Re: Aspiring Pen-Tester Seeking Advice

hello rajat,

Frankly even i was in ur groove when i started me.. this
and many mailing list have seen a flood of my questions..and people
got so bored answering.. pheww.....

but let me give u a little tip.... 1) the people who reply to u in
this mailin list are pretty much take thier word for
2) U need a really broad idea of the big picture.... i mean.. hacker's
mindset is a good place to start....but as u go up...(in a 1st or 2nd
pen-test)..u must be able to switch between a hacker's and a
Management's and a sysadmin's Mindset... its easier said than
3) technical knowledge of CONCEPTS and the tip above (2) is very very
important especially when u write a high quality pen-testing report.(
its the report that counts and makes the difference between the money
they spend on u and money they spend on burgers)

4)tools are good... for starters tools are god-like...... dont
worry... with experience u will become a tool-independent pen-tester.

5)the holy grail of hacking is getting "root"...but holy grail of
pen-testing is ANALYSING the 'HOW' of getting root. Also we need to
give cure


On 8/10/07, rajat swarup <rajats@xxxxxxxxx> wrote:
On 8/8/07, Ryan <phaleproof@xxxxxxxxx> wrote:
Hello all - long-time lurker, first-time poster,

I'm about 2 quarters away from finishing my education (majoring in
network security and systems administration), and I'm currently
interning at a company, doing monitoring IDS and SOX compliance.

I've always been interested in security, and now that I've got some
spare time I would really like to start getting prepared for a potential
position doing penetration testing.

My school offers a few courses in security, however I've always been of
the mind-set that it's better to explore it yourself than try to have
someone teach it to you.

That being said, I was wondering if anyone would be kind enough to give
a novice some helpful pointers on how to get started.

I've downloaded VMware and I've got a Windows XP, Ubuntu, and shortly a
Fedora Core 7 VM - I also plan on downloaded Windows Server 2003 with my
MSDNAA license. I've downloaded a copy of BackTrack2 and I'm in the
process of trying to turn that into a VM as well.

I installed nmap on both systems, as well as nessus, and soon
metasploit. I've played around with the former a little bit at work (I
must say, it's the most amazing tool I've used - not that I have much

I'm really interested in getting into the 'hacker' mindset and walking
through the steps they use to find, conduct, and cover-up their attacks.
Surely, it's not all point and chick, and I'm having a little difficulty
getting into the groove.

I was also hoping the more experienced users might suggest a few tools
to check out first (I've already bookmarked the list but
there is just so many).

Additionally, can anyone suggest a bunch of good books to read
pertaining to penetration testing? Someone recommended Counter-Hack, and
another person said Hacking Exposed, as well as a few others.

All that being said, are there some limitations of VM that I should be
aware of when conducting my research? I would be very interested in
seeing if there's a way to get router and network-like functionality
from a VM since it would seem like currently VMware is essentially
acting like a hub and a lot of the attacks (ARP spoofing, etc) don't
seem possible the way I've currently got it implemented.

I know there is a "Basics" mailing list, however since I am interested
specifically in pen testing, I figured it was probably more appropriate
to post to this list. If I am incorrect, then I apologize. If not, then
thanks in advance for tolerating my noobiness and for helping out an
aspiring pen-tester!

Best Regards,

i liked reading when I started off.
also check out

Rajat Swarup

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
- Christopher Dawson, The Judgment of Nations

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!