Penetration Testing
Re: career advice Nov 23 2011 02:45PM
Enis Sahin (enis c sahin gmail com)
I don't regard writing your own scripts or tools for a pentest as
being a destructive skill but I guess it's a matter of point of view
:)

I hope I was able to get my point across about the need to create your
own thing as you know more, do more and have ideas that you have to
address yourself.

Enis

On 23 November 2011 16:29, James W. Meritt <jwmeritt (at) aol (dot) com [email concealed]> wrote:
> The skill to destroy a building (demolition) is not the same as the skill to
> construct a building.
>
> James W. Meritt
> CISSP, CISA, NSA IAM, PMP
>
>
> -----Original Message-----
> From: Enis Sahin <enis.c.sahin (at) gmail (dot) com [email concealed]>
> To: Nathalie Vaiser <nvaiser (at) gmail (dot) com [email concealed]>
> Cc: pen-test <pen-test (at) securityfocus (dot) com [email concealed]>
> Sent: Wed, Nov 23, 2011 4:21 am
> Subject: Re: career advice
>
> There are great replies posted but I just wanted to share my thoughts
> about programming skills and hacking/pentesting in short.
> Being able to read code and understand it is essential just like
> everybody said. Being able to write code is a little different in my
> opinion. I was getting things done without writing my own code and
> tools/scripts developed by others was satisfying my needs for some
> time. It's only after I had some years of experience I had a better
> attacker mind set and wanted/needed to utilize more elaborate
> strategies, then the free tools started falling short of satisfying my
> needs.
> I find it analogous to playing a musical instrument. When your
> understanding and ideas of music exceeds a certain threshold you stop
> playing cover songs and start innovating :)
> Enis
> On 23 November 2011 06:11, Nathalie Vaiser <nvaiser (at) gmail (dot) com [email concealed]> wrote:
>>
>> I wanted to thank everyone who responded to my question.
>>
>> I wasn't expecting so many replies (and quality responses).  You have
>> all been extremely helpful and given me a lot to think about and
>> useful resources to look into.
>>
>> I'm proud to be a member of this great community.
>>
>> Nathalie
>> CEH, MCP, MCTS, Linux+
>>
>> ------------------------------------------------------------------------

>> This list is sponsored by: Information Assurance Certification Review
>> Board
>>
>> Prove to peers and potential employers without a doubt that you can
>> actually
> do a proper penetration test. IACRB CPT and CEPT certs require a full
> practical
> examination in order to become certified.
>>
>> http://www.iacertification.org
>> ------------------------------------------------------------------------

>>
> --
> http://www.enissahin.com | http://twitter.com/enis_sahin
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
> Prove to peers and potential employers without a doubt that you can actually
> do
> a proper penetration test. IACRB CPT and CEPT certs require a full practical
> examination in order to become certified.
> http://www.iacertification.org
> ------------------------------------------------------------------------

>

--
http://www.enissahin.com | http://twitter.com/enis_sahin

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus