Jump to content
Hak5 Forums
AtomShards

Starting pen testing

Recommended Posts

Hello, I'm really interested in the computer field and have tried doing things like kali linux and hacking into bandit but i never got too far because i lacked the effort and knowledge. I am now looking to get into a pen testing field as in my country there is currently a large need for computing experts and I've met with some of them and to be honest, i can out perform some of them and i have no clue what I'm doing. I'm currently working in a pc repair store so i have plenty of opportunities to test out my new skills instead of leaving it to the boss when things get too difficult. So if anyone could help me get started or teach me that would be awesome! All help is greatly appreciated, thank you :D

Share this post


Link to post
Share on other sites

It isn't the glamorous, fast track into security that some people want, but I think the best way is to get a good solid grounding in all the associated skills first. Get to know Linux and Windows well, not just using them, but everything about them. Installing and maintaining services, building networks, routing, bouncing packets around, remote protocols such as ssh and smb. Understand how Windows privileges work across domains so you can take a user on one machine and user their privileges across multiple machines. If you want to look at web apps, learn some programming, install web apps in many languages and frameworks, PHP, .NET, Jango, Rails, get the different databases working, troubleshoot all the problems you have.

Once you've done all that, making the transition across to security is a lot easier as a lot of it is suddenly obvious, for example Windows privilege escalation is easy if you understand user permissions and how to use them across the network.

As I say, it isn't the quick and shiny way in but it is the best and will make you a much better tester and if you try to learn "hacking" or "pen testing" which are both just different ways to say using the system and understanding it well.

Share this post


Link to post
Share on other sites

Basically, know how to be a sysadmin, OS guru and network monkey, before jumping into the deep end of the pool. Pentesters that know this stuff because most of them come from that background first, and generally do because they know where the weaknesses are in the setup and misconfiguration of most systems and networks because they spent time setting them up previously in their career. Maybe not all of them, but a lot of them start that side of the fence. A lot of those guys started out as general Windows and Linux admins, with certs for things like MCSA, CCNA, etc, and have a well rounded understanding of networking, protocols and services and how all of that connects to one another.

This is only a small part of the puzzle though. Writing shellcode and lower level things will require more than just throwing a hell mary from metapsloit at a system, require time and dedication. Understanding what is happening, and why, is more important that how many shells you can pop, and popped shells != pentesting. There are a lot of things to take into consideration, from scope, impact to business and finances, etc.

People who think they know more, tend to know the least. Just in my experience. I know enough, to know I don't know enough. You can't learn anything, if you think you know everything already. Be humble, and curious would be my suggestion. Those people you think you know more than, could probably teach you many things more than you know already, and all of which, would help you in the long run.

Share this post


Link to post
Share on other sites

I agree with most of what digip said. I myself haven't got any sysadmin certifications or anything like that, it's just a matter of the willingness to listen and learn. I've learnt more than I ever have in the past year when it comes to computers and networking. Before I bought a Bash Bunny I'd never used Linux, never needed to. I'd touched Mac before but pretty much hated it as soon as I did.

14 hours ago, digip said:

People who think they know more, tend to know the least. Just in my experience. I know enough, to know I don't know enough. You can't learn anything, if you think you know everything already. Be humble, and curious would be my suggestion. Those people you think you know more than, could probably teach you many things more than you know already, and all of which, would help you in the long run.

This paragraph basically sums up the attitude I've had and am still having.

Fact of the matter is, if you want to go into business IT you will need certifications or something that officially states that you've done the learning part.
You don't need to go into the certifications and things if you want to have the know-how though. You can learn a lot by just researching, asking questions, looking for answers, playing around with Linux/Windows etc.

You can dive in but you won't hit the bottom, let alone see it. No one's holding a sword to your back forcing you to dive in either ;)

There's also no sharks, but I've heard there's pirates that try and steal your loot.

Share this post


Link to post
Share on other sites

I'm currently a student at a cyber security specific school/bootcamp. I just finished my 2nd week of 12. We're in class M-F 40/week at a minimum. Sometimes school work is done on the weekend in class as well. 

Some of the instructors have a wall of certs some have 0 certs. But the reoccurring message is the same:

Do you have the grit/drive/chutzpah/huevos/curiosity,  to put one foot innfront of the other and keep learning/discovering/asking questions/researching?

If you lack effort I would not recommend the cyber security and pen-testing career field. No certificate can make up for genuine passion. 

  • Like 1

Share this post


Link to post
Share on other sites

So, I agree with all the above, especially @reubadoob.

One thing you really need is the drive to learn more, research, find.  One big part of pentesting is recon.  Recon involves lots of research.  

With that said, the more you know about the system you are exploiting, the more easier and probable you will find an exploit if one exists.  This goes with what @digip quotes about.

If you are exploiting a Windows system then the more you know how to admin it, the more easier you can find the faults.  Windows Server is the same and of course knowing all the components like DHCP, DNS, AD, SMB, you see where I am going with this. 

I have to say, knowing how to code helps a bunch.  It gives you a deeper understanding of the lower level exploits, how they work, tweak them if you have to because of something different in one system to the next.  You can also learn from the code in other people's tools.  A lot of my learning comes from that.  Finding exploits in compiles code involves having assembly and debug skills.

Pretty much the more you learn, the better you are.  I don't mean just learn how to use the exploit tools, learn why they work.

Share this post


Link to post
Share on other sites

I have been using different forums for a while now to find solutions to all the problems I cause for my self when I'm at a computer. I know this is a little off topic but I have not read a lot of threads like this that did not have the whole all-knowing attitude that people seem to get when they have cool icons next to their name. I have found quickly that the people on here are not only willing to help but happy to help. 

This community makes the hours in front of my systems much more enjoyable.  Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×