Ethical hacking/pentesting advice required

Banzai_Joe · 9 Jan 2023 at 08:20

Hi all,
so after 17 years as an IT Manager/Project Consultant. I've covered a lot of bases. Jacks of 'most' depts, but a master of none.
Some of the courses I've done include: A+, CCNA+, Sec+, ITIL4, Prince2 - but not certified in any of them. I studied them to help me do my job better not to appease someone who likes to see pieces of paper.
For the past year i've been studying for the CISSP (i have the relative experience required to become fully affliated if i pass). BUT....i'm not overly passionate about it and so i'm struggling with "thinking like a manager".
I've always been a hands-on kind of IT fella.

TLDR?
My current job is gonna end soon (i think). I want to get into ethical hacking/pentesting. The above info was to give background into my career thus far.
So what online content would those already working in the space suggest? Youtube vids, Udemy, LinkedIN Learning?
Maybe sit the CompTIA PenTest+ exam?
So, i'm not an IT noob, but happy to start from the ground up with this subject.

Please post your recommendation and advice.

thanks

malachi · 9 Jan 2023 at 10:46

I would for go CompTIA PenTest+ or even CEH.

But after passing my Sec+ a few years back. Anything to do with CompTIA I didnt see on many job descriptions in the UK.

Banzai_Joe · 9 Jan 2023 at 11:10

malachi said:
I would for go CompTIA PenTest+ or even CEH.

But after passing my Sec+ a few years back. Anything to do with CompTIA I didnt see on many job descriptions in the UK.

Thanks. Yeah i'm more interested in what courses will give me the best info to run with and develop skills. I have a bee in my bonnet about certifications, but its the game ya have to play for a lot of employers nowadays. I think mainly because they use recruiters who have no knowledge of the job themselves.

malachi · 9 Jan 2023 at 11:19

Banzai_Joe said:
Thanks. Yeah i'm more interested in what courses will give me the best info to run with and develop skills. I have a bee in my bonnet about certifications, but its the game ya have to play for a lot of employers nowadays. I think mainly because they use recruiters who have no knowledge of the job themselves.

Yeah, I have a few certs and it hasnt really helped me land the job I want so far.

Banzai_Joe · 9 Jan 2023 at 11:36

malachi said:
Yeah, I have a few certs and it hasnt really helped me land the job I want so far.

People in the IT industry know that experience is waaayyyy more important that quals. But the REMF's (Rear Echelon Motherflingers) seem to be clueless and hence ask for them.

malachi · 9 Jan 2023 at 11:44

Banzai_Joe said:
People in the IT industry know that experience is waaayyyy more important that quals. But the REMF's (Rear Echelon Motherflingers) seem to be clueless and hence ask for them.

And the HR filters can be a pain in the ass.

Banzai_Joe · 9 Jan 2023 at 12:07

malachi said:
And the HR filters can be a pain the ass.

lol, oh yes. God there are some jobsworths around.
Had 2 agencies ring me this morning and send JD's over. Both involve hi-end networking beyond my expertise really. Had they read my CV and understood it, they would have known that.
shame as one was for a gaming company no too far from me whereby the other reqs matched my skillsets, but I fall short on the networking part i think.

Jim99 · 9 Jan 2023 at 12:26

If you want to do pentesting I would focus on something more directly applicable than CISSP.

Have you looked at OSCP?

I agree as well, CompTIA is not that common in the UK.

Banzai_Joe · 9 Jan 2023 at 12:27

Jim99 said:
If you want to do pentesting I would focus on something more directly applicable than CISSP.

Have you looked at OSCP?

I agree as well, CompTIA is not that common in the UK.

I briefly looked at OSCP, but its very expensive i think. Could do with some taster courses/labs to see if i really want to go further with it.

Ev0 · 9 Jan 2023 at 18:16

Start off with some free resources like Hack the box or any online CTF type stuff to give you some practical experience.

Get following people on Twitter (or is it all Mastadon now?) to get a bit more immersed in that area.

Look at all the various pen testing co websites as they'll usually have blogs of some sort, diget these and again follow the people who write them on whatever social media.

Things like OSCP are going to be miles better than CISSP and CEH (I didn't rate the latter when I did it, very out of date and largely focused on what tool would I use to do this rather than the why).

mattx4 · 9 Jan 2023 at 18:21

Banzai_Joe said:
lol, oh yes. God there are some jobsworths around.
Had 2 agencies ring me this morning and send JD's over. Both involve hi-end networking beyond my expertise really. Had they read my CV and understood it, they would have known that.
shame as one was for a gaming company no too far from me whereby the other reqs matched my skillsets, but I fall short on the networking part i think.

Remember that Job Descriptions are wish lists rather than set requirements. If you think you can learn or pick up the networking part you should still apply.

I find with IT specs recruiters don't really understand what you are asking for. When I list a few requirements I'm often not looking for the whole list but I know if someone understands x they will pickup y but it often comes across the job spec as applicants must have x+y

malachi · 9 Jan 2023 at 20:25

mattx4 said:
Remember that Job Descriptions are wish lists rather than set requirements. If you think you can learn or pick up the networking part you should still apply.

Many are wish lists but some are leaning towards them being hard requirements when you get told. "We need someone who has experience in X" When you know you can learn X in a few days.

I have had this a few times, some companies don't want to take the time to training people. Even if its only 5% of what they need to know for the role.

dowie · 10 Jan 2023 at 00:24

malachi said:
I have had this a few times, some companies don't want to take the time to training people. Even if its only 5% of what they need to know for the role.

Arguably they shouldn't really need to if it's something generic with resources available online, it's really the internal company specific stuff that should require a bit of onboarding/instruction, especially for an experienced hire.

Banzai_Joe · 10 Jan 2023 at 07:21

malachi said:
Many are wish lists but some are leaning towards them being hard requirements when you get told. "We need someone who has experience in X" When you know you can learn X in a few days.

I have had this a few times, some companies don't want to take the time to training people. Even if its only 5% of what they need to know for the role.

Oh this x100. Had this loads of times. I’ve had plenty of conversations with recruiters about this very thing.
At least now quite a few JDs have bullet points of MUST HAVES and the DESIRABLES.

Banzai_Joe · 10 Jan 2023 at 07:23

Ev0 said:
Start off with some free resources like Hack the box or any online CTF type stuff to give you some practical experience.

Get following people on Twitter (or is it all Mastadon now?) to get a bit more immersed in that area.

Look at all the various pen testing co websites as they'll usually have blogs of some sort, diget these and again follow the people who write them on whatever social media.

Things like OSCP are going to be miles better than CISSP and CEH (I didn't rate the latter when I did it, very out of date and largely focused on what tool would I use to do this rather than the why).

Thanks. The CISSP is still on my timeline to bolster my chances but it was nothing to do with my latest idea of pursuing pen testing.
I’ve bought a Udemy course as it was offer for £15. I’ll do that and look at all the other resources to join up some dots.

Moley · 10 Jan 2023 at 08:09

I work in the IT security industry for a vendor and I speak with and deal with many Pentesters and Security managers regularly. My advice would be this - you won’t become a Pentester overnight but it sounds like you have the kind of fundamentals you’d need to get started.

CEH isn’t really that respected as a cert anymore - a lot to do with the providers of the cert being shady.

OSCP is what you want to be aiming for and to start your journey I would suggest a TryHackMe subscription - it will get you started on the fundamental training you need and test you with CTF boxes. You can switch to HackTheBox or Offensive Security’s Proving Grounds after THM starts to become too easy.

There are a number of streamers on twitch who do walkthroughs and are well worth watching to get an understanding of how to go about cracking these boxes - I follow 0xTiberius and Alh4zred on twitch - both of whom are professional pentesters/redteamers, with the latter guy working for Rapid7 now.

I’ll add some links to useful OSCP resources to this post later.

EDIT:

OSCP Reborn - 2023 Exam Preparation Guide

Revamped OSCP guide, tailored to be relevant for the latest revision of the OSCP which includes Active Directory exploitation.

johnjhacking.com

What is ired.team notes? | Red Team Notes

These are notes about all things focusing on, but not limited to, red teaming and offensive security.

www.ired.team

GTFOBins

gtfobins.github.io

README | Pentester's Promiscuous Notebook

ppn.snovvcrash.rocks

malachi · 10 Jan 2023 at 08:51

Moley said:
I work in the IT security industry for a vendor and I speak with and deal with many Pentesters and Security managers regularly. My advice would be this - you won’t become a Pentester overnight but it sounds like you have the kind of fundamentals you’d need to get started.

CEH isn’t really that respected as a cert anymore - a lot to do with the providers of the cert being shady.

OSCP is what you want to be aiming for and to start your journey I would suggest a TryHackMe subscription - it will get you started on the fundamental training you need and test you with CTF boxes. You can switch to HackTheBox or Offensive Security’s Proving Grounds after THM starts to become too easy.

There are a number of streamers on twitch who do walkthroughs and are well worth watching to get an understanding of how to go about cracking these boxes - I follow 0xTiberius and Alh4zred on twitch - both of whom are professional pentesters/redteamers, with the latter guy working for Rapid7 now.

I’ll add some links to useful OSCP resources to this post later.

This is good to know.

What was your path getting into IT Security? I'm trying to break through myself but into the blue team side.

Moley · 10 Jan 2023 at 10:46

malachi said:
This is good to know.

What was your path getting into IT Security? I'm trying to break through myself but into the blue team side.

I’ve been in IT for 35 years. I wrote my own AntiVirus for MS-Dos in the 1990s. That was my start in security. I’ve worked in security and infrastructure ever since - most of my time has been working for software companies. I’m now in marketing.

malachi · 10 Jan 2023 at 10:50

Moley said:
I’ve been in IT for 35 years. I wrote my own AntiVirus for MS-Dos in the 1990s. That was my start in security. I’ve worked in security and infrastructure ever since - most of my time has been working for software companies. I’m now in marketing.

Ah ok. I guess it helps when you have coding experience too

I didnt move off Basic back in the 90's

Recently started looking at Python as it seems to be the go to now for Cloud and Security. Unless its Azure where they mostly push Powershell.

Banzai_Joe · 10 Jan 2023 at 10:54

I have no real coding experience to speak of.