Entry Level to branch into PenTesting?
Nerkle
Member Posts: 20 ■■□□□□□□□□
Hiya yall!
I am in my early 20s currently and getting my first bachelor's degree in Cybersecurity. I will be graduating in Nov and preparing for what comes next. I want to get into PenTesting, but lack relevant internships(I did the Disney College Program Internship but it was more business related) or job experience in IT/InfoSec experience. I am currently practicing labs outside of class and preparing to take the OSCP. Some of my friends have suggested taking desk support jobs, but the ones around here that are looking for help are severely underpaying to the point that it will not make rent.
What would be a good way to branch into Pentesting to get that work experience? Should I continue seeking higher paying desk support jobs or what would be another entry level position that would best help transition into the PenTesting field?
If not any of these, what would you suggest? I truly appreciate any feedback. Thank you!
I am in my early 20s currently and getting my first bachelor's degree in Cybersecurity. I will be graduating in Nov and preparing for what comes next. I want to get into PenTesting, but lack relevant internships(I did the Disney College Program Internship but it was more business related) or job experience in IT/InfoSec experience. I am currently practicing labs outside of class and preparing to take the OSCP. Some of my friends have suggested taking desk support jobs, but the ones around here that are looking for help are severely underpaying to the point that it will not make rent.
What would be a good way to branch into Pentesting to get that work experience? Should I continue seeking higher paying desk support jobs or what would be another entry level position that would best help transition into the PenTesting field?
If not any of these, what would you suggest? I truly appreciate any feedback. Thank you!
Comments
Learn Python now too.
You are right though that OSCP is a bit of a challenge, I am currently studying some other labs first as introductions and before jumping into OSCP labs during my final months hoping that I would be ready but for the exam in October. Though, speaking of career fairs to attend, there is also a Cyberweek convention strictly for Cybersecurity pros and students that I was hoping to attend to that is coming up, so maybe having the Security+ would be best to have there and able to get it sooner than the OSCP. Hmmm.. That's something new to chew on, and I am excited to hear your suggestion that companies like certs such as Security+! Thank you, kMastaFlash!
Starting with free cybrary courses (I did eJPT back in 2015 but I forgot 90% of the course content)
Already finished https://www.cybrary.it/course/ethical-hacking/ and started https://www.cybrary.it/course/advanced-penetration-testing/
The main point here is to try to improve your skills, so, to follow the course I did the following:
Setup Kali Linux, and a couple of target VM's including ubuntu, debian (minimum install, no GUI), redhat, windows XP and windows server 2008.
Then setup LAMP server on the debian machine (Learn to setup Linux, Apache, mySQL,PHP, use ssh, scp and vi)
then at the web app section setup wordpress on the lamp server.
setup xampp on the windows XP machine
etc etc
So by the end of the courses you know more than pentesting.
Cheap course for $1 (college budgets bring me back)
https://stacksocial.com/sales/pay-what-you-want-white-hat-hacker-bundle
I already bought coursed on Udemy like "The Complete Cyber Security Course" all 4 parts of that course and the "Learn Ethical Hacking From Scratch" on a great discount sale awhile back. Though I did pinch up some savings and got the 6month labs for Ethical hacking from Cybrary a week back and tinkering in those too. Should I worry at all about SQL or study up on it too?
I heard there were options about Bootcamps for training for certifications and such. I am currently a dependent using the VA benefits for school. Is there a way to get into a penetesting bootcamp or other certification groups that falls under VA approval? Has anyone else used the VA to go such a route?
Make sure you have either "certification" or "both" selected in the menu. You can search on the organization or the certification but it it doesn't show up, sometimes it's entered in a different way. For instance, they entered CompTIA as both CompTIA and Comp TIA (with a space). There are a lot of options for someone with VA education benefits to use but they typically have the ones that have been around longer. If nothing else, you can always call up your local VA office (not the one at the college).
Called up the VA office like you said, and they say once I finish my degree program, I can do another program/bootcamp/and Certification with my left over funds. Though the Certification will be out of pocket but reimbursed taking off a month of my left over disbursement. They also gave me a list to choose from in my local area if I want to go to a bootcamp, but I will have to get it approved after my Degree if the bootcamp is not on the online list. https://www.vets.gov/gi-bill-comparison-tool/
I don't see OSCP on the list, but they do got a couple of bootcamps for CEH near me that say they are VA approved.