HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 72 guests and 1 member online
 
Advertisement

You are here: Home
EH-Net
May 22, 2013, 08:38:46 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
  Home Help Calendar Login Register  
  Show Posts
Pages: 1 [2]
16  Ethical Hacking Discussions and Related Certifications / General Certification / Re: I need your advice connecting to IS certs and careers on: December 03, 2008, 02:44:54 AM
Having spoken on this topic at a bunch of conferences (ChicagoCon, Defcon, RSA, Source, etc.), I'll weigh in:

Forget certifications until you know what you want to do.

Then, once you've figured out what you want to do, figure out whether you need certs to do it.

For example, if you want a job as a pen-tester, certs aren't generally going to help.  Most pen-test consultancies (with a few exceptions) are smaller companies that hire based on knowing people and merit far more than "Oh, you have a CEH, welcome aboard".   In that case, go out and start doing stuff.  Join a CTF team at Defcon.  If you're still in school, participate in CCDC.  Get involved in your local community - OWASP meetings, (Linux/BSD/Mac/Windows) user groups, etc.

Get a CEH later if you feel like it, but it doesn't need to be about that.

(As an example: I've been pen testing for more than 10 years, have lead vuln research teams, have taught certification courses for CEH/ECSA/CEPT and don't have a CEH.)

The bigger question - why do you want to be in security?  What do you love about it?  And what part of it do you find yourself being good at as you read about it and work on it in your spare time?
17  Ethical Hacking Discussions and Related Certifications / Web Applications / Your Best Move... on: December 03, 2008, 02:39:48 AM
Hey all,

So, I was talking with a colleague about a particularly tough app pen test that we're doing, and we got talking about the old Seinfeld episode all about "Your Move". 

For those that don't get the TV reference, it's basically the thing that you do when you really want to do something awesome. 

In the context of pen-tests, it's the thing that you pull out when a test is really difficult - when the standard things aren't working and you need to come up with something awesome.

We got wondering what other people's "Move" is.

In the spirit of sharing... my Move is almost always a shell script fuzzer.  Anyone who has worked with me or taken a hacking class with me has seen me write one of these on the fly - a quick bash script that generates targeted requests that we can use to hit a field (or multiple fields) quickly.    I've always found it an effective way to gain control over my environment.

So... what's your move?

-Mike
Pages: 1 [2]
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.068 seconds with 21 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.