Penetration Testing mailing list archives
Re: [PEN-TEST] How to "break into" the Pen-Testing field
From: INOM <peter () PETERSPLACE COM>
Date: Sun, 10 Sep 2000 13:27:06 +1000
Make friends, find people that will answer questions ( that's called networking and those network last a lifetime). Test out stuff at home. Offer to audit your friends webservers (Get permission first). Try and keep an overall knowledge but specialize in at least one thing. If you see a website with good information write to the webmaster and ask him how he got his knowledge. I have found that quite a few will write back Find out who in your area is doing Pen testing and offer your time free to do research for them. That way they will see you are not just in it for the glory, and you can add it to your CV. Remember this rule For every 1 hour at the keyboard on a hack, you may spend 100 hours reading. People need to see you have staying power to do that. Show them that and you will get what you want.. I don't know if everybody will agree with me but that's how I did it. Thanks to El Nahual and Am3ntiA, the dudes I been bugging for my info. IN0M http:// w w w . s 0 d . o r g ----- Original Message ----- From: "El Nahual" <nahual () S0D SAL ITESM MX> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Sunday, September 10, 2000 3:50 AM Subject: Re: How to "break into" the Pen-Testing field
On Fri, 8 Sep 2000, Lashley, Bryan wrote:I am wondering how did the readers of this list get into the pen-testing field? What steps did you take to get from where you started in the
field to
where your at now? Did employers train you? Did you get promoted into
it?
Did you create the position yourself?I can only speak on experience, my employer found me in Black Hat, I went by myself because I always liked to learn security stuff, they were impressed a Mexican guy could actually code some stuff (hehehe). We have internal training courses, one guy is a master of overflows, another on IDS systems and so on, so they speack about it, is very interesting and is not ofrmal at all so all kinds of questions are allowed and we all learn ....Pen testing & security is a very interesting area of the IS field I
would
like to break into but many positions posted are requiring years of pen-testing skills which I just don't have outside of my personal lab at home (combo of Win95,NT Srv, RH Linux). Would you recommend starting at
a
big 5 firm? A small firm? Fortune 500's? Has anybody heard of any pen-testing firms in St. Louis?Well check it out, working in your lab at home could be called pen testing, you should include that in your resume or throw it in on the interview, Pen testing can be boring (raise your hand all pen testers that have never nevre never had a really boring audit? .. you lucky you) but if you are interested enough to waste personal time in something that doesn't give you any money back then you defenetly can get in. Enrique Sanchez (El Nahual) http:// w w w . s 0 d . o r g
Current thread:
- [PEN-TEST] How to "break into" the Pen-Testing field Lashley, Bryan (Sep 08)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Drew Simonis (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field El Nahual (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field INOM (Sep 10)
- <Possible follow-ups>
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Bob Radvanovsky (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field gatekeepr (Sep 09)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Dragos Ruiu (Sep 10)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 10)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Frasnelli, Dan (Sep 10)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 11)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Frasnelli, Dan (Sep 11)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Bennett Todd (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field Teicher, Mark (Sep 12)
- Re: [PEN-TEST] How to "break into" the Pen-Testing field gatekeepr (Sep 09)