CEH Cert

Viewing 6 reply threads
  • Author
    Posts
    • #4600
      keith
      Participant

      Hi All,
      I’m new to this and appreciate all of you that share your experience. Have done some research, been in IT areas for a long time but not as a programmer.  Sounds like pen testers need a pretty high level of coding expertise to be really good at it.  Am I right??

    • #28667
      UNIX
      Participant

      Welcome to the forums, keith.
      As you are asking in the CEH subforum, I assume you are asking in regards of the CEH exam. If so, then no uberspecial knowledge in programming is required in order to pass, though one should be able to read some code and understand some of the basic concepts.

    • #28668
      unsupported
      Participant

      It is not a prerequisite to be a great coder to be a great pen tester.  Understanding coding will assist you in breaking down possible threat vectors of your own, rather than using someone elses code.

    • #28669
      KamiCrazy
      Participant

      I think you need to at least be able to code in python/ruby in order to be a good pen tester. I just can’t see how you can be a good pentester without being able to write your own exploits.

    • #28670
      keith
      Participant

      I see the obvious benefit of being fluent in coding, but I’m thinking libraries (functional code sets) would be available for those like me to adapt for specific instances – sort of like readily available CSS code modules for website development – long as I was able to understand the code and make mods.  And one couldn’t help but improve the more they practice it.  Anyone’s thoughts about that?  Thanks

    • #28671
      KamiCrazy
      Participant

      One of the big things IMO that separates a pen tester, who just knows how to run a tool and use automated scans vs a great pen tester is the ability to write your own exploits.

      One of the best frameworks for developing exploits currently is metasploit and if you want to write modules for metasploit you must be able to write code in ruby.

      Advanced hacking courses like OCSE and CEPT etc devote a large amount of their curriculum to coding. Not simply writing the exploit code but things like fuzzing and learning the nuances of x86 assembly.

    • #28672
      keith
      Participant

      KamiCrazy – Thanks so much for your comments.  You make sense – don’t know how great I’ll be but if it means learning ruby/metasploit then so be it.  Just finished some coursework in xhtml/css so I’ll just carry on…
      Tks again

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?