HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 71 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum
EH-Net
May 16, 2012, 04:42:49 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
  Home Help Calendar Login Register  
  Show Posts
Pages: 1 [2]
16  Ethical Hacking Discussions and Related Certifications / General Certification / Re: I need your advice connecting to IS certs and careers on: December 03, 2008, 02:44:54 AM
Having spoken on this topic at a bunch of conferences (ChicagoCon, Defcon, RSA, Source, etc.), I'll weigh in:

Forget certifications until you know what you want to do.

Then, once you've figured out what you want to do, figure out whether you need certs to do it.

For example, if you want a job as a pen-tester, certs aren't generally going to help.  Most pen-test consultancies (with a few exceptions) are smaller companies that hire based on knowing people and merit far more than "Oh, you have a CEH, welcome aboard".   In that case, go out and start doing stuff.  Join a CTF team at Defcon.  If you're still in school, participate in CCDC.  Get involved in your local community - OWASP meetings, (Linux/BSD/Mac/Windows) user groups, etc.

Get a CEH later if you feel like it, but it doesn't need to be about that.

(As an example: I've been pen testing for more than 10 years, have lead vuln research teams, have taught certification courses for CEH/ECSA/CEPT and don't have a CEH.)

The bigger question - why do you want to be in security?  What do you love about it?  And what part of it do you find yourself being good at as you read about it and work on it in your spare time?
17  Ethical Hacking Discussions and Related Certifications / Web Applications / Your Best Move... on: December 03, 2008, 02:39:48 AM
Hey all,

So, I was talking with a colleague about a particularly tough app pen test that we're doing, and we got talking about the old Seinfeld episode all about "Your Move". 

For those that don't get the TV reference, it's basically the thing that you do when you really want to do something awesome. 

In the context of pen-tests, it's the thing that you pull out when a test is really difficult - when the standard things aren't working and you need to come up with something awesome.

We got wondering what other people's "Move" is.

In the spirit of sharing... my Move is almost always a shell script fuzzer.  Anyone who has worked with me or taken a hacking class with me has seen me write one of these on the fly - a quick bash script that generates targeted requests that we can use to hit a field (or multiple fields) quickly.    I've always found it an effective way to gain control over my environment.

So... what's your move?

-Mike
Pages: 1 [2]
Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.125 seconds with 21 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.