Welcome to the forums keith.

Although certificates are a great thing and something which will help you surely, consider that experience may be more important. I know some people with some well-known certificates which seem not to know really much when you start a discussion with them. Others I know have only a few or no certificates and are "high-skilled" penetration testers.

I would go for one of the certificates in the penetration testing management area which may help you more in terms of getting new clients.

Yeah, although only a short part was recorded I liked it. Good job.

Will you do presentations in future or was this an experience which was nice for you but nothing you would like to be repeated?

Although I don't think that I would win, I think those prices offered by EH are really great and not those often seen "not really needed prices". Not because of the prive value but because this is something which can improve your overall education very well.

Great deal, good luck everyone.

I think too that the main part will become webapp pentesting but surely network pentesting won't die out. Maybe the whole webapp security will become a litte less important after a later future when the boom is over.

But I am pretty sure that webapp security will be at least for the next time the bigger market for penetration testers.

I am not aware of a program which can do what you need yet, but it shouldn't be too hard to code if you have some basic knowledge in programming.

Rather than just rely on (just) such a tool I would recommend to do for example every month a little presentation about social engineering and make them aware of possible scenarios how a social engineering attack could look like. In my opinion it is not enough to tell people this once as with time they will forget or become careless.

Instruct them on a regulary basis what to do and what not to do. Consider also, that there can be ways to hide or erase information that a device was plugged in or didn't get detected by your program for various reasons.

In my experience it also helps not only to tell them about SE (or other topics) but also discuss about it and let them ask questions. When people talk by themselfs about it it often will remain longer in their brains because it was something active (talking) and not only passive (listening).

Metasploit is a really great tool with which you can safe some time and backup your results with other results.
Looking forward to its future development, thanks for the pdf.

Welcome to the forums.

I think it was a good decision to start studying although your are already a "little old". Often people won't start to study when they are older then the usual students because they are for some reasons afraid.

Good luck.

Congratulations

A short review about the videos you watched and hopefully learned from would be nice.

So far I have only built a PS/2 Keylogger by myself. While testing around it worked with most of my PS/2->USB adapters but unfortunately not with all.

Currently I am also writing an article about hardware keyloggers where I also compare different ones but it will published only in a few months unfortunately because of various reasons.

So far I can tell you that there are not major differences between most products available. However, I haven't testet them as extensively as I want yet.

Yeah, I am looking forward to them too. But I expect from OS nothing but good.

I am wondering if there are any other sample pentesting reports available from other companies or individuals?

Thanks for your thoughts jimbob.
I already asked Don about writing for ethicalhacker.net but it seems that there are already enough writers, so.

I will check the SANS Reading Room, thank you very much for the hint.
In terms of the CV.. how would one write published articles in e.g. SANS Reading Room? Same as with published ones?
So far I wrote something like:
"Title of the article", Magazinname, Date

I think too that it is better for starting to contribute one, two chapters to a book to get more experience at all. I guess I will give Syngress another try and back it up with a few examples of my writing (although I did this already).

Any other recommendations and thoughts are highly appreciated, thanks.

I have wrote some articles for the hakin9-magazine and would now like to expand my experience with this kind before actually going to book-writing. Therefore I wanted to ask if you have any recommendations for good and well-known it-security related magazines where I could write articles for. If it is for the US-area or Europen-area doesn't matter.

I am mainly interested in print magazines and not in online ones as I would like to add all extensive articles I wrote on my CV where i think online ones would not be that good as printed ones may look more professional.

Also I am interested in how to get into the position of an co-author of a book. I already wrote to some publishers (e.g. Syngress) but unfortunately I mostly haven`t received an answer yet.
I would really love to contribute to a few chapters of a book before publishing my own.

Any recommendations and offers are welcome.

Much appreciated, I really liked the video. Good work.

Congratulations!

For your resume I would write something like CCNA 1 - Networking Basics and the date you passed it.