How

To Become a Pentester HackingLoops.com

I used to be where you are - most likely a technical person not fully
enjoying what you do at your day job and wanting to make the move to
a job that you would actually enjoy in the security field.

For me specifically, that was conducting vulnerability assessments,
penetration testing, hacking, auditing and anything in IT Security.

On the About Me page I described a little bit about how I got where I am.
Now Im going to share with you exactly what I would do if I could do it
all over again, but first Im going to answer a few popular questions
about the industry.

Is a Computer Science degree necessary to be a pentester?

So you want to learn how to hack and think you need a degree. If you
have the time and the money to pursue a degree in computer science, by
all means take the opportunity and pursue it. While it is not necessary to
have this degree, it would be one of the optimal paths to take under
perfect conditions to get your foot in the door at an entry-level position.

How To Become a Pentester HackingLoops.com


You might be pursuing or have other technical degrees already that
could substitute nicely. I personally had a Computer Information
Systems (CIS) degree when I set out on my journey.

To go a bit further I decided to get a Masters in Information Security and
Assurance, but this isnt necessary for everyone. If you were coming
from a non-technical field though, a switch to a more technical masters
program could be just the path for you.

Don't let the BS and MS degree talk deter you though if getting one isnt
an option. Technical degrees are always an option as well.

While you will always find that companies are looking for a degree, if
you have the right experience and certifications it surely wouldnt hold
you back at all.

Lets take a look at two sample information security job postings:

How To Become a Pentester HackingLoops.com

Does where I go to school matter?

In my opinion, it doesn't matter where you obtain your degree. You

would just use this as a stepping stool to gain some fundamentals and
get your foot in the door so that potential clients feel comfortable with
you. Sometimes they will actually ask for your resume and a degree
looks good on there.

Surprisingly, Vo Tech and Community Colleges often have programs
that are just as good as the more prestigious schools. Many times, you
can get just as good an education for half the cost and in half the time.

What matters most though is the amount and type of experience that
you will be able to gain along the way as was hinted in the graph above.

You should note that even the most expensive college or university does
not necessarily have the best educational programs for this particular
field. At this point in time this field is in its infancy, which also means

How To Become a Pentester HackingLoops.com

that this is actually a great time to get into the field before it becomes
crowded.

Most computer science programs available today place the majority of
emphasis on programming, although I foresee them moving heavily in
the cyber security direction over time, including Pentesting.

Some schools now even have cyber security degrees, so if you know for
sure that this is the area you want to be in then I would take a hard look
at that.

That large programming aspect of the computer science programs will
also be very beneficial to you later without a doubt.

Which certifications should I have?

Certain certifications will be indispensable when it comes to getting

your foot in the door, especially if you pick the right ones.

It may seem like putting the cart before the horse by getting one of these
before you get the experience and it is, but having one will give you a leg
up over another candidate who doesn't have one.

It is also very doable to get one in a relatively short period of time,
unlike a degree.

This is why if you already have a Bachelors degree I wouldnt
recommend going back to get a computer science degree, but instead
going after some of the sought after certifications such as: SANS GPEN,
GWPT, GSEC, GAWN; Offensive Security OSCP, OSWP, OSCE, OSEE; EC-
Council C|EH, ECSA, ECSA L|PT.

There are also others that you can find with a simple Google search or
by looking at job postings online.

While its not necessary that you obtain all of these certifications, you
will want to be able to prove that you have the required experience to
perform the job and some of these certifications will help you do just

How To Become a Pentester HackingLoops.com

that.

Youll also want to consider some networking certifications such as
Network+ to start, or even better the CCNA. You will commonly see the
CCNA certification listed on pentesting job requirements.

These certifications will go a long way towards helping you obtain a
penetration-testing job and can be just the thing that propels you ahead
of another candidate vying for the same job.

What experience should I have?

Dont make the mistake of getting a ton of certifications and forgetting

that above all else experience is king. You may make it to the interview,
but when the interviewer starts asking about experience, things could
start to go downhill fast for you.

While you may not need experience for some entry-level positions, it is
critical to get some if you expect to succeed and for a leg up on other
entry-level applicants.

How To Become a Pentester HackingLoops.com

A solid understanding of networks is also critical for you. You don't
have to be an expert and can learn along the way, but you need to have a
somewhat solid overview of how they work.

I was given an IP address in an interview some years back and asked
what the broadcast address was. You need to be able to answer simple
questions like this, so if you cant you probably need more training in
this area.

Building a home lab network environment is critical for a penetration
tester and will allow you to get a better understanding of penetration
testing, hacking, networking and help you meet the experience
requirement you will need.

You will also want to become well versed in working and testing Web
Applications and Cloud technologies such as SaaS. Web Application
testing is very hot right now and you might have already noticed this
while looking at some of the new pentesting positions available.

Because everything is moving out to the Cloud, companies are actively
looking for people with the specific skills to test these applications and
being advanced in this area can help you stand out from the
competition.

How To Become a Pentester HackingLoops.com



Another great way to get experience is by reaching out to people in the
industry already and working for them for free in your spare time.

This will give you documentable work experience beyond your own
home lab and you may even get an opportunity to work with that
company as well.

How To Become a Pentester HackingLoops.com

What skills do I need and is a networking background
required?

You must know the fundamentals. That being said, I part ways with
some in the industry here as some believe you need many years of
experience as a network administrator or security engineer etc. first
before moving on to pentesting. I actually believe that this isnt a
requirement and think you can learn both concurrently depending on
your skill level and willingness to learn. They complement each other.

If you are dedicated you can read both types of books, take both types of
classes and experiment with both sides of the same coin. Learning how
to pentest doesnt prevent you from concurrently learning how
networks work.

However, learning how to pentest and hack without learning how
networks work is never going to happen for you, so go get those
fundamentals down.

Do I need to know how to code?

While you dont need to be an advanced level coder to penetration test,
it would be very wise to start learning some basic scripting in order for
you to hack together some tools that you need.

The key here is to get some basic things to work, not to build out some
huge application. You might have specific needs according to a
penetration test that you are conducting and may need to tweak an
already existing application or build your own.

You may commonly run into a Metasploit module that doesnt meet
your needs at the moment and you may need to either modify one or
write it from scratch.

How To Become a Pentester HackingLoops.com



Most penetration testers can code in many languages because after you
learn one language it isnt difficult to branch out to others.

In my opinion you should focus on learning Ruby or Python because
most of the code and job prerequisites you will come across will be
written in one of the two. Both are often used in the penetration world
and are the de facto standards. Build it once and then use it forever.

As you gain experience, you can start to branch out to some other
languages as well. This knowledge base will make you more attractive in
interviews and make you a much better pentester.

Start by watching some YouTube videos and then go and modify or try
to recreate those applications on your own.

How To Become a Pentester HackingLoops.com

What is the best way to find a job?

The best way to find a job is to first look at your current employer to see
if you can tweak your position or move to another in the company. The
next best route would be to intern somewhere if you can.

If you cant do it those ways you can always start your search by going
to job searching sites such as the Federal Government (USAJobs.gov),
CareerBuilder, Monster.com, Indeed.com and Dice.com.

Be on the lookout for titles such as Information Security Analyst,
Information Security Auditor, Information Security Engineer, IT Security
Consultant, and of course Penetration Tester. Of course you can search
for common keywords such as Kali, Nessus, Wireshark, Metasploit, Burp
Suite and nmap.

These will always vary and change over time, but you should be able to
come up with a few different combinations and find some openings
without issue.

How To Become a Pentester HackingLoops.com



Companies are looking for people who are willing to learn and do what
it takes to get the job done.

If you dont have a specific skill but are willing to pick it up along the
way then it doesn't matter at all. Presenting yourself to the company
that way will significantly increase your chances of obtaining the
position.

When interviewing for my first position, I personally had some good
education but the direct experience wasnt there. However, the
company decided to take a chance on me based on my willingness to
learn and get the certifications I obtained.

How To Become a Pentester HackingLoops.com

How much money do pentesters make?

As with any job this depends on many variables, but Ive included a
general range for you here:

It isnt uncommon for entry-level positions to be between 55k-70k, mid-
level to be between 70k-100k and senior level to be between 100k-
140k.

How To Become a Pentester HackingLoops.com

If I had to do it all over again this is what I would do:


Step #1: I would evaluate my day job

I would evaluate my current position at my job and see if there was any
way that I could gain some experience right where I am.

If there were a way to focus on some networking fundamentals or
administration fundamentals I would start there. Many of you are
already in technical positions, so take a look around, start reading more
networking/hacking/pentesting books and see how you can apply it all
to your current position.

Step #2: Set up my home lab

At the same time as Im evaluating my day job, I would be setting up a
virtual lab at home to start studying how everything works. To see how
I would do that you can take a look at this page here.

In the process I would start looking at some basic videos on networking,
hacking, pen testing, Ruby and Python. Id utilize SecurityTube
(http://www.securitytube.net/) and YouTube for this. As my skills got
better and my knowledge base expanded I would also expand on this
home lab network as well so I could run more tests.

Step #3: I would get web application testing down

After I got pretty confident on how things work in my own home lab I
would be looking for other web applications and networks to learn on.
OWASP, the Open Web Application Security Project, has an awesome
complete list of vulnerable websites that you can learn on. You can find
that list here:

https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applicati
ons_Directory_Project#tab=On-Line_apps

How To Become a Pentester HackingLoops.com

 Step #4: I would become the go-to security guy

After I became more confident I would then proceed to utilize what Ive
been learning at my current position with permission.

After I got some basic fundamentals down or if I already had the
fundamentals down I would let my manager know that I would be
happy to evaluate the current security situation in my own time if
he/she would allow me.

I would try to position myself as the security guy on the team and make
it my responsibility to learn all that I could. This would get my resume
looking pretty good when it comes to experience and allow me to get
even more much needed experience.

Step #5: Get a mentor

If it werent possible to get some experience at my current job, I would
start by doing a cursory search of LinkedIn looking for people who are
current penetration testers, security engineers or analysts, and reach
out to them to do unpaid internships. I would let them know that I
would help out in any way I could.

The great thing about LinkedIn is that the people that you find in your
search will be 1st and 2nd connections to you, which is great as it will
make it easier to connect to them and they are most likely in your area
as well.

Some other searches to try:

IT Security Consultant
Information Security Engineer
Information Security Analyst
Information Security Auditor
Information Security Analyst

This internship could help you get your foot in the door at the company
or at the very least you will gain experience that you can now put on
your resume.

How To Become a Pentester HackingLoops.com




Step #6: Get certified in something

I would look at getting a certification to supplement the experience that
I am getting. I would focus on ONE sought after certification that I am
able to get based on my current experience and the experience
requirements of the certification.

I would spend the rest of my time trying to gain that valuable
experience that I need as nothing is going to replace it.

The four certifications that I would choose from at the beginning are the
OSCP, CISSP, CEH or GPEN. This is completely my opinion and you
probably have a different list.

Most penetration testers will tell you that a OSCP, CISSP, CEH OR GPEN
certification will not make you a penetration tester, that only experience
will, and that is absolutely true.

Only your experience and skill will make you a penetration tester.
However, most wouldnt deny that companies actively make their
interview/hiring decisions based on certifications. The four
certifications were chosen based on my quick research online of job
postings.

To see what certifications companies were looking for, I searched for
penetration testing or info security jobs and looked at the first 50 that I
came by.

How To Become a Pentester HackingLoops.com

Of course this isnt very scientific - I was only looking for the top 4
mentioned certifications and there should be a larger sample size - but I
went with 50. The results actually surprised me but here they are:

If you do this test yourself you will get different results because of a
different sample, but you will most likely see fairly similar results.

I did not expect the CISSP to be mentioned as often as it was for
penetration testing positions, but it just goes to show how popular that
certification is in the eyes of employers no matter what spectrum of IT
Security you land on.

Some of you may argue that the OSCP certification is the best of these to
get and I wouldnt argue with you. Again, this isnt scientific and I dont
have an opinion at all, but this should give you an idea of what
companies are looking for.

How To Become a Pentester HackingLoops.com

Of course there were other certification mentions such as the CCNA, but
I decided to go with the top four mentioned here. I encourage you to
take a look at these jobs and see what they are looking for as well.

Now, lets take a look at what the hit will be like for your wallet.

OSCP

How To Become a Pentester HackingLoops.com

CISSP

How To Become a Pentester HackingLoops.com

CEH

GPEN

The objective for us right now is to get to a point where we can get that
experience, and these certifications are still some of the more popular
certifications that a HR Manager at some company will be looking for.

How To Become a Pentester HackingLoops.com

We can educate ourselves on our own and we will, but other than our
own hard work nothing will get you where you want to be quicker than
being forced to learn at your day job.

Lets take a look at some experience requirements for these certs:

OSCP

CISSP

How To Become a Pentester HackingLoops.com

CEH

GPEN

We can see that the CISSP certification requirement is heavy, so if you
dont meet the experience requirements I would come back to it at a
later date. I actually did that myself. I started with a couple others such
as C|EH before later getting the CISSP. Another CISSP option is by
becoming an associate and getting the experience along the way until
you reach the requirements for the full certification.

After getting some certifications, I considered getting even more until I
realized that it really just doesnt matter all that much. It is just my
personal opinion that certifications should be used as a tool to get you
where you need to be, but after you are there, experience alone is king.

How To Become a Pentester HackingLoops.com

It would be awesome if you got all of these certifications, but nothing
beats having the right experience and that is now where I focus most of
my time.

It is important however that you get a few certifications just to
demonstrate your competency both from a job standpoint and client
standpoint. At the end of the day though, clients and employers will
primarily be looking for you to have relevant past experience of
conducting these tests in the field.

Certifications are mainly good to get your foot in the door at a security
firm so just pick one and run with it!


Step #7: I would Capture The Flag and take challenges

At Hack This Site (https://www.hackthissite.org) there are many free
challenges that you can take. It doesnt get much better than that. I
would start basic and work my way up from there. After I did a few of
these I would move on to Capturing The Flag events.

At CTF Time (https://ctftime.org/event/list/) there are a ton of online
and offline Capture The Flag events that you can be a part of.

When I felt my skills were up to the task I would try my best to be a part
of a team and get involved in some of these events. For me this would
be both a good time and give me the ability to practice in a scenario that
is closer to real-world.


Step #8: Look for entry-level positions

At the beginning I would be looking to get my foot in the door,
understanding that I may take a hit on pay for a bit while I gain the
much needed experience so that I can transition to another field.

If you truly see this as your passion you should be willing to take less in
order to make a move into something you love and the money will
follow. Choose a job you love, and you will never have to work a day in
your life. - unknown

How To Become a Pentester HackingLoops.com


People will always need and be looking for pentesters, so after you have
gotten your experience, certifications etc. the employers will start
looking for you rather than the other way around.

You will always feel as though you need more certifications, more
experience and someone to knight you. You dont; just go get started
and get into the industry.

How To Become a Pentester HackingLoops.com