Shared thoughts after 6+ years in Pentesting

career
experience
pentesting

(Adam H) #21

What a great post! I just started my journey into the INFOSEC field about a month ago. (I’ve been a lurker here for about that long) I currently work in a computer help desk for a big company and after being here for 10 years I am finally wanting to do something more exciting. Back in 2006 I got a few cisco certs and some comptia certs. I am wanting to get into NETSEC and pentesting.

I guess I would love a little guidance with what I should do. I do not have a degree and it would all be self taught. I’ve started studying for my A+ exam because I thought it would offer a good refresher on the basics of computers etc but now I feel like maybe thats a waste of time. I really want to get a job in INFOSEC in about a year or so. Should I instead focus my time learning Linux,network and studying for the OSCP cert? I have already setup a virtual lab using virtualbox and I am starting to learn tools like Kali and backbox.

Below is some information I put together for “a plan” for reaching my end goal of getting into INFOSEC. I do feel its CERT heavy and I may not need everything I have in it.

Certifications I need for obtaining a job in INFOSEC/NETSEC.

A+
https://certification.comptia.org/certifications/a

Network +
https://certification.comptia.org/certifications/network

Security+
https://certification.comptia.org/certifications/security

Linux+
https://certification.comptia.org/certifications/linux

CCNA

MCSA: Windows 10
https://www.microsoft.com/en-us/learning/mcsa-windows-10-certifications.aspx

MCSA: Windows Server 2016
https://www.microsoft.com/en-us/learning/mcsa-windows-server-certification.aspx

Certifications to get after I get a job in INFOSEC/NETSEC.

Linux Foundation Certified Engineer (LFCE)
https://training.linuxfoundation.org/certification/lfce

Kali Linux Certified Professional (KLCP)

Offensive Security Certified Professional
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

Certified Ethical Hacking Certification
https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/

Certifications I need to get once I am in a security role for 4+ years

GIAC Penetration Tester (GPEN)
https://pen-testing.sans.org/certification/gpen

GIAC Mobile Device Security Analyst (GMOB)
https://pen-testing.sans.org/certification/gmob

GIAC Web Application Penetration Tester (GWAPT)
https://pen-testing.sans.org/certification/gwapt

GIAC Assessing and Auditing Wireless Networks (GAWN)
https://pen-testing.sans.org/certification/gawn

CISSP

Programming I need to learn.
Python

Powershell
https://msdn.microsoft.com/en-us/powershell/mt173057.aspx

I guess I just need some help with how I should go about this thing. :slight_smile:

maderas you seem VERY knowledable in what you do and thank you so much for taking the time out of your busy schedule to help us that are just starting out. :slight_smile:


(Not a N00b, but still learning) #22

Did you have a look at this? :slight_smile:


(Beware shameless self promotion :smile:)


(Adam H) #23

No but now I will!! Thanks so much. :slight_smile:


(https://twitter.com/hackermaderas) #24

Thisadamis-

Thank you for your kind words.

You already have 10 + years of technology experience…so that is a big plus.

If you are looking to go into pursuing a pentesting/InfoSec career within a year, I would whittle down your pursuits a bit (then get back after learning everything and anything afterward and forever more).

The OSCP would probably be the best thing to go after in such a short period. To help prep in that pursuit (looking over the list you posted) getting a solid understanding of Linux, Bash, Python and some Powershell (and applying what you learn/practice in a pentest lab) would definitely be helpful.

Personally, that is what I find myself using most when I am pentesting (Bash, Python, Powershell) now.

As well as studying for the OSCP, you may want to stay current on (and practice ) current pentesting techniques. Don’t skimp on some solid practice where privilege escalation is concerned; run killav, getprivs, getsystem or load mimikatz or load incognito in a straight shot are pretty rare these days.

Lately I have been loving Power Tools, CrackmapExec, Kerberoasting, Invoke Mimikatz and psexec_scanner.rb (not newish…but combined with Invoke Mimikatz…).

I mention these because they (or my strategies when using them) heavily call upon Powershell usage.

This place (in my view) in the best place to learn and hang your hat; the folks here are doing cutting edge stuff, and not focusing on what worked in 2011. I am literally blown away by some of the tutorials going on in this place…

With your background, if you focus on the OCSP and work like a mad person to improve your skills, then it is definitely doable. Good luck and get after it!


(oaktree) #25

Essay - Images, Video & Thoughts: Professional Hacker, 2011 to Present