• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Careers in Penetration Testing

Careers in Penetration Testing






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Many names for the same type of thing The purpose is to test the vulnerability of an organization to hacking Different types include white box, grey box, and black box White box: the tester knows everything about the system; good for security against internal espionage Grey box: the tester knows some things Black box: the tester assumes the role of a typical hacker, with no knowledge of the system
  • -Pen testers are never employed in-house; they work for security firms and are contracted out to different companies that request their services
  • -Rule 48 of the Internet: all programmers are addicted to caffeine. No exceptions -Hacking can take many forms -Fuzzing -SQL Injection -Brute forcing passwords -etc. -You get so involved in getting your packet sniffer working that you have to take a late lunch -This is okay! -You love your job, so you take a short lunch -This process can take anywhere from a week to a few months
  • -Pen testers record their results in massive reports -You hate this part of the job, so you take a longer lunch
  • -The reports are given to the company during a debriefing session, which goes through the security flaws found in the system and possible measures to fix them -You end up taking a very long lunch because you get into an argument with the sysadmin over the choice between the AES and Rijndael (Rhine dall) encryption methods
  • -Port scanners (Superscan, Angry IP Scanner) -Packet sniffers (Wireshark, Cain & Abel) Vulnerability scanners (Nessus) Password crackers (John the Ripper, Cain & Abel) Application scanners (THC Amap, Nbtscan) Web application assessment proxy (Paros Proxy)
  • Not the legit end of the world, but a problem you have Your latest attempt to break into the GeneroCorp system involves cracking the employee login on their webpage. How do you do this?
  • -SQL Injection works by exploiting the PHP code used to interface the HTML-generated form with the SQL database on the server
  • -In both of these examples, the input passes through an intermediary before interacting with the database -In the first, the inputs are plugged into variables which are then plugged into the SQL query -In the second, the input is checked for characters that mean things in SQL, and escapes them
  • -Unfortunately, there are no university majors in hacking -Computer science and information systems (a business) are good options -Should focus a lot on networks; much penetration testing is done by exploiting network weaknesses -Companies really like their pen testers to be certified -Basically any network security designation is fine -You need to be madly skilled -Pen testers need to know how to do everything: - Code in PHP, SQL, Java, C, C++, Python, Ruby, HTML, CSS, JavaScript, Perl, Lisp...... -Need to know all potential weaknesses for all the languages -Need intimate knowledge of all operating systems -Know how computers work -Know all networking protocols -Cryptographic techniques -How to break WPA, WEP keys
  • Pros: You get paid to hack; living the dream Extremely flexible hours; you’re a contractor Pretty good pay; between about 54 and 87 Cons: You have to work hard to prove that you’re not actually a hacker It takes a lot of time to crack a network; every avenue could potentially fail after days of attempts Odds are, companies will just shred your report. Most of the time it’s too expensive to fix all the potential security holes

Careers in Penetration Testing Careers in Penetration Testing Presentation Transcript

  • Pen(etration) Testing By Jason Baker Flickr – Michael Randall
    • What is Pen Testing
    • A Typical Day
    • Sample Problem
    • Technology
    • Educational Background
    • Pros/Cons
    • Vulnerability Audit
    • Technical Risk Assessment
    • “ The process of actively evaluating [a company’s] informational security measures”
    • Ethical hacking
    • 9:00 – Get a call from GeneroCorp Inc.
    • 10:00 – Meet with the GeneroCorp Risk Management, IT Governance teams, and systems administrator
    • 17:00 – Have a contract hammered out
    • 10:00 –
    • 11:00 – Begin hacking GeneroCorp’s system
    • 14:00 – Break for a late lunch
    • 14:15 – Continue hacking
    • 19:00 – Record your results for the day
    • 8:00 –
    • 9:00 – Begin writing exhaustive assessment report
    • 12:00 – Break for lunch
    • 13:00 – Back to the report
    • 18:00 – Attempt suicide
    • 0:00 – Finally finish report
    • 0:01 – Unconsciousness
    • 6:00 –
    • 7:00 – Arrive three hours early for your GeneroCorp meeting
    • 7:01 -
    • 10:00 – Finally begin debriefing the GeneroCorp Risk Management & IT teams
    • 13:30 – Lunch
    • 15:30 – Continue the debrief
    • 19:00 – Get paid
    • Network security tools
    • Database security tools
    • Web application security tools
  • Randall Munroe
    • SQL Injection Attack
    • Prepared Statements
    • Escaping
    • The old college try
      • Computer Science
      • Information Systems
    • Go Pro
      • CISSP
      • CEH
      • Security +
      • .................
    • Why it would rock to be a pen tester
    • Why it would suck to be a pen tester
    • hours
    • Decent
    • Nearly useless
    Flickr – Leo Reynolds