Advice for Starting out as a Pen tester

[CJHype]

Hi All,

This is my first post on this forum and was hoping to get some advice around becoming a pen tester.

My background

A+, Network +, CCNA, CCNA Security, CCNP Security

IT professional for over 10 years. 6 years in support roles (Helpdesk, desktop, Server) 3 years network and network security 1 year in Security management role.

I'm interested in moving my skills towards penetration testing as I really enjoy the technical side of things. I have done some of my initial research and this is the way I would like to proceed and I'm hoping this would give me the base skills to move into pen testing. My weakness are Linux and programming which I have had hardly any exposure to at all. The research I have done suggests to learn python or another programming language and Kali Linux.

stage 1

Currently reading Hacking exposed

Currently Studying Linux Kali course from Udemy

Currently studying python course from udemy

Looking at setting up a lab for practice (most likely to include a new laptop or desktop with Linux on it to get familiar with the O.S)

Practice! Practice! Practice! Download hacking tool sets metasploit, back track, nmap etc etc

Possibly study and pass certified ethical hacker ( I have heard that this course is only good for a high level)

stage 2

Study for Crest or OCSP (Most likely crest)

Apply for Pen testing Jobs

Can anyone make any other recommendations in my pursuit to become a pen tester?

[cooper]

Here's a few topics on creating your own pentesting lab and things to try to hone your skills.

https://forums.hak5.org/index.php?/topic/29824-build-your-own-hackingsecuritypen-testing-lab/

https://forums.hak5.org/index.php?/topic/32342-my-very-own-lab-version-1/

https://forums.hak5.org/index.php?/topic/32557-renes-devtest-lab-log/

https://forums.hak5.org/index.php?/topic/32838-is-there-such-a-thing/

Try to not learn Kali itself. Distro's come and go and Kali probably isn't going to be any different. The thing to learn is the toolset you'll employ. Outside of Metasploit, don't bother with any GUI-based tool. Learn the commands themselves. Learn their parameters. Get a feel of where the various tools' strengths are so that when you want to do something new you have a decent idea of which tools would probably allow you to do that.

Edited December 3, 2014 by Cooper

[CJHype]

Cooper, thanks for the reply. If I have understood correctly then you are saying not to necessarily Learn Kali? My Linux experience is very limited, and from the research I have done it suggests to learn Linux because a lot of the hacking will be done from this O.S. I'm going to install the O.S to get familiar, but could you recommend any other courses/learning for Linux that would complement becoming a Pen tester.

In terms of not using GUI's with the exception of Metasploit are you referring to learning the commands at a scripting level, is this what you mean? My research seems to suggest Python as a good starting out language for Pen testers would you agree?

Thanks very much for the links.

[cooper]

Learning Kali to come to grips with Linux is like learning to work with Eclipse to code Java or learning to operate a Ford Focus C-MAX so you drive - don't learn the implementation, learn the concept. Otherwise when the implementation changes for whatever reason, you might find yourself lost. Kali is favored by security folks because it comes with pretty much all their go-to tools preinstalled. Because most of those tools require root privs, they tend to recommend that you work in Kali as root which might make sense for that specific usage scenario, but also makes you vulnerable. Since you're a newbie to Linux in general, you might be better off just learning Linux - ANY mainstream Linux - just to get a feel for the environment and to learn to not run any odd combination of characters in a terminal on the assumption that it can't possibly do any harm. Something like this:

:(){ :|: & };:

That's a fork-bomb when run in a shell (i.e. don't run that).

I don't really know any courses. My advice would be to use it as your main OS for a bit. Try to do things with it you'd normally do with your current OS.

Many people new to Linux underestimate the power of the shell, immediately running towards some programming language when they want to do something. This bash.org quote sums it up nicely. Linux is chock full of simple, powerful tools that, when combined, can do amazing things.

Distros can bite you in the ass just as easily. Even today a pretty experienced admin sitting nearby asked me why a script he placed on a system wouldn't run, even though he's on the machine as root and he set read and execute privs on the script and everything it might need. Turns out the filesystem the script was on was mounted 'noexec'. Stuff like this you only learn by running into it.

Not learning GUI'd tools stems from the power of the shell. More often than not, the GUI gets glued on as an afterthought once the program has been built. More often than not, only a small part of the tool's total functionality is exposed via the GUI, and since it's in a GUI it's impossible to take the output and, say, directly filter it using grep, or parse it using awk. I'd say you should learn at least 1 editor, preferably vi but that's maybe just me - Windows people prefer nano as it's more akin to just DOS edit - and the following tools: man (put on the screen the manual of the command you give as a parameter), bash (the shell itself, so you know when and how to pipe streams to commands and how to switch between running commands), sed (mainly used to replace part of a text with something else) and grep (find matching lines in a text). Also, learn to wield the power of regular expressions. Once you experience the expressive power of a regex, you'll wonder how Windows managed to last so long without it.

One GUI tool I omitted but very worth while learning is Wireshark. If there's network traffic you're interested in, this is pretty much the go-to tool.

Learning Python won't do any harm and I do hear a lot of people in that field being very happy with it. As I'm not a pentester myself, I can't really comment on that. I've briefly looked at it but since I know quite a number of other programming languages that can scratch my various itches pretty well I never really got into it.

[Broti]

I would add Social Engineering... bw: anyone ever went dumpster-diving?! ;)

Oh and I would check out security talks on MSDN Channel 9 and Eli the computer guy.

[Sebkinne]

I have moved this thread to the questions forum. Please make sure to check that you post in the right place next time.

Best regards,

Sebkinne

[cooper]

anyone ever went dumpster-diving?! ;)

Not too long ago I went to the local dump to get rid of some of the girlie's leftover crap. They had this large container for electronics to be recycled and I'd say about 15% of the contents is made up of old computers. Old enough to not be worth your while to scavenge for parts, but it got me thinking and so the next time I went I also brought a screwdriver, grabbed the closest PC in there and ripped out the harddisk. That proved to be quite interesting.

Note that the people at the dump, at least over here, don't appreciate you screwing apart or taking away these devices (there's signs saying you're not supposed to do that ). Well, at least not without them knowing about it up front. If you want to give that a go, start out by asking if they'd mind. Most of the time these folks don't care either way as long as it doesn't get them into trouble. If they do mind and you still want to do this, wait a few days before going in and just taking away something from there.

I wouldn't make a habit out of it, but it can, at the very least, be a learning experience.