7 replies to this topic

[Voodoo2]

Hi Everyone.  I'm new to the forums, but I used to be subscribed to Binrev a long time ago.

 

I'm trying to pursue a career as a pentester.  I was just wondering if anyone had any solid advice on gathering pentesting experience?  I already have a home pentesting lab and I already have my Ethical Hacker certification.  

 

I just wanted to hear what you guys think.  It is frustrating because employers have such unreasable expectations when it comes to pentesting experience.

 

 

 

 

 

 

[phasma]

Never stop reading and keep asking questions. I would use your home pentesting lab to practice securing/exploiting certain devices so you can gain some hands-on experience. Understanding how devices, networks, and applications function gives you a better understanding on how they can be exploited. 

[systems_glitch]

Hang out in binrev IRC. There are a few members who are consistently around who work in the IT and security industries.

[Voodoo2]

I will stop in sooner rather than later.

[tekio]

Have you thought about just starting your own LLC? Really, you just need to pay licensing fees, build a web-site, and get some clients. Most pen-testing contracts are through "word of mouth" advertising anyway...

[Voodoo2]

It's a dream of mine to one day have my own security company.  I understand the basic outline of a Penetration test, but I dont think I have enough experience to provide the kind of service yet.  Good news though is that I do have some leads on a pentesting type job.  

[tekio]

I will recommend this to, if you don't already know: pauldotcom.com

 

It's a community and podcast/videocast ran by two guys who are pro pentesters. I've been listing to it for a few years now.

[Bit Viper]

Something else to keep in mind... penetration testing is far from being the only option in the security field. Sure, it's the flashy, hot-topic item that everyone wants to do since you get paid to try to break into people's stuff. Who wouldn't want to do that? That's almost as cool as being a video game designer!

 

Don't sell the other areas short, though. And realize that, not unlike being a video game developer, there are a lot of other parts to pen testing that may not be very apparent until you're in the field.

 

- Are you sure you're not causing PERMANENT damage to your client's systems? Maybe that nifty new remote root exploit as a nasty side effect of corrupting a system file or resetting those complex permissions on an application.

 

- Are you sure you've tested EVERY SINGLE possibility for external vulnerability? If your client pays you thousands of dollars and then three months later is compromised by something you never mentioned, you can expect (at the very least) a nasty phone call.

 

- Have you provided sufficient documentation about all the vulnerabilities? This is where all those reports you wrote in high school and college will come in handy.

 

- Have you got hands-on programming experience in a lower-level language like C or assembly? Metasploit and other point-and-click tools are good for speeding up the process, but you want to be sure you really understand WHY things are working the way they do. (Protip: go read "Smashing the Stack for Fun and Profit" if you've not. I've never seen a better write-up on how buffer overflows work.)

 

- Do you have experience with Windows systems? Good. How about linux? Ok. How about AIX, HP-UX, or Solaris? Cisco IOS? Multi-platform knowledge is fundamental to getting the big picture. Again, your client will want to know about EVERYTHING you find, not just that you were able to Hax0r their old Windows 2000 web server.

 

I don't work as a pen tester; I never have, and I doubt I ever will. However, I do work in security, so I like to think I have a bit of the mindset that you need. There are plenty of other cool jobs in the field; don't limit yourself. Keep an open mind, especially while young, and you'll benefit from the added experience. You'll find where you fit in.