Another new guy

[Deadpool614]

Howdy to all. I've been a "guest" on EH for about 3-4 months now and finally decided I'd regester. I'm just starting my journey into Pen testing, exploitation, and forensics. I've been tinkering with BT since BT4 came out, so not very long lol. My end goal is to become a Pentester/ CEH and I'm really excited to become a sponge for all the knoledge out there. At this point I have a fairly good grasp on Linux (I run Ubuntu and CentOS) and some basic knowledge of SOLARIS. I also have started to learn the wonders of programming with Python.

If there is anyone out there looking to mentor or chat with a newbie and help guide me in the right direction I'd be most grateful. Keep on tinkering

[BillV]

As I'm sure you expect, having lingered around for a while, we're all anxious to welcome you to the community.

Sounds like you're well on your way and starting down a path. Do you currently work in IT or is this just a hobby/interest of yours that you'd like to eventually make a career?

Feel free to shout with any questions. All sorts of people willing to help out here.

Bill

[Deadpool614]

Do you currently work in IT or is this just a hobby/interest of yours that you'd like to eventually make a career?

I am currently in the Army where I work on Satallite communacations systems as well as computer/voip networks. I also am certified to do fiber optic cable. I’m going to be getting out in the next year and would like to give myself a leg up before I finish my service. 

[millwalll]

Hi deadpool614,

First of all welcome to the forums and feel free to drop me a line I am happy to try help you with advice even tho my advice is tailored towards UK pen testing. I would say get ready to learn lots ask lots question breaking into pen testing is no easy task and is upwards battle. I would say try get some certs behind you depending on money and experience. If you looking for a cheap cert to start you off OSWP is cheap if you have a bit more money I would recommended elearsecurity they just update it and its well worth the money. I would not attempt OSCP until you have a bit of experience. If you are based in the UK then you defo want get rather the Tiger QSTM or CREST CRT cert.

[Deadpool614]

Jamie,

Thanks for the warm welcome I'm going to have to wait a few more months before I can do any hands on work with certs as I am currently deployed :/ . Aside from that I have done a good amount of the course work for Sec+ and Net+ and was looking to test for those when I get back to the US. I was also looking to get my CCNA (a buddy and I are going to split the cost of a CCNA lab kit when we get back). I have been looking at Hackingdojo.com as well as the OSWP but I want to see if I can get the military to pay for it as "professional training."

[millwalll]

cool makes sense there also course from mile 2 what i believe offer special discounts to personal in the army.

[Deadpool614]

I'll have to look into that, I'm trying not to break the bank as I'll be getting out of the service in about a year and would like to have a bit saved up for when I go to college.

[BillV]

You should have access to various DoD-related training material. If you're current position qualifies or considers you as IA then there are different things out there. You may want to look into the CERT VTE as well. Lots of good training there that may be free for you (CISSP, SSCP, Sec+, Net+, CEH and a whole host of others).

[Deadpool614]

You should have access to various DoD-related training material. If you're current position qualifies or considers you as IA then there are different things out there. You may want to look into the CERT VTE as well. Lots of good training there that may be free for you (CISSP, SSCP, Sec+, Net+, CEH and a whole host of others).

In my previous unit I was an IMO so I do have my Centcom IA and ISSO certs as well as nearly finishing up the Linux+ training (my prefered server OS). I started the C|EH but the program is kinda buggy and my internet connection right now leaves much to be desired.

[don]

Thanks for joining us, but more importantly, thank you for your service.

There's some great advice already given on how to get free or inexpensive training, so if there's anything else you need now or when you get back, just let us know.

Don

[Deadpool614]

Don,

 Thank you for the support. I have already gained a lot of knowledge just by going through the forums and the links to other sites. I've also almost finished the army's version of C|EH thanks to some of the information found from those links. I just wish I would have had this drive to learn before I deployed.

[Novice hacker]

I'm new to this forum and


I have a couple of questions.

I'm also starting to learn how to hack    and I want to learn how to become a future ethical hacker...

Can someone please help me and answer these questions


1.  Which programming languages should I learn to become a hacker?

2. Do I have to know database management to become a hacker?

3. What scripting languages and web designing languages do I have to know?

4. What is the best book for learning the basics of netowrking?
 
PLEASE help this aspiring newbie
Thanks in advance

[hurtl0cker]

@Novice Hacker

this link seems to answer a lot of ur queries
http://www.infiltrated.net/pentesting101.html

and yeah, learning about databases will certainly help a lot, good place to start would be, free classes by Stanford.
http://www.db-class.org/course/auth/welcome

I would recommend to start with TCP/IP Illustrated 2nd edition(Kevin Fall) or any good CCNA book for networking basics.

[Novice hacker]

@hurtl0cker

Thank you very much for your kind advice and your time spent on answering my queries! I am sure it will help me  a great deal 

Could you please also take the time to answer the following questions as well?

1) What are the certifications required to get a job as an ethical hacker?

2) What scripting languages and web designing languages do I have to know? (I know I already asked but it wasn't addressed in the website that you recommended

3) Do I have to be an elite programmer or is it ok if I just know basic programming?

Thanks in advance

Eagerly awaiting your reply......

[hayabusa]

1.) Certifications vary by the job.  Headhunters look for different things, and even if you get by those, the truly technical folks might expect other certs.  There's no 'right or wrong' list.  If I were to interview you, I'd want to see that you were dedicated to learning (by seeing some of the certs,) but would then question you to see what your true / retained / practical knowledge was.

2.) Any / all languages are good, to at LEAST have base knowledge of.  You don't have to be an 'uber programmer' or anything, but understanding program flow, the stack, and scripting are definitely a plus.  Get familiar with Python, bash and 'some' assembly.  After that, it's a matter of choice / preference (C, Ruby, Perl, others...)

3.) See #2