Penetration Testing
Best route to penetration testing learning Jan 03 2012 07:34PM
wlandymore (will landymore hotmail com) (2 replies)
Re: Best route to penetration testing learning Jan 07 2012 02:25PM
robertwood50 gmail com
The SANS courses are pretty good in that you will actually be learning useful information, not just information required to pass a test. Also, for a lot of Security Consultant jobs, either the CISSP or a GIAC cert is required so this is another reason to get involved with SANS.

In my opinion, books are great but they only get you so far. You only retain the knowledge in a book for so long unless it is put into practice. For reading I would recommend subscribing to security research and current pen testers blogs as you will get the most up to date content. When new attacks are posted, try to replicate them yourself inside of a VM lab, starting to do this will get your hands dirty to start. There are also plenty of challenges out there that can feed your skills, the more practice you get with these tools and familiarity with different methodologies and attacks the more you can support what's on your resume.

Also, consider taking a technical writing course, whether a free or local community college one, or whatever. Being a strong writer is the most important skill of all, at the end of a test no matter how skilled of a tester you are, if you deliver a bad report then that's all the customer sees. Make sure your resume reflects this skill as well as communication.

Robert Wood

--Sent from my iPhone.

On Jan 3, 2012, at 2:34 PM, wlandymore <will.landymore (at) hotmail (dot) com [email concealed]> wrote:

>
> I'm new to penetration testing and recently took the CEH. I found that it was
> pretty basic but I was wondering if people had some insight as to the best
> route to take if you wanted to be a penetration testing engineer....
>
> Any courses/books that are mandatory that will help get me on my way, or
> other opinions as to how I can get into this?
>
> Thanks.
> --
> View this message in context: http://old.nabble.com/Best-route-to-penetration-testing-learning-tp33074
323p33074323.html
> Sent from the Penetration Testing mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: Best route to penetration testing learning Jan 07 2012 12:48PM
Archangel Amael (archangel amael gmail com) (1 replies)
Re: Best route to penetration testing learning Jan 09 2012 06:25PM
wlandymore (will landymore hotmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus