I'm looking to get started in the world of Penetration Testing with the aim to make it my career. The company I work for has indicated that it may be able to help out with training and finances as part of my development as they are looking to bring some pen testing in house but while this is being sorted I'd like to put myself in the best possible position.
I currently work as a manual tester and am mainly involved in testing UNIX server software and applet based GUI's. I have a good working knowledge of UNIX (currently use Solaris) and SQL as well as VB. I have also dabbled with Linux at home.
So far I've browsed the forums here as well as looking at the Offensive Security and Remote Exploit websites. I've downloaded and just started playing with BackTrack 2 as well as begun readig a book on pen testing (can't remember the title). I've also ordered a book on TCP/IP (TCP/IP: Jumpstart by Andrew Blank) as I've read a good knowledge of networking is fundamental.
Can you suggest anything else in terms of websites/books/free or cheap online courses that I can be looking at that will help my progress. Also, can you recommed the best certsto be looking at for when I get something sorted through my work.
Thanks in advance