Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: career advice
From: Enis Sahin <enis.c.sahin () gmail com>
Date: Wed, 23 Nov 2011 16:45:40 +0200

I don't regard writing your own scripts or tools for a pentest as
being a destructive skill but I guess it's a matter of point of view
:)

I hope I was able to get my point across about the need to create your
own thing as you know more, do more and have ideas that you have to
address yourself.

Enis


On 23 November 2011 16:29, James W. Meritt <jwmeritt () aol com> wrote:
The skill to destroy a building (demolition) is not the same as the skill to
construct a building.

James W. Meritt
CISSP, CISA, NSA IAM, PMP


-----Original Message-----
From: Enis Sahin <enis.c.sahin () gmail com>
To: Nathalie Vaiser <nvaiser () gmail com>
Cc: pen-test <pen-test () securityfocus com>
Sent: Wed, Nov 23, 2011 4:21 am
Subject: Re: career advice

There are great replies posted but I just wanted to share my thoughts
about programming skills and hacking/pentesting in short.
Being able to read code and understand it is essential just like
everybody said. Being able to write code is a little different in my
opinion. I was getting things done without writing my own code and
tools/scripts developed by others was satisfying my needs for some
time. It's only after I had some years of experience I had a better
attacker mind set and wanted/needed to utilize more elaborate
strategies, then the free tools started falling short of satisfying my
needs.
I find it analogous to playing a musical instrument. When your
understanding and ideas of music exceeds a certain threshold you stop
playing cover songs and start innovating :)
Enis
On 23 November 2011 06:11, Nathalie Vaiser <nvaiser () gmail com> wrote:

I wanted to thank everyone who responded to my question.

I wasn't expecting so many replies (and quality responses).  You have
all been extremely helpful and given me a lot to think about and
useful resources to look into.

I'm proud to be a member of this great community.

Nathalie
CEH, MCP, MCTS, Linux+

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical
examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

--
http://www.enissahin.com | http://twitter.com/enis_sahin
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually
do
a proper penetration test. IACRB CPT and CEPT certs require a full practical
examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------




-- 
http://www.enissahin.com | http://twitter.com/enis_sahin

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault