Penetration Testing mailing list archives
Re: career advice
From: Enis Sahin <enis.c.sahin () gmail com>
Date: Wed, 23 Nov 2011 16:45:40 +0200
I don't regard writing your own scripts or tools for a pentest as being a destructive skill but I guess it's a matter of point of view :) I hope I was able to get my point across about the need to create your own thing as you know more, do more and have ideas that you have to address yourself. Enis On 23 November 2011 16:29, James W. Meritt <jwmeritt () aol com> wrote:
The skill to destroy a building (demolition) is not the same as the skill to construct a building. James W. Meritt CISSP, CISA, NSA IAM, PMP -----Original Message----- From: Enis Sahin <enis.c.sahin () gmail com> To: Nathalie Vaiser <nvaiser () gmail com> Cc: pen-test <pen-test () securityfocus com> Sent: Wed, Nov 23, 2011 4:21 am Subject: Re: career advice There are great replies posted but I just wanted to share my thoughts about programming skills and hacking/pentesting in short. Being able to read code and understand it is essential just like everybody said. Being able to write code is a little different in my opinion. I was getting things done without writing my own code and tools/scripts developed by others was satisfying my needs for some time. It's only after I had some years of experience I had a better attacker mind set and wanted/needed to utilize more elaborate strategies, then the free tools started falling short of satisfying my needs. I find it analogous to playing a musical instrument. When your understanding and ideas of music exceeds a certain threshold you stop playing cover songs and start innovating :) Enis On 23 November 2011 06:11, Nathalie Vaiser <nvaiser () gmail com> wrote:I wanted to thank everyone who responded to my question. I wasn't expecting so many replies (and quality responses). You have all been extremely helpful and given me a lot to think about and useful resources to look into. I'm proud to be a member of this great community. Nathalie CEH, MCP, MCTS, Linux+ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actuallydo a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org -------------------------------------------------------------------------- http://www.enissahin.com | http://twitter.com/enis_sahin ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
-- http://www.enissahin.com | http://twitter.com/enis_sahin ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- career advice Nathalie Vaiser (Nov 22)
- RE: career advice Iman Louis (Nov 22)
- Re: career advice Robin Wood (Nov 22)
- Re: career advice Ali-Reza Anghaie (Nov 22)
- Re: career advice David Glosser (Nov 22)
- Message not available
- Re: career advice Nathalie Vaiser (Nov 22)
- Re: career advice Enis Sahin (Nov 23)
- Message not available
- Re: career advice Enis Sahin (Nov 23)
- Re: career advice Dr. Lizzz (Nov 23)
- Re: career advice psiinon (Nov 24)
- Re: career advice David Glosser (Nov 22)
- Re: career advice tom (Nov 23)