Hey guys, I am an aspiring penetration tester and I have been lurking around forums soaking up as much as I can and learning however I think it is time for the next step, but I need to know where its best to start. I am currently learning python because of its simplicity, yet from the standpoint of a penetration tester, would php be the way to go? I know it is widely used but it is losing ground to python. I am also torn between learning C/C++ or Java next. I know they are both very versatile (Java maybe a little more) and great software development languages but again--what is best from the standpoint of a penetration tester? And last but not least, a .net language I feel is necessary, would you recommend asp, C# or visual basic? I have really no working knowledge of either of the aforementioned, and would appreciate help in deciding. Also--if you have a set of languages that work for you, but I didn't supply them here in my question post it here, I am eager to know. I appreciate any help in the matter, and as always have a nice day!
-
-
Neither, I'd go with Ruby. That's the language Metasploit is built in, so you can understand the exploits packaged in there.
For an aspiring pen-tester, I'd recommend Metasploit and Linux - specifically your favorite distribution of Linux running a virtual machine of something like DVL.
That's what I run, anyway, and what most of my colleagues run. Some of the paid-for apps are nice (Core Impact, EnCase, etc...) however you can't beat the free nmap/nessus/metasploit against DVL and creating reports from that.
I'm not sure you need to know a .net language - IMHO the only reason for knowing languages is to either write your own exploits, or do software whitebox/blackbox testing that searches for possible code issues that lead to a security issue.
If you're looking to do application security testing, it's an entirely different ballgame than pen-testing, and I'd recommend the OWASP suite.Last edited by sicarie; Nov 15 '11, 11:15 PM. -
What is application security testing, would that be testing for buffer over flows and such? And what specifically does a penetration tester do then, since I had always assumed they kind of monopolized the whole playing field.Comment
-
There's lots of fun to be had in the security field.
Device management usually goes towards firewalls, though IDS experience (like SourceFire - also free) comes in handy as well.
Policy management sets what the individual desktops/servers/network devices/firewalls log for and to where, as well as what is and is not allowed on a computer. (Such as NIST guidelines)
Application testing is to ensure code stability and security - things like buffer overflows, SQL injections, and other ways to escalate/abuse privilege.
Pen-testing is breaking into devices. This is usually a server, but network devices are high-value due to management networks and routes. This requires knowledge of all of the above.Last edited by sicarie; Nov 16 '11, 12:07 AM.Comment
-
Oh that is awesome. As a penetration tester, are you generally given free reign over your methods or are you restricted to certain methods such as SQLi for example in select cases. Thank you for your replies, I am learning alot.Comment
-
That depends mostly on your role, but also on your management.
Breaking into computers is interesting, however each time you do, or do not, you have to report on it - create a map of what you tried and why. The point of a vulnerability assessment is to determine the gaps in order to fix them. Due to this, I recommend a standard approach, and most shops teach their own approach.
If you work as an in-house tester you will probably have a bit more leniency (again, depending on your boss), however if you are a consultant, you will want to have EVERYTHING documented (so you don't get sued), and you'll probably have to follow a standard process.Comment
-
Python if a good one tooComment
-
Sicaire when you say shops--is that a form of school or is it a workplace? And thanks Ephexeve I am getting into Python at the moment--hoping to get better at programming so I can jump into a more advanced language. Last time I dove head first into C and crashed.Comment
-
You should study at least the following programming languages: C/C++, x86 assembly, python, ruby, HTML, JavaScript, PHP.Comment
-
When I say 'shops' I mean both - a 'shop' or a place where you practice and better your skills, will teach you how to approach a given situation.
I would agree with trietptm, pick a language and learn as much as you can about programming and security - algorithm design, buffer overflows, SQL injection, etc...
Personally, I'd suggest Ruby to start with as it's the basis for Metasploit, but any of those would do.Comment
Comment