Hi! This message has been typed in MS-word and then edited. (The auto save feature comes in use some times)
Anyways, like I said I appreciate constructive criticism, so thanks for the suggestions
I appreciate your enthusiasm and wanting to know more about pentesting and ethical hacking, but ALL of your questions can be found in other threads and/or Google.
Thanks, and I will try to post questions only after searching using Google and the search box in this forum. If I canít find an answer or I donít understand anything, then I will post it here
(Can you just answer the pen-testerís dream question? I want an inside view of a pen-testing job, thanks
Please don't take this the wrong way, but you really seem to be putting the cart before the horse here. Metasploit shouldn't even be on your radar when the difference between the OSI and TCP models is still a mystery.Ē
I donít mean to actually learn Metasploit right now. I set up this thread with an idea of making a plan to become a pen-tester. Right now Iím just collecting details to construct the plan. i.e. I wanted to construct the overall plan and then jump into it. But, do you recommend coming up with the next steps of the plan after completing the initial steps? If so, then I will follow that idea
I just want you to really consider the massive amount of information you need to absorb and develop a realistic timeline for your goals. Ē
Donít worry; I donít plan on finishing all of the things on my plan in one year or so. I am perfectly OK with the 10 year plan. Hereís my scenario:
I am currently about to turn 17.
I will not be able to properly study the hacking techniques for the next 1 year approx. (I have important exams that I am pressurized to do well at.) (That leaves me with approx. 9 years to learn hacking before I go into a pen-testing position. I am confident of my learning abilities and I will work hard, so Iím pretty sure that I can achieve all my goals in this gap.
For example, you could set obtaining your CCNA as your first short-term goal,
Ok, but I did some research of my own and CCNA cert is not even mentioned here:http://infiltrated.net/TechnicalSecurityRoadmap.html#
(I still plan on getting it, I just would like your opinion on this)
look at the table of contents of a couple of Security+ guides and some hacking books. You need to know learn about all the areas listed.
Iíve done what you said and I would like to know if you would recommend getting Comp TIA or Microsoft certified in Security +. Oh and someone once told me that self-study was the best way to become a hacker by researching on the hacking topicsÖcan all the info about hacking topics be found using Google?
Thanks for all the other information posted in your last post too.
Finally, hereís a bit of my plan everyone: (Master 1 step and then proceed to the next)
1) Read A+ material. (To capture the grains of knowledge that have thus escaped my grasp.
Read up on the OSI and its working. Purchase ďOperating System Concepts, Seventh EditionĒ (Why is this more than 3 times cheaper than its successor?)
2) Read up on networking. Master content in Odomís books.
3) Proceed to TCP/IP Volume Illustrated, learn as much as I can
4) ? (Should I read the other Cisco books on routers and stuff now)
5) Start gaining knowledge of specific OS. Preferably Linux, Windows server, XP, 7)
6) Learn programming. (I already know the basics of C and C++ and I plan to promote this step up the order, is that ok? And one more q: Which programming language would you recommend for writing toolsÖ.Iím thinking Python is the easiest for this purpose.
Start learning database management (Is knowing basic SQL commands enough?) and assembler(knowing to read shellcode is enough or do I have to be able to write it too?
Well, this WAS my plan before you said to learn web-app stuff tooÖ.Hmmm,
Where do I fit in learning that?
Note: I plan to complete what unicityd said before proceeding to the content included in Silís link
So...... any changes to the plan(its not finished)? Or is it OK?
Awaiting your wisdom.........