Penetration Testing
Re: career advice Nov 23 2011 04:11AM
Nathalie Vaiser (nvaiser gmail com) (2 replies)
Re: career advice Nov 23 2011 02:49PM
tom (tom g13net com)
Re: career advice Nov 23 2011 02:17PM
Enis Sahin (enis c sahin gmail com) (1 replies)
Re: career advice Nov 23 2011 06:13PM
Dr. Lizzz (dr lizzz gmail com) (1 replies)
On Wed, Nov 23, 2011 at 6:17 AM, Enis Sahin <enis.c.sahin (at) gmail (dot) com [email concealed]> wrote:
> There are great replies posted but I just wanted to share my thoughts
> about programming skills and hacking/pentesting in short.
>
> Being able to read code and understand it is essential just like
> everybody said. Being able to write code is a little different in my
> opinion. I was getting things done without writing my own code and
> tools/scripts developed by others was satisfying my needs for some
> time. It's only after I had some years of experience I had a better
> attacker mind set and wanted/needed to utilize more elaborate
> strategies, then the free tools started falling short of satisfying my
> needs.
>
> I find it analogous to playing a musical instrument. When your
> understanding and ideas of music exceeds a certain threshold you stop
> playing cover songs and start innovating :)
>
> Enis

People who can read code can write code. Maybe not fast, maybe
not optimally, but reading and understanding code implies that you
know all the syntax and semantics you will encounter. If you don't
know what you don't know, you don't know what you do know. It
strikes me that if people really understood what they were writing
half the time, the net would be a much safer place.

I'd suggest the original poster stick with network security, or
see what interviewing turns up. No sense in learning something
that you won't need unless you feel driven in that direction.

lizzz

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: career advice Nov 24 2011 09:37AM
psiinon (psiinon gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus