.

Pentest: Working in team or alone?

<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Sep 21, 2010 9:32 am

Pentest: Working in team or alone?

I was wondering...

To the professional pentesters, do you work alone or in team?

On one hand, working in team is probably better. It's impossible to "know it all" and you can have experts on different topics. You can also discuss ideas and try to help each other. You can also finish the pentest faster.

But my reality is that companies that I work for are cheap, especially these days. They want a cheap pentest completed as fast as possible. The last two contracts I have got wouldn't pay the salary of two pentesters.

Also, I didn't hear much of "teamwork" on this forum. So hence my question, do you work in team and why?

I am so curious...  ;D
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

mambru

Jr. Member
Jr. Member

Posts: 98

Joined: Wed Jun 03, 2009 3:11 pm

Post Tue Sep 21, 2010 9:45 am

Re: Pentest: Working in team or alone?

We have a Tiger Team with 8 members, and depending on the dimension of the engagement and time we have to finish, we work either alone or in a small group (not more than 3).

I think working in team yields very good results, since as you say, a single person can't know everything.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Tue Sep 21, 2010 11:08 am

Re: Pentest: Working in team or alone?

I worked alone (for free / fun) at a company once, but later on I had to train another employee the basics to get started so I worked in a team but it wasn't really a team when the other employee was at that time just a trainee  :) But it was nice to have company instead of stressing about everything myself  ;) (I was under huge time pressure every time, like.. You got 2 hours to prove there's something big time wrong with their network :D )

However, back on topic. I believe a team of experienced Penetration Testers is definitely a big plus, in fact I believe they are probably able to achieve more if one is e.g. expert in Web App Sec, another in Software Exploitation, a third in Reverse Engineering, a fourth in Social Engineering etc.
Last edited by MaXe on Tue Sep 21, 2010 11:09 am, edited 1 time in total.
I'm an InterN0T'er
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Sep 21, 2010 6:02 pm

Re: Pentest: Working in team or alone?

I totally agree. I'm almost always alone, and I hate it. I'd much rather work with someone else. There's just a synergy that consistently produces better results; it goes beyond simply having different areas of expertise. Having someone else to brainstorm with really helps generate ideas.
The day you stop learning is the day you start becoming obsolete.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Tue Sep 21, 2010 6:45 pm

Re: Pentest: Working in team or alone?

I definitely wish that I was part of a team sometimes.  Bouncing ideas off another person can really save time and headaches.  Unfortunately, that rarely happens for me.  This is why this place is so valuable to me.  Even if it is after the fact, I can still learn something new.
~~~~~~~~~~~~~~
Ketchup
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Sep 21, 2010 8:11 pm

Re: Pentest: Working in team or alone?

I'm almost always alone, and I hate it.


I definitely wish that I was part of a team sometimes.  Bouncing ideas off another person can really save time and headaches.  Unfortunately, that rarely happens for me.


It is the same with me. I am always alone and, even worst, I am still just starting in this field!!! I really work hard to check every little things, trying not to forget anything. But I have to figure out methodologies and tools all by myself. I would really appreciate working with a more experience pentester. I feel I would learn 6000 times faster...

But the worst thing is, did I miss anything?!? At least, everytime, I feel I gave everything I could. Ahhh, it's so hard to get experience!!!  :P
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Tue Sep 21, 2010 10:36 pm

Re: Pentest: Working in team or alone?

I do not know guys, I am still learning but why you do not partner with somebody that will help you remotely sometimes in some specific areas. It is not easy is like a marriage but you can try.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Sep 22, 2010 6:50 am

Re: Pentest: Working in team or alone?

impelse wrote:I do not know guys, I am still learning but why you do not partner with somebody that will help you remotely sometimes in some specific areas. It is not easy is like a marriage but you can try.



I'll occasionally text or email other members of my team who are back at the office or at some other location if I think they can provide some insight into what I'm dealing with. That's not the same has having multiple people dedicated to the same project/engagement though.
The day you stop learning is the day you start becoming obsolete.
<<

wmburke

User avatar

Newbie
Newbie

Posts: 17

Joined: Wed Sep 15, 2010 5:20 am

Post Thu Sep 23, 2010 9:50 am

Re: Pentest: Working in team or alone?

It’s been my dilemma for a long long time :) IN a perfect world ye right ???

I typically only take on Pen Tests that are larger, so I can incorporate a small team to get the best results. I am no expert in every area like Cisco, DB, Coding etc, so I plan the assessment based on doing what I can knowingly do very well and then bring in specific experts in the other areas where my skills are lacking expert levels. Its tough when companies dictate what resources you have available. So we just learn to be creative and think outside the box :)
"If the only tool you have is a hammer, you tend to see every problem as a nail"
Abraham Maslow
<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Mon Sep 27, 2010 2:06 am

Re: Pentest: Working in team or alone?

This is a topic I am also very interested in.  I currently work alone and I am a junior level Pen tester! It frustrates me a lot because I want to learn from others and understand where I may miss things and maybe even show my seniors a thing or two. I asked a similar question in the thread below.  I believe it does depend on the company though as I have a few friends here in the UK whom have informed me that there must be at least 2 people working on one assignment.

http://www.ethicalhacker.net/component/ ... ic,6069.0/
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Sep 27, 2010 8:27 am

Re: Pentest: Working in team or alone?

I currently work alone and I am a junior level Pen tester! It frustrates me a lot because I want to learn from others and understand where I may miss things

Very good comment, which bring this question:

I am too, a junior pentester. I work in a small city where it is very difficult to find other pentesters. Can I work as a pentester, without having a more senior guy watching over my shoulder?

I try very hard to do the best job possible, but knowledge is power. I can certainly find the "low hanging fruits" and even the medium ones, but where I can maybe find one or two high ones, I am not sure at all if I had miss a few...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Mon Sep 27, 2010 4:07 pm

Re: Pentest: Working in team or alone?

@H1tM0nk3y - I hear ya!

I too perform tests and 9 out of 10 times I will find XSS, XSRF, Logic Flaws, Access control issues, but have certainly realised that blind SQLi is not my strong point and am almost sure I have missed it on some tests... Format string vulnerabilities are not soo easy for me either.... I have been doing this for almost 6 months so am new to it but really really have a hunger to know that I have covered all areas.... Apparently my work is being checked by my more senior team members but what does "checked" mean?  If they are not performing a thorough test, surely they will only pick up the long hanging fruit also??
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Sep 27, 2010 6:14 pm

Re: Pentest: Working in team or alone?

T_Bone, we are in the same boat...

And I see another one coming: being asked to be an incident handler at the last minute... Where I work, no one can do this job. Yes, I see this coming big time...

In this case, I will only accept to do it while a more competent company takes over (like, within an hour or so!). I could definitively stop an attack, but I will certainly screw up forensic evidences and so on.

Like being junior in the pentest world (but at least not in IT!), every security problems come to me since I am the only one where I work who "can" handle these things. I guess I have to see it as if I don't do it, no one will.

But that being said, I am not a complete ignorant either!  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

facsimil3

Newbie
Newbie

Posts: 6

Joined: Wed Oct 20, 2010 10:44 am

Post Wed Oct 20, 2010 11:50 am

Re: Pentest: Working in team or alone?

I'm my personal opinion, its always better to have a team, since working with other guys can be less stressful and besides can help you find out the things that you are missing.
you cant be a guru in everything.
besides you have somebody to talk too and discuss other ways of performing the tests.
;D
<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Thu Oct 21, 2010 6:02 am

Re: Pentest: Working in team or alone?

@ facsimil3

This is exactly how I see it!  :)
Next

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software