I’ve been meaning to create a write-up on how to get into the industry and certain resources to check out for different skillsets. So here it is, there are lots of different routes into Pentesting however there are two main things to keep in mind.
Firstly who you know and second what you know, these are both very easy to achieve. Addressing the first point, the easiest and best approach to this is to get involved with the security community both locally by attending meetups and around the country by going to conferences. Whilst at events it is important to mingle and gain contacts, some people will see this as more of a challenge than the technical aspect however in this industry it is very important to be able to network and talk to people. By doing so you can acquire business cards and industry contacts, this will stand you in good stead for the future as you never know when you might need to call upon a contact.
In regards to the second aspect of things to keep in mind: Technology, it’s important to actually know what you are doing and how to approach things, here is a short list of resources to check out and some general hints and tips for getting started in learning and application of the particular skillsets required.
- Metasploit Unleashed(https://www.offensive-security.com/metasploit-unleashed/)
- Metasploitable
Linux(https://www.offensive-security.com/metasploit-unleashed/requirements/) - Damn vulnerable
linux(https://distrowatch.com/table.php?distribution=dvl)
###Web Applications
- OWASP Web Goat(https://www.owasp.org/index.php/WebGoat_Installation)
- OWASP List of Vulnerable Web Applications (https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project/Pages/Offline)
- Damn vulnerable web app(http://www.dvwa.co.uk/)
- Vulnhub(https://www.vulnhub.com/)
- Pentesterlabs(https://pentesterlab.com/)
- Multidae(https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project)
- Overthewire(http://overthewire.org/wargames/)
- CTFTime(https://ctftime.org/)
There are more but certainly these are a good start, in terms of other materials, if you can stretch to it I’d suggest the following books to get your teeth into:
- Web application hackers handbook
- The Hacker Playbook 1
- The Hacker Playbook
- Red team Field Manual
- Blue Team Handbook
The physical books are nice to have however you can source them on the internet using advanced Google searches, but I’ll leave that up to you. Alongside the resources it is also useful to familiarise yourself with the standard toolsets which are usually manual testing with Burp Suite and using Linux command line, the OS of choice as an industry standard is Kali Linux.
Other than the resources listed above there is also the option to test against live targets in the form of Bug Bounty hunting, I did a post earlier this year about this which can be found here:
Approaching Bug Bounty Schemes with an Ethical Mind-set
I also did a blog post earlier last year about getting started which can be found here: