Zero to Pentester real quick

So I have a strong background in technology in general, and I have been in the Security realm for a short bit.

in 2016 I will be doing some pentesting for my company. I have never done it before personally or professionally.

Anyone been in a similar position?

Any recommendations on books or certs? Probably use the eLearnSecurity certs as a starter guide, and that Metasploit book

Find more posts tagged with

Comments

iBrokeIT

Besides eLearnSecurity?
OSCP
SEC560 / GPEN and SEC542 / GWAPT

Certs are just OK but being able to understand different programming languages and write your own scripts and exploits seems far more valuable.

Why do you want to do pen testing? Seems to me everyone wants to do it so there is high competition for a few jobs so what will set you apart from everyone else?

John Strand is one of my favorite speakers at SANS conferences and this video seems relevant: https://www.youtube.com/watch?v=Yo4oP2eyDtI

Mike-Mike

Well, I have never done it, so I dont that I'm going to want to do it. However it sounds interesting, and yes I know it's not tv show hacking all day, I know it is full of writing reports,etc

I'm quite verbose, and pretty used to writing reports on various subjects.

But the main reason I want to learn now is my job wants me to do it. I'm at a small company, so I'm an all in one security guy.

iBrokeIT

Ah fair enough. If your job is pushing you in that direction then you should request that they match your efforts by ponying up for a SANS course or two.

TechGuru80

If you are a small company..,what you get to do will be limited. I would say start with CEH. Even if you do not take the exam it helps to give some information that will be useful. OSCP videos and coursework is great for putting tactics to the test.

Mike-Mike

well I have CEH, I dont feel it really taught my anything other than terminology

Mike-Mike

I thought OSCP was for people who already know how to pentest, and it was more or less proving they know their stuff?

It is not for a beginner, right? or am I wrong in my assumption

TechGuru80

Oh gotcha...well they take you through how to do the tactics and recommend intermediate Linux skills. It's definitely harder and the exam is practical but you can learn a lot.

iBrokeIT

Well... you did say "real quick" so that is why I suggested the OSCP to see if you have what it takes.

I agree with Techguru80 that if you don't have very good linux skills you will need to address those first since most of your tools are going to be run from a Linux environment. I would suggest LinuxAcademy.com which is a very good site with labs.

After you have those down PluralSight.com has some very good intro to Kali Linux videos that give you a small demo on some of the tools but ultimately you will need to lab lab lab those up. Also YouTube has a wealth of info from all the Cons and is very underrated.

Good luck!

Mike-Mike

iBrokeIT wrote: »

Well... you did say "real quick"

sorry, that was my dumb play on Drake's 0 to 100 song

fuz1on

Mike-Mike wrote: »

sorry, that was my dumb play on Drake's 0 to 100 song

Not dumb - witty! Haha...

I recommend 'The Web Application Hackers Handbook: Finding and Exploiting Security Flaws', Stuttard, Pinto - Wiley if you want to go the Layer 7 route as well as eSecurityLearning SRL for training/certification.

I'd recommend the Elite All-Access Package but it probably costs at least 5 to '10 Bands' nowadays but it's worth it to take all those courses 'Back To Back'. Otherwise, when you 'Start From The Bottom' it's hard to 'Know Yourself' and your natural ability. All and all, 'The Motto' of it all is to have enough 'Energy' to learn what you "Preach' and put it in your work to become a "Legend' because we all just want to be 'Successful'. 'What A Time To Be Alive'!!!

BlackBeret

For books: Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman,
Courses: eLearnSecurity's courses are great, OSCP requires a LOT of self-development but the end result is great. It is geared towards beginners in pentesting as long as you have a basic IT background you'll be good to go on it.

NovaHax

iBrokeIT wrote: »

Seems to me everyone wants to do it so there is high competition for a few jobs

I don't agree with this at all. There are way more pentesting jobs than there are qualified candidates to fill them. My company plus many other firms that I know of are constantly looking. If you are qualified...I can guarantee you that you will have a job with really good pay and benefits on top of it. The problem is finding people who are actually qualified...rather than people who just think it would be cool to be professional hacker.

zxshockaxz

fuz1on wrote: »

I recommend 'The Web Application Hackers Handbook: Finding and Exploiting Security Flaws', Stuttard, Pinto - Wiley if you want to go the Layer 7 route

I would agree with this. The Web App Hackers Handbook is, imo, the webapp pentesting bible and covers most of the common issues.
The gray hat hacking books, and the hackers playbooks are both very informative as well.

gespenstern

Here's what I get in my feed today:

https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/

Cyberscum

"whole squad on that real isht"

I say get a copy of Kali Linux and a free manual. Try out some different tools and see what is interesting too you.

beads

Appreciate that the author states PenTesting like all security is really a fancy audit beneath the covers.

- b/eads

Mike-Mike

gespenstern wrote: »

Here's what I get in my feed today:

https://www.corelan.be/index.php/2015/10/13/how-to-become-a-pentester/

this was pretty good

MrAgent

Jump in head first and go after the OSCP. You'll learn a ton.

TechGromit

Mike-Mike wrote: »

in 2016 I will be doing some pentesting for my company. I have never done it before personally or professionally.

May I ask why they are asking you do the pentesting? Are they looking for the cheapest way to preform a pentest by utilizing in house staff? While you certainly could add value to any pentest team based on your knowledge of the companies infrastructure, sending you in alone with no experience / training / support has Fail written all over it.

Mike-Mike

TechGromit wrote: »

May I ask why they are asking you do the pentesting? Are they looking for the cheapest way to preform a pentest by utilizing in house staff? While you certainly could add value to any pentest team based on your knowledge of the companies infrastructure, sending you in alone with no experience / training / support has Fail written all over it.

well I didn't necessarily say I would be alone without training / support...

We get third party testing, but a solid security plan should have internal testing as well.

I have worked for 3 different companies in the top 20 of the Fortune 500, this company is not that. Part of the reason I came to a smaller company is to be able to touch as many things as possible in the Security domain, instead of being stuck doing one task in one role, etc. This was addressed by me and the company in my interview, it was understood that i would eventually dabble in pentesting.

Also I'm not a noob, I have 15 years of experience working in technology roles, I have an Associate, Bachelors, Masters, and 22 certifications... so I know a little something..

Everyone starts somewhere, my Pentesting career could start here. The company will provide training, and potentially a vendor to assist. However I hate going in blind, I was looking for pointers to be as familiar as I can before I start

LionelTeo

For paid courses sponsor, SANS Sec 560 at the live event will be your best option. They have a good mini lab at the live event to bring you to a good level where you can start to figure out things on your own. If out of your pocket, try OSCP. Good linux skill and good thinking skills is what the requirement base on what I had gathered from the forum users who passed.

For books, try The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. I also recommend Advanced Penetration Testing Guide for Highly Secured Enviroment (the ultimate security guide); even though the contents is really at advanced level. The books explained concepts fairly easily.