How to be a penetration tester?

IlikeITIlikeIT Member Posts: 10 ■□□□□□□□□□
I am interested becoming a penetration tester. where can I start? I have A+, network +, now doing sec+.
is there a nice course to take or I can learn by myself?

Comments

  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    I would search the forum using the Advanced Search button. There are entire threads dedicated to that subject. Also, check out the following forum:

    The Ethical Hacker Network
  • the_hutchthe_hutch Banned Posts: 827
    For starters, stop taking CompTIA exams. Though actually, Sec+ does offer a good introduction. PenTesting comes down to actual skills, not knowledge of concepts (which is what most certs are going to provide). You need to start getting your hands dirty and you will find out quickly that you are in over your head (and you always are in this field...its constantly changing and you never catch up...you just try to be more caught up than the next guy). Build a lab...virtual or hardware. Then I'd recommend starting with Metasploit (emphasis on "starting"). There are two very good (and FREE) courses for metasploit:

    Vivek Ramanchandran's "SecurityTube Metasploit Framework Expert" (SMFE) and Offensive Security's "Metasploit Unleashed"

    Metasploit Unleashed

    SecurityTube Metasploit Framework Expert « SecurityTube Trainings
  • the_hutchthe_hutch Banned Posts: 827
    Once you get a feel for things, your first real milestone should be OSCP (Offensive Security Certified Professional). Some might tell you otherwise, but in my experience, OSCP gets the most notariety, because it is hands-on/real-world. For many, its something you prepare for before jumping into it. To be successful in the course, you should be familiar with attack concepts (with emphasis on web apps) and TCP/IP fundamentals, and you should be knowledgeable in Python scripting, Bash, Linux Assembly, and a decent working knowledge of Linux in general.
Sign In or Register to comment.