DEV Community

Cover image for How to become a Pentester
Kiran Sethumadhavan
Kiran Sethumadhavan

Posted on

How to become a Pentester

๐™’๐™๐™–๐™ฉ ๐™ž๐™จ ๐™– ๐™ฅ๐™š๐™ฃ๐™ฉ๐™š๐™จ๐™ฉ๐™š๐™ง

โ€œA Pentester is someone who helps a business test their security posture through a structured attack simulation with a predefined and agreed scope, this is referred to as a penetration test. They help businesses see their vulnerabilities from an attackerโ€™s perspective to highlight the impact of successful exploitation, they will also provide the necessary remediation to mitigate those vulnerabilities."

๐™’๐™๐™–๐™ฉ ๐™–๐™ง๐™š ๐™ฉ๐™๐™š ๐™จ๐™ ๐™ž๐™ก๐™ก๐™จ ๐™ง๐™š๐™ฆ๐™ช๐™ž๐™ง๐™š๐™™?

  • Solid understanding of all IT fundamentals (Networking Included).
  • In depth Knowledge of administering Windows, MacOS and Linux operating systems.
  • Basic understanding of Web servers and their technologies
  • Basic understanding of Database servers and their technologies
  • Basic understanding of Application development
  • Basic understanding of Mobile Application development
  • Expert in Report writing

๐™’๐™๐™ฎ ๐™–๐™ง๐™š ๐™ฉ๐™๐™š๐™จ๐™š ๐™จ๐™ ๐™ž๐™ก๐™ก๐™จ ๐™ง๐™š๐™ฆ๐™ช๐™ž๐™ง๐™š๐™™?

Penetration testing mainly involves identifying vulnerabilities. Attempting to exploit some of them to demonstrate potential impact may be possible depending on the project. You will also need to portray them in a non-technical way to stakeholders and then make recommendations on fixes. To do this accurately and quickly, in-depth knowledge of as much as possible is required. Where knowledge doesn't exist, a penetration tester can acquire it quickly and efficiently. Penetration testing is a vital part of an organisational security plan, however, the output needs to be aligned with business needs. Being able to understand this need and scope it appropriately can have a drastic effect on the career progression of a penetration tester. When studying ensure you have a firm grasp on all of the concepts and invest time in learning how you, as an individual, absorb information quickly.

๐—ฅ๐—ฒ๐—ฐ๐—ผ๐—บ๐—บ๐—ฒ๐—ป๐—ฑ๐—ฒ๐—ฑ ๐˜๐—ฟ๐—ฎ๐—ถ๐—ป๐—ถ๐—ป๐—ด

๐™„๐™ ๐™๐™ช๐™ฃ๐™™๐™š๐™ข๐™š๐™ฃ๐™ฉ๐™–๐™ก๐™จ

CISCO Netacad
Professor Messer -

๐™„๐™ฃ๐™ฉ๐™ง๐™ค๐™™๐™ช๐™˜๐™ฉ๐™ž๐™ค๐™ฃ ๐™ฉ๐™ค ๐™ฅ๐™š๐™ฃ๐™ฉ๐™š๐™จ๐™ฉ๐™ž๐™ฃ๐™œ - The eJPT free course, overall best foundation cert in the field.

๐™‹๐™š๐™ฃ๐™ฉ๐™š๐™จ๐™ฉ๐™ž๐™ฃ๐™œ ๐™‹๐™ง๐™–๐™˜๐™ฉ๐™ž๐™˜๐™–๐™ก ๐™ฉ๐™ง๐™–๐™ž๐™ฃ๐™ž๐™ฃ๐™œ

TCM Academy -
TryHackMe -
HackThebox -
Virtual Hacking Labs -
OSCP Prep -

๐™’๐™š๐™— ๐˜ผ๐™ฅ๐™ฅ๐™ก๐™ž๐™˜๐™–๐™ฉ๐™ž๐™ค๐™ฃ ๐™‹๐™š๐™ฃ๐™ฉ๐™š๐™จ๐™ฉ๐™ž๐™ฃ๐™œ

Portswigger Web security academy -

๐—”๐—ฑ๐—ฑ๐—ถ๐˜๐—ถ๐—ผ๐—ป๐—ฎ๐—น ๐—œ๐—ป๐—ณ๐—ผ๐—ฟ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป

Public Pentest Reports -

Ask Cyber Security related question on

Join my telegram Group to know about latest Ethical hacking news and tools more than 270 members I have big plans for you
Join Now

Top comments (1)

obaino82 profile image

Thanks for sharing