TAnarchy wrote:Hello, hopefully this is the right part of the forum to post this. I am trying to learn more about a career in penetration testing. I was wondering, do testers tend to specialize in either Network penetration testing or Application penetration testing, or do they tend to do both?
Often they specialize in application (i.e. program) security or web application security, where network security is another part as well. There are of course, those who specialize in network security only, but they are often security engineers and not penetration testers, unless they attack the protocols themselves.
In my current job, we have people in those 3 fields, plus other mandatory fields for everyone, such as but not limited to wireless security, physical security (social engineering), PCI (that's another team), etc.
So yeah, I forgot to mention people specialize in PCI as well, but that's not penetration testing though, even though some parts of it is related somewhat when you have to check whether a client is in PCI scope or not.
amolarakh wrote:According to me
Pentester is Professional Entity which knows everything about Network/Infrastructure/Application/Physical Security for a client. And knows nothing about that client for outsider.
It is impossible to know "everything". No matter how many years, no matter how much experience you got, there will always be old, perhaps extremely old, new, or very new things, even current things you will not know about.
I often see people extremely skilled in application security (reverse engineering, buffer overflows, heap overflows, dep, rop, aslr, etc), who are brilliant in this field, but lacks knowledge in web application security. (Often crucial and specialist understanding of how everything can be tied together, including many of the possible attack vectors. Knowing the most basic ways can be taught to anyone, even non-hackers.)