I need an experienced person to help me out here
Fou'ad
Member Posts: 16 ■□□□□□□□□□
Hi guys, I've been looking into posts here for the past 3 days and I thought about registering and asking you some questions
I'm a 21 year old man taking my Applied Linguistics bachelor degree at the moment ( I know I should get out of here since I'm not an IT dude )
so in 2013 I started college with the Computer Science major, I wasn't lucky due to the very complicated mathematical subjects in the major ( well at least they are THAT complicated to me ) so I switched to Applied Linguistics instead 'cuz that's all I could study CS or Applied Linguistics.
well, thing is I've been into IT security since I was 14 years old ( too young ikr ? ) it's been my passion since then.
by the time I was 15 I was able to deal with metasploit,nmap,Backtrack ( at that time instead of Kali now ).
by the time I was 17 I started pentesting web applications finding different kind of vulnerabilities XSS,SQL Injection,CSRF,LFI,RFI and many other web application related exploits
succeeded in pentesting many governmental organisations and websites online and kept that as a secret to myself.so since school started I couldn't land my hands on any IT related stuff, so now here I am coming back and I didn't lose much information.
my questions are:
Will taking courses like OSCP,
CISSP
I'm a 21 year old man taking my Applied Linguistics bachelor degree at the moment ( I know I should get out of here since I'm not an IT dude )
so in 2013 I started college with the Computer Science major, I wasn't lucky due to the very complicated mathematical subjects in the major ( well at least they are THAT complicated to me ) so I switched to Applied Linguistics instead 'cuz that's all I could study CS or Applied Linguistics.
well, thing is I've been into IT security since I was 14 years old ( too young ikr ? ) it's been my passion since then.
by the time I was 15 I was able to deal with metasploit,nmap,Backtrack ( at that time instead of Kali now ).
by the time I was 17 I started pentesting web applications finding different kind of vulnerabilities XSS,SQL Injection,CSRF,LFI,RFI and many other web application related exploits
succeeded in pentesting many governmental organisations and websites online and kept that as a secret to myself.so since school started I couldn't land my hands on any IT related stuff, so now here I am coming back and I didn't lose much information.
my questions are:
Will taking courses like OSCP,
,OSWP,OSWE help me in getting a job in the future regarding my major atm ?
what's the salary a person holding these certificates get ?
is it actually wanted from companies to have those stuff ?
what types of jobs I can get ?
Thank you so much for giving me your time in advance.
( sorry if I posted in the wrong section still my first post )
what's the salary a person holding these certificates get ?
is it actually wanted from companies to have those stuff ?
what types of jobs I can get ?
Thank you so much for giving me your time in advance.
( sorry if I posted in the wrong section still my first post )
Comments
-
Params7 Member Posts: 254cyberguypr wrote: »I have to ask, what's with the formatting of your post?you have something about us center formatting folks?
OP - I would focus on finishing your linguistics degree at the moment. Degree is a degree and if you're far in - finish it. It seems you have an aptitude for security so in your free time - I would go for some beginner level security or networking certs. I think your focus should be on entering the IT industry, and then branching off to the security side. With your background and interests in the subject it shouldn't be a challenge once you enter. Maybe someone with more experience in Security side can give you more recommendations. -
Fou'ad Member Posts: 16 ■□□□□□□□□□you have something about us center formatting folks?
OP - I would focus on finishing your linguistics degree at the moment. Degree is a degree and if you're far in - finish it. It seems you have an aptitude for security so in your free time - I would go for some beginner level security or networking certs. I think your focus should be on entering the IT industry, and then branching off to the security side. With your background and interests in the subject it shouldn't be a challenge once you enter. Maybe someone with more experience in Security side can give you more recommendations.
thing is I can't find anything new on the internet lol
I just need the damn cert -
guy9 Banned Posts: 59 ■■□□□□□□□□I think certs are fine and dandy and education is fine and dandy. I also think that if you are "experienced" the things listed that you claim you can do, you could possibly have someone take a chance on you, hire you. I think it's a difference between someone who "deal with" and someone who is proficient in tools, applications so on and so forth. I deal with SQL Databases that doesn't mean I am proficient per se.
Off Topic: Sometimes people run "tools" on a system and that tool exposes a vulnerability or enables you to do this or do that. I can give my grandma a program and tell her to run this or that and use these "built in tools" that doesn't make her qualified or a pentester. It is numerous programs you can install that will find vulnerabilities free and purchased programs. I could run a scan and find vulnerabilities, my grandma can run a scan and find vulnerabilities. Not saying you did that though.
On Topic:
That Linguistics Degree isn't a bad degree to have. I assume getting in with certain agencies and traveling could very well be doable. I will also assume you can make a great deal of money. IF you come into IT, a good portion of people start off making 30-50K with various entry level roles. Nothing is wrong with having two degrees. In conclusion, I know people who don't have degrees at all and just have experience and certifications and easily break 6 figures. I am all for degrees, but I don't think they are needed as much unless you're getting into Management. I will say that some jobs require them, some -
Fou'ad Member Posts: 16 ■□□□□□□□□□I think certs are fine and dandy and education is fine and dandy. I also think that if you are "experienced" the things listed that you claim you can do, you could possibly have someone take a chance on you, hire you. I think it's a difference between someone who "deal with" and someone who is proficient in tools, applications so on and so forth. I deal with SQL Databases that doesn't mean I am proficient per se.Off Topic: Sometimes people run "tools" on a system and that tool exposes a vulnerability or enables you to do this or do that. I can give my grandma a program and tell her to run this or that and use these "built in tools" that doesn't make her qualified or a pentester. It is numerous programs you can install that will find vulnerabilities free and purchased programs. I could run a scan and find vulnerabilities, my grandma can run a scan and find vulnerabilities. Not saying you did that though. On Topic: That Linguistics Degree isn't a bad degree to have. I assume getting in with certain agencies and traveling could very well be doable. I will also assume you can make a great deal of money. IF you come into IT, a good portion of people start off making 30-50K with various entry level roles. Nothing is wrong with having two degrees. In conclusion, I know people who don't have degrees at all and just have experience and certifications and easily break 6 figures. I am all for degrees, but I don't think they are needed as much unless you're getting into Management. I will say that some jobs require them, some
-
Robertf969 Member Posts: 190Of the CERTS you listed, OSCP would be your best bet at landing a Pen-testing GIG as a fresher. CISSP requires 5 years of verifiable infosec experience and grey hat hacking is not verifiable infosec experience, even though (ISC)2 would probably accept it at this point. If you already have pentesting down to a science you should be able to swing the OSCP with a good amount of practice. Then maybe if you network your ass off, maybe do some CTF competitions and meet the right people, maybe someone will take a chance on you in a pentesting roll fresh out of college. If not you will have to what most people do to get into infosec. Go the long way, start at a helpdesk, branch off into networking or system administration (preferably both), do this for 4-7 years building strong fundamentals, and hopefully by then if you still want to do security you will be able to find a position. Or do what I did, join the Military in an IT roll and happen into Security by accident.
As far as salary is concerned check out Glassdoor.com, a lot is based on location and experience but it should help you get an idea.
Good luck, and stop posting on public forms that you were doing active recon and pentesting govt sites.