Pen Testnig Interviews
BuhRock
Member Posts: 71 ■■□□□□□□□□
So I was thinking it'd be cool to hear what others had experienced in penetration testing interviews, be it jr or sr level. I've done one jr interview about a year and half ago. I was given an offer, but I turned it down. I had a couple of interviews, one at a bar with a director. The second was a phone interview with his team who grilled me on almost every single penetration testing topic there is. They wanted to see how much I knew. At the time, I didn't do any exploit dev so when they started asking about things more advanced than the simple buffer overflow, I didn't know. Other things were the obvious, SQLi, xss, LFI, metasploit, scripting, nmap, protocols, crpytography, etc. After that, I had to do a sample assessment against one of their lab machines and write them a report. I also had to do a source code review and pick out the bugs. This was for a junior role by the way, I had just completed my OSCP with no professional experience doing a penetration test. As I said, I got the job, but couldn't take it at the time due to issues with my employer at that time.