.

noob here looking for some help!

<<

intriplicate

Newbie
Newbie

Posts: 1

Joined: Sat Mar 30, 2013 9:31 pm

Post Sat Mar 30, 2013 9:39 pm

noob here looking for some help!

hey everyone. jumped on this forum looking for some guidance from you guys. a little bit about my self. i am currently a network engineer for a relatively small company.  looking to get into penetration testing. i have been studying the subject heavily for the last 3 years or so. i love my current job, but it is not the position i want for the rest of my life. i love learning about network security. any tips about how i can break into the field? my current certs are ccna and A+. what are your guy's opinion on CEH, security+ and GPEN? i feel i can take any of those tests no problem at this point. ANY guidance or advice would be awesome. thanks !
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Sat Mar 30, 2013 10:47 pm

Re: noob here looking for some help!

You can go in any direction, it is depend of your knowledge. Just begin with a couple of tools.

I like to begin with dictionary attack again a machine, later you can use metasploit, with that you have a lot of fun and time consuming.

Later you will begin to learn about methodologies (those are good), more tools, attacking vector, other exploits, etc, etc.

In the beginning everybody is a script kiddy, lol
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sun Mar 31, 2013 1:25 am

Re: noob here looking for some help!

hi intriplicate,

welcome to ethicalhacker.net! it's great your already in the field as a network engineer - moving over to pentesting for you shouldn't be extremely difficult! The CEH is heavily known in the industry and gets recognition, but passing the examination doesn't demonstrate to an employer that you have the knowledge to break into anything.

Courses with Practical Level exams such as Offensive Security 's Penetration Testing with BackTrack with accompanying OSCP Certification, Cracking the Perimeter course with accompanying OSCE Certification are finally gaining some popularity amongst people looking to hire Penetration Testers. These classes make you think, and go way beyond the standard multiple choice examination format to test your skills.

A competing course in regards to the CEH, and a good way to get some practical hands-on level experience is eLearnSecurity's Penetration Tester Pro v2. With this course, comes an attempt at the eCPPT Certification. "eLearnSecurity Certified Professional Penetration Tester (eCPPT) is an Ethical Hacking and Penetration Testing Professional certification offered by eLearnSecurity. The eCPPT exam requires the student to carry out a real penetration test against a target and to build a penetration testing report. The eCPPT is part of a growing trend of Professional certifications requiring practical portions demonstrating competency in performing the tested duties." - Source wikipedia.org I took Version 1 of their course, and thought it contained great material. They've significantly improved Version 2. Awhile back there was an exclusive save 5% on enrollment offered for EH.NET members, but not sure if this is still being given out or not.

HackingDojo.com has some great affordable training, as does SecurityTube. Unfortunately, none of these Vendor's Certifications are highly requested when you do a search for a list of requirements that an Employer wants to see on a Resume under 'Certifications'. They still remain though, affordably priced, and maintain a good reputation.

Moving right along with you mentioning the possibility of getting the Security+ and GPEN Certifications added to your Resume, these are DoD Approved 8570 Baseline Certifications, and are also known well among HR.

My personal advice, besides exposing some alternate training sources you could look into to help hone your skills, is I say give PWB a shot. If you've been studying the subject heavily for the past 3 years, you've got to be very comfortable with BackTrack or *Nix enough to take some training from its Developers. If you have an understanding wife, can fit it well in with your work schedule, and want to get the most bang for your buck, it's definitely worth a shot.

Lastly, feel free to look and search around more here on the Forum. This site has been around for years, and common is it that we are asked how does one gain entry down the Ethical Hacking road. Were all here to help you along the way, and your among a great community.
Last edited by KrisTeason on Sun Mar 31, 2013 1:26 am, edited 1 time in total.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP

Return to Career Central

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software