Security Basics mailing list archives

Re: Skills needed to become a Security Expert and Penetration Tester?

From: Joseph McCray <joe () learnsecurityonline com>
Date: Sat, 02 May 2009 19:16:35 -0400

I'd say that you are on the right track Chip.

I think interpreted languages like Perl, Python, and Ruby might be more
helpful than languages like C++, and I think getting really comfortable
on the web application security side of the house is important as well.

The bottom line is you can't go wrong as long as you are always trying
to improve. For me when I'm interviewing pentesters the key thing I look
for is the background.

1. Are they comfortable with Linux/Unix? If so - how comfortable?
2. Are they comfortable with Windows/Active Directory? If so - how
comfortable?
3. Can you program? If so - what languages? Any database experience?
4. Can you problem solve? And can you find solutions that work for the
customer's technical and political environment?
5. Are you comfortable interfacing with people that aren't very
technical (i.e. senior management)?
6. Are you comfortable writing technical documentation because believe
me - you will be writing a lot of it as a pentester.

I hope this helps you out Chip.

--
Joe McCray

Toll Free: 1-866-892-2132
Email: joe () learnsecurityonline com
LinkedIn: http://www.linkedin.com/in/joemccray
Twitter: http://twitter.com/j0emccray
Website: http://www.learnsecurityonline.com

Video of my Advanced SQL Injection Presentation:
http://vimeo.com/3418947

"The only thing worse than training good employees and losing them
is NOT training your employees and keeping them."

- Zig Ziglar

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified
Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------

Current thread:

Re: Skills needed to become a Security Expert and Penetration Tester? Joseph McCray (May 04)
- Message not available
  - Re: Programming SKills for PT...? George Huber (May 08)
- Message not available
  - Re: Programming SKills for PT...? Robin Wood (May 08)
    - RE: Programming SKills for PT...? K K Mookhey (May 08)
- Message not available
  - Re: Programming SKills for PT...? JoePete (May 11)
    - RE: Programming SKills for PT...? Swaminathan, Balaji (May 18)