Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Career Progression

From: <rick_list () darwinsweb net>
Date: Thu, 25 Mar 2004 18:48:02 +0100

The last group of e-mails "Mentors" has got me thinking again and I'm
really curious to find out how to get from where I am to where some of
you are?  Not geographically speaking of course.  I already know where
the airport is thank you very much.

I've been doing pen testing/application assessments for about 3 years
now.  I learned a lot on my own by keeping up with the old bugtraq and
digging up old posts from the dc-stuff mailing list (not sure if that's
even alive anymore).  

Once we got funding at work I started taking any class that they'd pay
for.  A few Hacking Exposed classes by Foundstone, a CSI Application
Assessment blah blah blah class (which really sucked) and a secure
application class put on by @stake.  Now, at work, we've had overall
funding cut (all pen test/app assessments to be outsourced) and our
training budget is $0.  So I won't be getting anymore training classes
this year.

I took it upon myself to learn python.  Mainly because I tried going
through the "learning c in 21 days" and O'Reilly C books but I wasn't
really getting it.  I never took programming in school... so after I
read a few things on the W I decided to learn python.  I have a decent
grasp of it now, but I'm wondering how the hell I'm going to get to
where I want to be, which is more towards the line of application
assessments.  

Not that it's a great career path, but at least some of the application
assessment stuff I was doing was fun.  That's more than I can say for
this IDS crap that I got involved in by accident.  Plus the fact that
we're paying 20G for two guys for 1 week, per application, to do what I
used to do for my crappy annual salary.  I could use 10k a week and work
7 or 8 weeks out of the year.  I'm OK with that.  ;)

Oh yeah, back to my question:  Any suggestions, comments quips on what I
should be focusing on now and how to get where I want to be?  I just
started wondering how everyone else got to a sophisticated level of
application hacking/testing/assessing/understanding.  

Feel free to reply off-list.

-Rick
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: