Search the Community
Showing results for tags 'pentester'.
so i got my usb rubberducky in the mail, and upon watching the instructionals on youtube i have to say im at a complete loss of wtf to do. im new to all this. ive tried downloading the duckencoder but the .jar file cant be opened. i also downloaded DuckyScript UDL, Duck Firmware.hex, and notepad ++. still im stumped. please help!
No, I'm not going to ask "How do i become a pentester" what I want to know is How did YOU become a pentester? What is a good course of action to find a job with a firm that does pentesting? what/who might they be looking for? are there internships? what if your experience is limited? for instance I have done security testing with back-track/kali but mostly white box stuff as part of my roll in general security. I am mostly self taught. I want to get more experience and want to do this full time however it seems like a chicken and egg scenario where as in order to get a job pentesting I need experience but to get experience I need to have worked doing pentesting. OR I would have had to do black/grey hat type stuff. its not that easy to get access to a corporate network (legitimately) to practice on and practicing on my home network seems not enough. I would guess that a "job interview" would consist of a lab. "here is a laptop, get from point A to B and avoid detection" or something like that to prove you understand the basics of pentesting (recon, foot printing, exploiting, cover your tracks reporting etc etc.) maybe I am looking at it the wrong way I dont know. I dont know anyone else who even remotely comes close to being a "hacker" even within my peers at work. I know tons of people who can implement security solutions but none who can audit it strangely enough. I know a brilliant web coder and I asked him if he can help me audit web apps he said "I dont know how to hack". what have some of your experiences been?