Heorot.net 1DCPT

docricedocrice Member Posts: 1,706 ■■■■■■■■■■
So for the last week I've been steadily going through the "Shodan" course which covers introductory professional pentesting. I hadn't previously heard much about others taking it, but given the relatively low cost for this intro course I figured it might be worth a shot.

I'm wrapping up my final submission now, and I'm realizing that I'm probably not going to be a professional pentester in the future. While the subject of performing authorized attacks is all fine and dandy, there's a lot of documentation work involved. Those of you who do this for a living can tell me how far off the mark I am. While doing documentation isn't a big deal for me (I do it all the time at work), I think when you're doing pentests, it gets real tedious after a while. I understand the need to have supporting evidence and to cover your rear-end, but I'm used to just running the commands and getting stuff done. When following an established methodology, you have to collect everything to ensure that you can "show your work."

I think a lot of folks looking into pentesting are thinking more along the lines of tools and techniques, but what this class has taught me is that in the professional world, there's a heavy emphasis on process / methodology and planning, in addition to the actual work on the command-line. This course is very self-guided and while there are videos to watch, there aren't too many. Also, if you've worked with some of the basic tools before, you probably won't learn much new technically here. It's more about understanding the steps to do a job for a client, looking beyond the obvious during the assessment, and providing a final report.

At this point, I'm mostly done with the final part of the class "exam," but I have serious doubts about how complete it is. I just kind of want to get it over with and move onto my next thing. I tried to get in contact with the instructor on some issues as well as post on their forum, but given the holiday weekend I haven't had much luck in getting a response. Oh well.

Has anyone else gone through this course yet? How did you feel about it? As someone who just went through the Offensive Security WiFu course, this was a different experience indeed.
Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/


  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I haven't taken it (yet -- it's on my list), but that sounds like a fantastic course. Yes, things are very much that way on a professional level. It's not just about covering yourself; it's about providing value to the customer. They're likely paying thousands of dollars to have you perform that service. Are you just going to send them an email with a few paragraphs regarding what you've done?

    My reports will often run from 100-200 pages depending on the length of the engagement, number of systems, number of vulnerabilities found, etc. A lot of that will be screen shots and tool output; I'm not writing 200 pages of text. However, there's still a lot of formatting to be done to organize everything and draw the reader's attention to the interesting or important elements of the image or output.

    I probably spend 1/3 to 1/2 my time writing, depending on what services were performed. I don't mind the pen test or social engineering reports since it's kind of like writing a story. You can re-live the rush if you brought the pwnage ;) On the other hand, writing IT audit and risk assessment reports damages my soul. I'm just not the same afterwords.

    I believe that both eLearnSecurity and Offensive Security (for the OSCP) require you to write reports as well. OffSec has a decent sample report up here, if you haven't seen it before: http://www.offensive-security.com/offsec-sample-report.pdf
Sign In or Register to comment.