HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 41 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow General Certificationarrow Advice on the rigth Path in becoming an Penetration Tester
EH-Net
May 23, 2013, 11:07:16 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Advice on the rigth Path in becoming an Penetration Tester  (Read 5452 times)
0 Members and 1 Guest are viewing this topic.
ITninja
Newbie
*
Offline Offline

Posts: 3



View Profile
« on: July 13, 2007, 05:59:04 PM »
Hi fellow Ethical hackers,


I passed my CEH last month thanks to the advice from all the great posts in the forums.

Blackazarro post was a great help check it out:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,1369.msg4925/topicseen,1/#msg4925

My only concern NOW is what next and what path should I take. I want to become a Penetration Tester but I'm not sure that I am following the right path.

I was told that I should get certified in Linux+ for OS ( as I have already got my MCSE)  then do the CCNA for networking and get some Programming Language experience in Perl or python.

Do you guys have any good advice on where I should be heading, what path to take and what certifications or experience I would need to get me started on this journey? Smiley
Logged
Don't just think out of the box. There is no BOX !!


MCSA, MCSE, CEH
Kev
Guest
« Reply #1 on: July 13, 2007, 07:08:55 PM »
This might seem like a silly question and dont take offense, but do you know what's the life of a Pentester?  Do you want to make a living as a full time pentester?  Many pentester travel as much as 30 times a year or more.  If you are married it can become a problem for some.  You are living out of hotel rooms and under a lot of pressure to get results. Some people cant handle the stress. If you certify a network as secure and it gets hacked a day later because you missed a simple vulnerability, well your reputation just went down big time.  You might show up to do an inside audit and all the admin see you as their enemy because they are worried you are going to make them look bad.  Also you better be into paper work, lots of paper work. Those are the negative. The positives are extremely rewarding if you are the kind of person that likes to solve puzzles and riddles. Its never boring and each situation is a new adventure.  Each person has to decide if the positives out way the negatives. 

Any way, my very first advice to someone is to research what  being a pentester involve. What is his lifestyle. If you feel comfortable with what you find, then move forward. But really get a handle on that first and I cant stress that enough.
« Last Edit: July 13, 2007, 07:12:17 PM by Kev » Logged
What90
Full Member
***
Offline Offline

Posts: 120


View Profile WWW
« Reply #2 on: July 13, 2007, 09:17:23 PM »
ITninja,

Kev's advice is excellent and well worth taking the time to work out if that's what your after as a career.

If it is, then a good starting point to look at is working for one of the big auditing companies - Ernest and Young, KPMG, PWC and so on. Some of the smaller security companies do the same thing.

They have intake programmes for new starters. It's long hours, some boring work (you've got to love documentation) and lots of travel, but after two years you'll have solid experience and proven security work on the CV.

You just need to contact them and see what they want or can offer.
Logged
http://www.chris-mohan.com
ITninja
Newbie
*
Offline Offline

Posts: 3



View Profile
« Reply #3 on: July 14, 2007, 03:29:59 AM »
Thanks for the advice guys, you have summed it up very well and gave me food for thought.

 I know there will be a lot of hours, traveling, and I would need to like doing lots of documentation work and have a pay attention to detail kind of skill.  I will do more research on what involves being a pentester, their lifestyle and risks at their reputation etc. But from what I know so far it is something that I would like to pursue.

I always think that you should try something first and experience it for yourself and then you can decide if it is for you or not.

I think like what What90 said if I do it for 2 years I would gain solid experience and proven work in security.  Then I could go into computer forensics which is another area I would like to specialize in.

Thanks again for great the adivce.

On a another note what do you guys consider to be an appealing job in the areas of IT security?
Logged
Don't just think out of the box. There is no BOX !!


MCSA, MCSE, CEH
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.07 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.