WP Ethical Hacking and Penetration Testing. Where to Begin. | Imperva

Ethical Hacking and Penetration Testing. Where to Begin.

Ethical Hacking and Penetration Testing. Where to Begin.

Looking at the employment landscape, it’s clear that prospects for landing cybersecurity positions are excellent and on the rise, but what about the commercial viability of that “grey side-gig”, ethical hacking and penetration testing? While the notion of “being bad to help the good people” is undoubtedly lucrative and very cool, where can we begin to find such a role? What skillset do you need to cultivate to gather the knowledge required to earn one of the most sought-after positions in cybersecurity?

A penetration tester, or pentester, routinely conducts authorized vulnerability assessment and audit tests on computer systems. This is done in the context of exposing weaknesses in organizational cybersecurity that might be exploited by bad actors in the future. Often specializing in particular systems, like on-prem networks or hybrid environments, pentesters might hold in-house and permanent positions in organizations as part of IT or cybersecurity red teams, they may be freelancers, or they may work for specialized agencies that offer this service to business clients.

A white hat or ethical hacker is an almost identical role to pentester but is a broader and more umbrella term. It is often used to describe lone cybersecurity professionals who are more specialized in bug bounties (where individuals can receive compensation and recognition for reporting exploitable vulnerabilities) and more independent (but legal) work. An ethical hacker reports the identified vulnerabilities to the organization (as opposed to exploiting them), often provides remediation advice, and with the organization’s consent, may re-test networks and systems to be sure any found vulnerabilities have been fully resolved.

In summing up these very similar job titles, Penetration Tester might be how you describe yourself on LinkedIn. Ethical/White Hat Hacker is probably how you’d describe yourself on hackforums.net, and may imply a more ronin attitude (but with the same ethical goals).

What do you need to know already?

The prerequisite knowledge you’ll need to become a pentester or ethical hacker is a solid grounding in security systems and information technology. These are fast-paced and exciting jobs – perfect if you have an interest in IT, cybersecurity, and problem-solving. They can be rewarding, but they do need a certain mindset to stay one step ahead of the issues, vulnerabilities, and bad actors out there.

A strong grasp across the following disciplines is recommended to support your initial steps into pen testing and ethical hacking. Time served in IT support, IT security, or in a junior capacity in a cybersecurity team is a great foot in the door:

  • Windows, MacOS, and Linux operating environments.
  • Application and network security – securing assets and scanning traffic at the network and application level.
  • Technical documentation creation – such as writing instructional illustrations for users, writing product and API documentation, guides, and tutorials.
  • Programming languages – notably those used for scripting, such as Python, Perl, Java, PHP, Bash, Powershell, Golang, or Ruby.
  • Threat modeling – identifying structural vulnerabilities or missing security safeguards.
  • Security assessment tools – such as WireShark, Nmap, Metasploit, and our own Imperva Scuba or Imperva Snapshot.
  • Cryptography – ensuring confidentiality, integrity, availability of data, and general secure communications.
  • Cloud architecture – a strong understanding and appreciation of the way components combine to build and access a cloud environment.
  • Remote access technologies – knowing the ins and outs of VPNs, PAM/VPAM or desktop sharing. Some port-security knowledge would be helpful here, too.
  • Familiarization with general best security practices – from the use of multi-factor authentication and password managers to anti-spear phishing tactics and general colleague training. Accustomization with firewalls, IPS/IDS systems, communications protocols, virtual environments, data encryption, etc., is obviously important.

Knowing which of these skills you have already, and which you’ll need to address to get yourself a firm foundation for further development, is a great first step on the ladder to the career you want – Ethical Hacker, Penetration Tester, and all ‘round white-hatted digital hero.

Developing your cybersecurity skills

Once you have the basics, where do you go from there? If you work in-house then volunteering for red hat exercises or software and security audits is a good way to broaden your skillset.

Expanding your knowledge of the main pen testing management platforms is a distinct advantage, such as Nmap, Wireshark, Kali Linux, John the Ripper, Nessus, Burp Suite, or OWASP ZAP Proxy.

There are lots of great courses out there that you might want to consider, including college and university classes, getting involved in volunteer work, security training providers, and self-study. The web, both traditional and dark, is awash with forums and networks specializing in hacker news, white hat training, and the latest cybersec info. Eventually, you will have to become a part of the hacking community to be aware of new exploits, workarounds, and vulnerabilities, so dipping your toe into this world now will do no harm and will broaden your horizons.

Sites to check out might be Hack the Box, VulnHub, TryHackMe, Cohackers, LetsDefend, PENTESTON, or HackThisSite. For more formal qualifications and the sort of thing you might be able to get your employers to pay for IBM offer professional certification via their Cybersecurity Analyst Professional Certificate, which may be worth considering, as may the Open University BSc (Honours) Cyber Security. Local institutions may offer cybersecurity degrees and general qualifications, but these won’t be as specialized in ethical hacking or pen testing as most of the independent links above.

Finding pen testing work in a busy market

Once you have the relevant qualifications, how do you get work and experience in pen testing/ethical hacking?

If you choose to look towards agencies for assistance don’t go to a general employment agency. Instead, use a specialized IT recruitment company that will have a better understanding of the role of a pentester. This is not, however, a common first approach, and there are other ways into the market.

There are several specialist job boards for roles in cybersecurity, such as Dice or CyberSecJobs.com. Sites like UpWork and Fiver have pen testing categories, and advertising your services in places like this may be worth considering.

If you are looking for potential bug-bounty opportunities, there is an excellent and up-to-date list, care of the Bug Bounty Programme.

Demand for cybersecurity professionals is going to be high and continue to grow for the foreseeable future. There is a current shortage of infosec professionals in all disciplines, which is expected to continue for years to come. If you are thinking about a career in the valuable and lucrative side-gig of ethical hacking and penetration testing, now may well be the perfect time to map out your course and take the plunge.