Pen-Testing and Metasploit Question

[kbeaver at principlelogic.com (Kevin Beaver)]

Spend an hour or two at your local bookstore or library one day and 
check out my book Hacking For Dummies. I talk about the overall ethical 
hacking (a.k.a. pentesting) methodology including using Metasploit. More 
ahead hopefully later this year in the forthcoming 3rd edition.

Also check out what I've written in my blog and recorded in my audio 
programs about security careers at http://securityonwheels.com. I also 
have links to articles on security careers, testing, tools, etc. at my 
company site: www.principlelogic.com/resources.html

Hope this helps.

Kevin Beaver



pandini pandini wrote:
>  I'm in the same boat that professor, trying to get into pentest
> industry but I don't know "where to start". I agree with what max
> said, imho methodology is the center of the thing, know how and why,
> is really better than know "where to click" or what command to run.
>
>  My questions are, "What the industry expect from a pentester" (audit
> database, software source code, networks, servers , etc..), "What is
> generally done in a basic pentest", and what certifications are "good"
> to proof some basic knowledge. Just say to a company that "I'm able to
> do a pentest, can you give me a change ?" will don't work.
>
>  I think that I need some formal proof of knowledge, as I haven't any
> professinal experience in pentest, this is the only one way that I
> see.
>
>
>
>  Thanks in advance,
>  Pandini.
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework