because they named you an Ethical Hacker once you pass their written exam. Again, all training is good, specially when you are trying to get more experience, just choose the right path based on your expectations. Hope this helps. On Fri, Dec 10, 2010 at 2:05 AM, Anupam Kumar <anupam () kumargroups org> wrote:
Hi Andres, It is quite simple to become a pentester. You need to ensure that you have thorough understanding in security. Having certifications like CEH or Security+ is helpful. Remember that a pentester can't be confined to one technology. You virtually need to know everything. However, in the beginning you might not get a job as a pentester as organisations want experienced people. So it is often helpful to join as an Administrator and then become a pentester after a couple of years. ------Original Message------ From: Andres Rauschecker Sender: listbounce () securityfocus com To: pen-test () securityfocus com Subject: How to become a pentester Sent: Dec 9, 2010 1:56 AM Hello guys, I am going to school yet, but I want to become a pentester in my later life. I've been programming for four years now and started to deal with IT-security two years ago. I've asked a lot of people working in IT-business, what they did to get their job, but unfortunately I never got to know a pentester. Because of that, it would be really great if anyone of you could tell me, how he became a pentester. Thanks in advantage and sorry for my bad English (I'm from Germany), Andres Rauschecker ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ Thanks & Regards Anupam Kumar Mobile: +91 98860 45030 Sent on my BlackBerry® from Vodafone
-- DanUx ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- How to become a pentester Andres Rauschecker (Dec 10)
- <Possible follow-ups>
- Re: How to become a pentester Anupam Kumar (Dec 11)
- Re: How to become a pentester Danux (Dec 11)