Results 1 to 2 of 2

Thread: Looking for advice from a professional pentester/ethical hacker

  1. #1
    Join Date
    Jul 2011

    Looking for advice from a professional pentester/ethical hacker

    Hello everyone...

    I'm hoping there's a few professionals lurking about the place. I'm in need of some advice. Without exhausting this thread with my background, I'm a fairly experienced, self-taught, programmer. Back in the 2000's I was able to work professionally programming company specific software and got my feet wet. I now work professionally as a PLC tech and my hobbies include embedded projects for fun.

    Having said that...

    I must live under a rock because I really had no idea there was such a position as 'ethical hacker'. I started looking into it and took a couple of online courses to sort of get a understanding of what the job is and learned all the basic 'attacks'. It left me scratching my head though. The classes I've taken thus far have left me with the feeling I've taken more of a 'intro to photoshop' class than a hacking class. The classes seemed like I was learning to step on the shoulders of another's effort than learning to actually become so adept that I myself could find and exploit a weakness.

    Then I stumbled across the derogatory term 'script kiddie'. That term very much described the path I was taking. I was learning the defined action of the attacks, but still know very little as to what is actually being done other than some very rudimentary condensed description from the teachers.

    Then while browsing other forums and comments, it seems like these tools are what professional pentesters are using. Software like Nexpose seem very powerful for discovering vulnerabilities in a network. So again, I feel like I'm not quite sure where to go on from here... but I have a couple ideas.

    I decided to (attempt) to learn Lisp and further, micro lisp on an esp32. I've taken an assembly language course that really helped in understanding what's going on at the hardware level. Lisp seemed like a great next step language for rapidly building testing software for discovering a vulnerability. As cryptic as it seems to me still, I really like how the REPL works in Emacs and how quickly code becomes action. My thought is that there would be a great advantage to working with a smaller microcontroller and push lisp through it. My hope is that by moving code through hardware and further dissecting and understanding network traffic, I'll understand hacking better in general. It's merely speculative and maybe not the best decision and that's why I've come to bug those who know better. I'm looking for a solid self-learning path. I'm happy in my career and really just want to add this to my portfolio. Any advice would be very much appreciated.

  2. #2
    Join Date
    Feb 2008
    Ubuntu 20.04 Focal Fossa

    Re: Looking for advice from a professional pentester/ethical hacker

    We do not allow the discussion of any form of hacking or cracking on the forum because even though you may have good intentions which I do not doubt your thread will be viewable by anyone with an internet connection that may not have honorable intentions as you do.

    From the forum rules:
    Cracking: Requests for help about any form of password or encryption "cracking" are not supported. Even though there are packages such as aircrack in the repositories, discussions about cracking or software related to cracking often lead to discussions about illegal activities. Such threads will be closed.

    Thread closed!
    Last edited by wildmanne39; August 9th, 2020 at 05:13 PM.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts