Sie sind auf Seite 1von 12

HOW TO BECOME A PENETRATION TESTER

Introduction to a Career in IT Security | Whitepaper

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

Threats in the Real World


Risks of the Threats
Prevention Strategies - Solutions
What is Penetration Testing?
Job Description of a Penetration Tester
Writing Reports and Communicating Effectively
Black Hat Hacker, White Hat Hacker and Penetration Tester Defined
Think Like a Hacker to Catch One
Employment Options
Salary of Pentesters
Working as a Penetration Tester: The Good and The Bad
Demand for Penetration Testers in the Market
How do I become a Penetration Tester?
Learn by Doing
How to Gain the Experience
Afterword

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

Companies, governments, financial institutions, hospitals, military and other businesses are using advanced
technologies to store and process a great deal of confidential data on computers and mobile devices. These data
are transmitted across networks to other computers. Corporations pay a premium to safeguard records and
ensure that systems are protected.
An even more important sector, aside from companies and businesses, is national security. The government is
faced with threats from global cyber syndicates, hackers for hire, terrorists and state-sponsored hackers. It is a
different war as these crimes involve seeking state secrets, technologies, ideas and classified information.
Malicious attacks can be executed simply from a laptop so practically anyone who has the knowledge and skills
to committing these crimes can do so at the comfort of their home. Therefore, it is a MUST to protect sensitive
information and avoid putting the business or organization at risk.

Financial loss is a major risk of these cyber threats. On top of this,


the reputation built by a company is also affected. Some attacks
involve stealing customer information and this results to lack of
consumer confidence. Top secret documents can be claimed by
the wrong hands so intellectual property loss is another risk if you
are not careful enough.
As of February 2015, the Sony Pictures data breach last
November 2014 cost them $15 million so far.
Retail Company Target reports a total of $148 million in costs
since December 2013 after debit and credit card information of
their customers were compromised.
Financial services firm, JP Morgan Chase, had more than 80
million customer accounts accessed when their data breach was
reported in July 2014.
The list goes on and these only involve top companies. What
about the ones that are not headlining the news? What about
attacks on the government and cyber espionage?
Cybersecurity is not only a basic necessity, but a major priority to
protect ourselves from these outbreaks.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

Having the right IT infrastructure is critical to strengthen cybersecurity and there are three main classifications to
prevent various forms of cyberattacks: hardware solutions, software solutions and smart-thinking solutions.

Hardware Solutions USB dongles, disabling ports, drive locks, mobile-enabled access etc. provide the
physical assurance that networks and systems can only be accessed by authorized persons using these
devices.

Software Solutions Viruses, worms, denial of service (DOS) attacks, phishing, etc. are some forms of
cyber-attacks and countermeasures for them are anti-virus software, firewalls, intrusion detection &
prevention systems, data encryption, etc. Keeping software up-to-date is also necessary to constantly
combat new and advanced attacks.

Smart-Thinking Solutions Another major component in ensuring an effective strategy to prevent


cyberattacks is assigning capable people to manage the technology. IT Security teams are a critical part in
the corporate structure to control both hardware and software. You may have the latest gadgets and
technologies, but if you do not know how to operate them, they are useless. Aside from operating these
technologies, the IT Security expert should be able to maintain them in their top form.

One of the steps that companies make to ensure that their system is up-to-date is by hiring a penetration tester.
This is where YOU come in.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

A penetration test, also known in its short form as a "pentest", is the process that aims to evaluate the security of
one or more assets (such as the IT infrastructure, a web application, a mobile application, a software and so on)
by running a series of planned attacks with the goal of finding and exploiting vulnerabilities.
The areas where a tester could get into a system during a penetration test can be very wide: going from testing
the Operating Systems or the appliance configurations to Social Engineering attacks that aim to 'exploit' human
vulnerabilities. But the penetration test is not only about attacks! A professional pentest includes proper analysis
and reporting with the goal of improving overall security.

A penetration tester is a professional who conducts the penetration test and creates one or more reports about
findings and vulnerabilities, classifies the severity of the risks (high risk, medium risk, low risk) and explains the
reasons why these risks are vulnerable. An analysis report is created and delivered to the company, educating
executives and the IT department what needs to be done in order to solve the researched security flaws.
As an important note, pentesters do not fix, but mainly report the vulnerabilities. They do not change anything
in the system, they report the weak spots.
A good pentester provides recommendations and advises the most suitable and cost-effective countermeasures
to the vulnerabilities discovered. They can share their ideas on hardware, software and methodologies the
company should use, and help ensure the investments done for the company are worth it.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

Reporting is an integral part of this job position. After identifying and classifying
the risks of the vulnerabilities, the penetration tester should be able to
communicate them on a CEO level making sure that the report is understandable
to the C-Level Management of a company.
Not all of the management of a company speak IT. Hence, the pentester should
be able to explain carefully and effectively the risks of these security flaws;
avoiding jargon and describing the report to the CEO-level who makes the final
business decisions.

My crime is that of curiosity.


My crime is that of judging
people by what they say and
think, not what they look like.
My crime is that of
outsmarting you, something
that you will never forgive me
for.
- Excerpt from the
Hackers Manifesto

There might be some confusion with the terms used to describe a penetration
tester. Sometimes, it is referred to as an Ethical Hacker or a White Hat Hacker.
Among these terms, clearly, a penetration tester is far from being labeled as a
Black Hat Hacker. To help you understand better, here are the differences.

Black Hat Hacker A Black Hat Hacker only needs to find a single flaw in
whichever area in a system, attacks it, and uses the information for
personal gain or in bad faith (e.g. stealing information, selling classified
data).

White Hat hacker / Ethical Hacker A White Hat Hacker (also termed as
an Ethical Hacker) also finds a single flaw in a system, but uses the
information to help improve the system (e.g. reporting the flaw to the
company).

Penetration Tester A Pentester has to find ALL flaws in a system, write


them down, create a report, and include details on how the hack was
executed and how it can be replicated.

Hacking is NOT equal to


penetration testing. It's not.
Penetration testing involves
methodology and reporting,
risk assessment and
presentation of findings.
Penetration testing is not just
about getting root.
Armando Romeo
eLearnSecurity CEO and
Founder

Hackers (whether Black Hats or White Hats) only need to find one vulnerability
flaw and they attack everywhere. How they use the discovered vulnerability is
what differentiates one (White Hat = Good) from the other (Black Hat = Bad).
Penetration Testers, on the other hand, are the most-skilled compared to Black
Hat Hackers or White Hat Hackers as they need to find ALL vulnerabilities. The
scope of penetration testers is focused on a particular area in a
system/network/application, yet they have to scan all possible doorways.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

A penetration tester needs to think like a hacker and use many of the same techniques that a hacker does. But
unlike hackers, a penetration tester works under strict rules of engagement you go into specific areas only, and
have limits on your actions. The purpose is to discover weaknesses, not break into the system for its own sake.
You are the professional here, and definitely the good guy.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

There are various ways for you to get work as a pen


tester. This is a skill-based job and the more skills
and experiences you have, the more will your value
increase. Here are some ways to get hired.
Freelance You get paid by project by
companies that want you to look into their
system.
IT Security Service Company You are working
as a third-party contractor providing
penetration testing as a service.
In-House Employee You are directly hired by
the company as part of the IT Security
department to conduct regular penetration
tests of the system.

How much does a Penetration Tester Earn?


Standard penetration tests can range between
$10,000 to $15,000 (and more) if done as a service
by a company. As a freelancer, you can get paid per
hour of service or per project. Cost would depend on
the size and scope of the penetration test.
According to PayScale, the average Penetration
Tester salary in the US is $74,150 per year.
Depending on your expertise and experience, it can
be more or less.
The highest paying skills associated with this job deal
with Network Security Management, Web Security
& Encryption, and Security Testing & Auditing.

- Average Pentester Salary


in the USA by Payscale

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

We conducted a research among penetration testers and asked them about the exciting and not-so-exciting
aspects of the job. We find it helpful that you hear it from these practicing professionals to give you a better
insight on some of the pros and cons of pentesting. Heres what they have to say.
Note: Some of the penetration testers we contacted preferred to be Anonymous.

GOOD: The best part of being a penetration tester is


the obvious one. It is a challenging job, with a lot of
fun and interesting things to learn. It is always a
mind blowing task while one feels the excitement of
being a hacker without actually being the malicious
guy.
BAD: Now the drawback is that it is a very
responsible job. Mistakes can be critical to one's
career while sometimes it can be really stressful.
Furthermore reporting is a very difficult task in order
to prove that you are delivering quality services and
not just tool results.
Emmanouil
GOOD: The thing that I like about being a pentester
is that this is my hobby and I am doing my hobby as
a job.
BAD: I don't like the reporting & legal stuff of the
engagements.
Anonymous
GOOD: I love write my own exploits and code ;)
BAD: I don't like write the reports :)

GOOD: Learning is the thing I love the most. Each


engagement leaves you some knowledge, and yet it
gives you the feeling that you know nothing.
BAD: Writing reports and interacting with
clients.
Anonymous

GOOD: Each company uses different


technologies in infrastructure, network, mobile
phones and so on. The best part about being a
pentester is that you face new challenges every
day. Studying, testing, and reading a lot are a
must in this field, and I love it.
BAD: Some clients strongly believe that
compliance is security. The problem is that they
don't appreciate the real value of a good
penetration testing, because they only want to
tick a checkbox in their policies. This kind of
penetration testing is usually non-challenging
and pretty boring, because you don't have
enough time to test as you should test.
Anonymous

Anonymous

Summarizing the comments from various pentesters, the least favorite part is writing reports. On the other hand,
the most favored is the intellectual and challenging aspect of finding vulnerabilities and learning as you progress
in this career.
If you manage all the data and information you gather during an engagement correctly, and if you know how to
structure your report correctly, writing it can be easier.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

10

According to a report by Ponemon Institute for CNNMoney, 47% of adults in the US had their personal
information exposed by hackers during the first half of 2014.
With the current situation in information security, businesses and organizations are hiring penetration testers to
test their networks, applications and computer systems. The claim for a secure environment could not be any
more demanding.

One of the great things about this job is that you do NOT need to have a college diploma/degree to become a
Pentester. However, you should have a deep interest in information security if you want to make it a career.
Penetration testing is a set of skills and in order to acquire this skillset, you can

Go to a school that offers this as a specialized course


Learn it from a mentor/instructor as an apprentice
Read about penetration testing in books/online (Check OWASP.org for FREE web application security
updates)
Practice training online (You can test your skills using Hack.me)

Regardless of the source, the end result should make you confident to conduct a penetration test in the real world.

Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

HOW TO BECOME A PENETRATION TESTER - An eLearnSecurity Whitepaper

11

The most effective way to learn Penetration testing is to learn by doing


and not by reading. Look for a penetration testing course that provides
hands-on training. If you are working for a company, you can ask an
experienced IT Security expert to train you with practical exercises. You
can also request for virtual labs to be created so you can practice hacking.
If your IT team does not have the resources to create labs, you can search
for services online that do so. One example is the HERA Virtual Lab.

What do you do then when you do not have the experience? Gain it.
In the world of Information Technology, experience is an advantage
especially when landing a job. Search for training courses that offer not
only theories, but also practical training that will prepare you towards a
real-world penetration test.
There are a lot of things you can pick up online but it is time consuming
as resources are scattered everywhere. There are IT Security training
courses dedicated to penetration testing and they range from $50$10,000. It is good to find a course that properly explains the theories
and provides enough hands-on material with matching labs for you to
practice various exercise scenarios.
Exam certifications are available and it is up to you to find one that will
develop your skills to make you confident in conducting an actual
penetration test. A multiple-choice exam will test your acquired
knowledge, but it is more effective when you are tested based on
practical knowledge. Remember, you do not answer multiple-choice
questions when a company hires you.

A career in IT Security is one of the most in-demand jobs today. Having the skills to conduct security audits and
look into a companys network and system also carries a lot of responsibility.
Learning penetration testing can be done via coursework, and will enhance your value to the organization. But
you need to select the right course; you want one that gives you practical experience and a comprehensive
understanding of where threats come from. You also want a course that delivers a solid foundation to analyze all
the ways a hacker might breach your security using various techniques.
Copyright 78118 2015 eLearnSecurity S.R.L. All rights reserved. This material may not
be reproduced, displayed, modified or distributed without eLearnSecuritys express
consent. For more information, please visit: www.eLearnSecurity.com.

A leading innovator in the field of practical, hands-on IT security training.


Based in Pisa (Italy), Dubai (UAE) and in Santa Clara (USA), eLearnSecurity is a leading provider of IT security and
penetration testing courses including certifications for IT professionals.
eLearnSecurity's mission is to advance the career of IT security professionals by providing affordable and
comprehensive education and certification. All eLearnSecurity courses utilize engaging eLearning and the most
effective mix of theory, practice and methodology in IT security - all with real-world lessons that students can
immediately apply to build relevant skills and keep their organizations data and systems safe. For more
information, visit https://www.eLearnSecurity.com.

Get a FREE trial of our Penetration Testing Professional Training course.


Penetration Testing Training (PTP) TRIAL

Das könnte Ihnen auch gefallen