Security Basics mailing list archives
RE: Programming SKills for PT...?
From: "Swaminathan, Balaji" <Balaji.Swaminathan () kla-tencor com>
Date: Wed, 13 May 2009 20:25:33 +0530
Thnx for the info, all. How far does Assembly Language fits into this category? Or its usage restricted only to some thing(!)...? Regards, Balaji Swaminathan .M -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of JoePete Sent: Monday, May 11, 2009 1:38 PM To: Swaminathan, Balaji Cc: pen-test () securityfocus com; security-basics () securityfocus com Subject: Re: Programming SKills for PT...? On Mon, 2009-05-04 at 21:02 +0530, Swaminathan, Balaji wrote:
1. What are the programming/scripting languages needed to accompolish the above?
This is a bit of a moving target, depending largely on what you are trying to attack. This is why people work in teams. A simple case of trying to attack a Web based application: You have browser scripting (javascript), server scripting (PHP, .net, etc.), A database is probably involved (SQL). That is before you even get to attacking the underlying services (Apache, MySQL, etc.) or the OS. I would start by specializing. Learn one technology/language really well and then move on. Don't try to do everything at once.
2. I see most of the real hackers are well proficient in almost all of the the technologies like Networking, Application/WebApplcn testing,
OS
etc. Is it so...?
Not necessarily. They are really good problem solvers -- they do what it takes to solve the problem and aren't afraid to fail 1000 times before they get it right once. Again, learn one thing well first. Find people who need your skills, work with them, learn from them. But you have to make yourself valuable to them. Crawl before you walk, walk before you run. The worst thing, whether you wear a white or a black hat, is arrogance. Mentally, breaking and securing systems is really hard work and frustrating. -- JoePete ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Re: Skills needed to become a Security Expert and Penetration Tester? Joseph McCray (May 04)
- Message not available
- Re: Programming SKills for PT...? George Huber (May 08)
- Message not available
- Message not available
- Re: Programming SKills for PT...? Robin Wood (May 08)
- RE: Programming SKills for PT...? K K Mookhey (May 08)
- Re: Programming SKills for PT...? Robin Wood (May 08)
- Message not available
- Re: Programming SKills for PT...? JoePete (May 11)
- RE: Programming SKills for PT...? Swaminathan, Balaji (May 18)
- Re: Programming SKills for PT...? JoePete (May 11)