Zero to Pentester real quick

So I have a strong background in technology in general, and I have been in the Security realm for a short bit.

in 2016 I will be doing some pentesting for my company. I have never done it before personally or professionally.

Anyone been in a similar position?

Any recommendations on books or certs? Probably use the eLearnSecurity certs as a starter guide, and that Metasploit book
Currently Working On

CWTS, then WireShark

Comments

  • iBrokeITiBrokeIT GRID, GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,312 ■■■■■■■■■□
    Besides eLearnSecurity?
    OSCP
    SEC560 / GPEN and SEC542 / GWAPT

    Certs are just OK but being able to understand different programming languages and write your own scripts and exploits seems far more valuable.

    Why do you want to do pen testing? Seems to me everyone wants to do it so there is high competition for a few jobs so what will set you apart from everyone else?

    John Strand is one of my favorite speakers at SANS conferences and this video seems relevant: https://www.youtube.com/watch?v=Yo4oP2eyDtI
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
  • Mike-MikeMike-Mike Member Posts: 1,860
    Well, I have never done it, so I dont that I'm going to want to do it. However it sounds interesting, and yes I know it's not tv show hacking all day, I know it is full of writing reports,etc

    I'm quite verbose, and pretty used to writing reports on various subjects.

    But the main reason I want to learn now is my job wants me to do it. I'm at a small company, so I'm an all in one security guy.
    Currently Working On

    CWTS, then WireShark
  • iBrokeITiBrokeIT GRID, GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,312 ■■■■■■■■■□
    Ah fair enough. If your job is pushing you in that direction then you should request that they match your efforts by ponying up for a SANS course or two.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    If you are a small company..,what you get to do will be limited. I would say start with CEH. Even if you do not take the exam it helps to give some information that will be useful. OSCP videos and coursework is great for putting tactics to the test.
  • Mike-MikeMike-Mike Member Posts: 1,860
    well I have CEH, I dont feel it really taught my anything other than terminology
    Currently Working On

    CWTS, then WireShark
  • Mike-MikeMike-Mike Member Posts: 1,860
    I thought OSCP was for people who already know how to pentest, and it was more or less proving they know their stuff?

    It is not for a beginner, right? or am I wrong in my assumption
    Currently Working On

    CWTS, then WireShark
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Oh gotcha...well they take you through how to do the tactics and recommend intermediate Linux skills. It's definitely harder and the exam is practical but you can learn a lot.
  • iBrokeITiBrokeIT GRID, GICSP, GCIP, GXPN, GPEN, GWAPT, GCFE, GCIA, GCIH, GSEC, CySA+, Sec+, eJPT Member Posts: 1,312 ■■■■■■■■■□
    Well... you did say "real quick" so that is why I suggested the OSCP to see if you have what it takes.

    I agree with Techguru80 that if you don't have very good linux skills you will need to address those first since most of your tools are going to be run from a Linux environment. I would suggest LinuxAcademy.com which is a very good site with labs.

    After you have those down PluralSight.com has some very good intro to Kali Linux videos that give you a small demo on some of the tools but ultimately you will need to lab lab lab those up. Also YouTube has a wealth of info from all the Cons and is very underrated.

    Good luck!
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
  • Mike-MikeMike-Mike Member Posts: 1,860
    iBrokeIT wrote: »
    Well... you did say "real quick"


    sorry, that was my dumb play on Drake's 0 to 100 song
    Currently Working On

    CWTS, then WireShark
  • fuz1onfuz1on Member Posts: 961 ■■■■□□□□□□
    Mike-Mike wrote: »
    sorry, that was my dumb play on Drake's 0 to 100 song

    Not dumb - witty! Haha...

    I recommend 'The Web Application Hackers Handbook: Finding and Exploiting Security Flaws', Stuttard, Pinto - Wiley if you want to go the Layer 7 route as well as eSecurityLearning SRL for training/certification.

    I'd recommend the Elite All-Access Package but it probably costs at least 5 to '10 Bands' nowadays but it's worth it to take all those courses 'Back To Back'. Otherwise, when you 'Start From The Bottom' it's hard to 'Know Yourself' and your natural ability. All and all, 'The Motto' of it all is to have enough 'Energy' to learn what you "Preach' and put it in your work to become a "Legend' because we all just want to be 'Successful'. 'What A Time To Be Alive'!!!
    timku.com(puter) | ProHacker.Co(nsultant) | ITaaS.Co(nstultant) | ThePenTester.net | @fuz1on
    Transmosis | http://transmosis.com | LinkedIn | https://linkedin.com/in/t1mku
    If evil be spoken of you and it be true, correct yourself, if it be a lie, laugh at it. - Epictetus
    The only real failure in life is not to be true to the best one knows. - Buddha
    If you are not willing to learn, no one can help you. If you are determined to learn, no one can stop you. - Unknown
  • BlackBeretBlackBeret Member Posts: 684 ■■■■■□□□□□
    For books: Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman,
    Courses: eLearnSecurity's courses are great, OSCP requires a LOT of self-development but the end result is great. It is geared towards beginners in pentesting as long as you have a basic IT background you'll be good to go on it.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    iBrokeIT wrote: »
    Seems to me everyone wants to do it so there is high competition for a few jobs

    I don't agree with this at all. There are way more pentesting jobs than there are qualified candidates to fill them. My company plus many other firms that I know of are constantly looking. If you are qualified...I can guarantee you that you will have a job with really good pay and benefits on top of it. The problem is finding people who are actually qualified...rather than people who just think it would be cool to be professional hacker.
  • zxshockaxzzxshockaxz Member Posts: 108
    fuz1on wrote: »
    I recommend 'The Web Application Hackers Handbook: Finding and Exploiting Security Flaws', Stuttard, Pinto - Wiley if you want to go the Layer 7 route

    I would agree with this. The Web App Hackers Handbook is, imo, the webapp pentesting bible and covers most of the common issues.
    The gray hat hacking books, and the hackers playbooks are both very informative as well.
  • CyberscumCyberscum Member Posts: 795 ■■■■■□□□□□
    "whole squad on that real isht"

    I say get a copy of Kali Linux and a free manual. Try out some different tools and see what is interesting too you.
  • beadsbeads Senior Member Member Posts: 1,520 ■■■■■■■■■□
    Appreciate that the author states PenTesting like all security is really a fancy audit beneath the covers.

    - b/eads
  • Mike-MikeMike-Mike Member Posts: 1,860


    this was pretty good
    Currently Working On

    CWTS, then WireShark
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    Jump in head first and go after the OSCP. You'll learn a ton.
  • TechGromitTechGromit GSEC, GCIH, GREM, Ontario, NY Member Posts: 2,062 ■■■■■■■■□□
    Mike-Mike wrote: »
    in 2016 I will be doing some pentesting for my company. I have never done it before personally or professionally.

    May I ask why they are asking you do the pentesting? Are they looking for the cheapest way to preform a pentest by utilizing in house staff? While you certainly could add value to any pentest team based on your knowledge of the companies infrastructure, sending you in alone with no experience / training / support has Fail written all over it.
    Still searching for the corner in a round room.
  • Mike-MikeMike-Mike Member Posts: 1,860
    TechGromit wrote: »
    May I ask why they are asking you do the pentesting? Are they looking for the cheapest way to preform a pentest by utilizing in house staff? While you certainly could add value to any pentest team based on your knowledge of the companies infrastructure, sending you in alone with no experience / training / support has Fail written all over it.

    well I didn't necessarily say I would be alone without training / support...

    We get third party testing, but a solid security plan should have internal testing as well.

    I have worked for 3 different companies in the top 20 of the Fortune 500, this company is not that. Part of the reason I came to a smaller company is to be able to touch as many things as possible in the Security domain, instead of being stuck doing one task in one role, etc. This was addressed by me and the company in my interview, it was understood that i would eventually dabble in pentesting.

    Also I'm not a noob, I have 15 years of experience working in technology roles, I have an Associate, Bachelors, Masters, and 22 certifications... so I know a little something..

    Everyone starts somewhere, my Pentesting career could start here. The company will provide training, and potentially a vendor to assist. However I hate going in blind, I was looking for pointers to be as familiar as I can before I start
    Currently Working On

    CWTS, then WireShark
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    For paid courses sponsor, SANS Sec 560 at the live event will be your best option. They have a good mini lab at the live event to bring you to a good level where you can start to figure out things on your own. If out of your pocket, try OSCP. Good linux skill and good thinking skills is what the requirement base on what I had gathered from the forum users who passed.

    For books, try The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. I also recommend Advanced Penetration Testing Guide for Highly Secured Enviroment (the ultimate security guide); even though the contents is really at advanced level. The books explained concepts fairly easily.
Sign In or Register to comment.