Home page logo

pen-test logo Penetration Testing mailing list archives

Re: career advice
From: "Dr. Lizzz" <dr.lizzz () gmail com>
Date: Wed, 23 Nov 2011 10:13:05 -0800

On Wed, Nov 23, 2011 at 6:17 AM, Enis Sahin <enis.c.sahin () gmail com> wrote:
There are great replies posted but I just wanted to share my thoughts
about programming skills and hacking/pentesting in short.

Being able to read code and understand it is essential just like
everybody said. Being able to write code is a little different in my
opinion. I was getting things done without writing my own code and
tools/scripts developed by others was satisfying my needs for some
time. It's only after I had some years of experience I had a better
attacker mind set and wanted/needed to utilize more elaborate
strategies, then the free tools started falling short of satisfying my

I find it analogous to playing a musical instrument. When your
understanding and ideas of music exceeds a certain threshold you stop
playing cover songs and start innovating :)


People who can read code can write code.  Maybe not fast, maybe
not optimally, but reading and understanding code implies that you
know all the syntax and semantics you will encounter.  If you don't
know what you don't know, you don't know what you do know. It
strikes me that if people really understood what they were writing
half the time, the net would be a much safer place.

I'd suggest the original poster stick with network security, or
see what interviewing turns up. No sense in learning something
that you won't need unless you feel driven in that direction.


This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]