.

Question about penetration testing specialties

<<

TAnarchy

Newbie
Newbie

Posts: 5

Joined: Sun Dec 30, 2012 7:18 pm

Post Sun Dec 30, 2012 7:29 pm

Question about penetration testing specialties

Hello, hopefully this is the right part of the forum to post this. I am trying to learn more about a career in penetration testing. I was wondering, do testers tend to specialize in either Network penetration testing or Application penetration testing, or do they tend to do both?

Thank you
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Sun Dec 30, 2012 8:45 pm

Re: Question about penetration testing specialties

There are folks that go one direction or another, and there are folks who are more rounded and do both.  I'd suggest, at least initially, that you explore both, but focus your time in whichever area is your 'strong suit', then, once you get a feel for things, decide whether to be a generalist, or continue to focus in a specific area.

I consider myself a solid / strong generalist, but I have no issue teaming with folks whom I know are specialists in a given realm, if it means that A.) I'm free to focus on certain areas for a given test, and B.) the overall result can be more detailed and 'all inclusive' for certain engagements.

Hope that makes sense.  ;D
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Dec 31, 2012 8:43 am

Re: Question about penetration testing specialties

Welcome TAnarchy  to EH.net!

I agree with Hayabusa, you should start with both and maybe do like I did, learn more and more in "layers". What I mean by that is to learn the basic of both and once you are starting to understand what you are talking about, go a little more deeper in both, then do this again and again and again.

I personally believe that a very good network penetration tester who has no clue what SQL Injection is, then this person is a poor pentester. On the other hand, someone who knows a lot about application vulnerabilities but has no idea what a reverse proxy is, may not be able to test or leverage vulnerabilities in his applications.

So to me, you must know both to be good at either of them...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

TAnarchy

Newbie
Newbie

Posts: 5

Joined: Sun Dec 30, 2012 7:18 pm

Post Tue Jan 01, 2013 11:13 am

Re: Question about penetration testing specialties

Thank you for your answers and Happy New Year. I am currently an (web) application developer considering moving into security, so the application side is much easier for me to understand but I'll definitely try to learn the basics of both.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Jan 01, 2013 8:27 pm

Re: Question about penetration testing specialties

I am also a Web Application Developer (Java) and I started about 5 years ago studying information security.

I could probably give you a few hints...  ;)

My path was:
1- GSEC (very good certification to learn the basic)
2- CEH (also a good base, bore "attack-oriented" than GSEC)
3- Worked -- A LOT -- on OSCP, but didn't pass the exam. Learn a lot of new things. PWB is the best course I have ever taken. Worth every penny.
4- GPEN (quite easy after having worked on OSCP...)
5- CISSP (A must have to work, but the worse exam I have ever written...)
6- GWAPT (My first web application certification, because I already knew a lot on the subject and wanted a cert to back my experience)

But my goal is to be a pentester, not a manager. So you may feel that a different path would be better for you. But to me, GSEC than OSCP will give you a strong base in information security, regardless which "specialization" you choose.

Keep posting your questions on this forum, we are lucky to have experts in every field!
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

ziggy_567

User avatar

Sr. Member
Sr. Member

Posts: 378

Joined: Tue Dec 30, 2008 1:53 pm

Post Wed Jan 02, 2013 11:38 am

Re: Question about penetration testing specialties

In my limited experience, the level of specialization required of a pentester is directly proportional to the size of the consulting firm you work for. The bigger the firm, the more specialization you can have. Smaller firms tend to need consultants that can do a lot of things well.
--
Ziggy


eCPPT - GSEC - GCIH - GWAPT - GCUX - RHCE - SCSecA - Security+ - Network+
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Wed Jan 02, 2013 2:26 pm

Re: Question about penetration testing specialties

As a pentester it is better to learn both but i prefer to learn net pentesting first then app pentesting
ICS Academy Network Security Certified
<<

amolarakh

Newbie
Newbie

Posts: 2

Joined: Sat Jul 07, 2007 8:26 am

Post Wed Jan 02, 2013 4:57 pm

Re: Question about penetration testing specialties

Hi there,
This is Amol Here,
I done CEH,RHCE,RHCA,RHCSS. Having 8 years exp in Linux Security & Application Security.
Though this is my first post, I am member of EH from 2007.

According to me
Pentester is Professional Entity which knows everything about Network/Infrastructure/Application/Physical Security for a client. And knows nothing about that client for outsider.
<<

Amidamaru

User avatar

Newbie
Newbie

Posts: 14

Joined: Wed Jan 05, 2011 10:55 am

Post Mon Feb 11, 2013 9:49 am

Re: Question about penetration testing specialties

With some time ago I've got an interview for a pentesting position into NZ.

Two younger and nice guys discussed with me in one and a half hour different technical aspects and attacking vector details from Wifi until OWASP Top 10.

Later on I found that one from them is well known into underground world and he works mainly as a freelancer.

However, at some point I asked them how much do their care about certifications and they let me know that into the pen-testing world all it matters is to gain root into the systems, whatever you have or have not specific certification.

The interview ends with the invite to proof my skills into their virtual lab which it seems for me the very fair method to get eventually the job.

I'm not a natural born hacker or something and I needed / I need to learn all the time.  I'm not good or bad but but just guided by Edison motto:

"Genius means 1% inspiration and 99% effort"...more or less :)

Bottom line, in my opinion, you should learn from pleasure and if this learning activity can gets you some paper too then why not?
"A genius is one percent inspiration and ninety nine percent perspiration." Thomas EDISON
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Feb 11, 2013 10:24 am

Re: Question about penetration testing specialties

Bottom line, in my opinion, you should learn from pleasure and if this learning activity can gets you some paper too then why not?

And for many of us, "pleasure" turned to "pain" before going back to "pleasure" again...  :D

All jokes aside, Amidamaru is right: if you don't love it, you can't spend the required effort into it. You just need to go one bite at a time. You're interested in wifi? Have fun for a few weeks exploring that. Then switch your interest on whatever interests you at that time. I think it's a nice way of not getting overwelm by all the materials that needs to be learn...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Mon Feb 11, 2013 11:55 am

Re: Question about penetration testing specialties

H1t M0nk3y wrote:
Bottom line, in my opinion, you should learn from pleasure and if this learning activity can gets you some paper too then why not?

And for many of us, "pleasure" turned to "pain" before going back to "pleasure" again...  :D

All jokes aside, Amidamaru is right: if you don't love it, you can't spend the required effort into it. You just need to go one bite at a time. You're interested in wifi? Have fun for a few weeks exploring that. Then switch your interest on whatever interests you at that time. I think it's a nice way of not getting overwelm by all the materials that needs to be learn...


It is true, you became overwelm with a lot of fields in security, one bit at the time.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Mon Feb 11, 2013 9:51 pm

Re: Question about penetration testing specialties

TAnarchy wrote:Hello, hopefully this is the right part of the forum to post this. I am trying to learn more about a career in penetration testing. I was wondering, do testers tend to specialize in either Network penetration testing or Application penetration testing, or do they tend to do both?


Often they specialize in application (i.e. program) security or web application security, where network security is another part as well. There are of course, those who specialize in network security only, but they are often security engineers and not penetration testers, unless they attack the protocols themselves.

In my current job, we have people in those 3 fields, plus other mandatory fields for everyone, such as but not limited to wireless security, physical security (social engineering), PCI (that's another team), etc.

So yeah, I forgot to mention people specialize in PCI as well, but that's not penetration testing though, even though some parts of it is related somewhat when you have to check whether a client is in PCI scope or not.

amolarakh wrote:According to me
Pentester is Professional Entity which knows everything about Network/Infrastructure/Application/Physical Security for a client. And knows nothing about that client for outsider.


It is impossible to know "everything". No matter how many years, no matter how much experience you got, there will always be old, perhaps extremely old, new, or very new things, even current things you will not know about.

I often see people extremely skilled in application security (reverse engineering, buffer overflows, heap overflows, dep, rop, aslr, etc), who are brilliant in this field, but lacks knowledge in web application security. (Often crucial and specialist understanding of how everything can be tied together, including many of the possible attack vectors. Knowing the most basic ways can be taught to anyone, even non-hackers.)
I'm an InterN0T'er

Return to Career Central

Who is online

Users browsing this forum: No registered users and 3 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software