Penetration Testing - Hacking

Pho3nix

Pho3nix

The Legend
Joined
Jul 31, 2009
Messages
32,827
Reaction score
3,033
Location
On the toilet
Hi all,

There was an interesting post in Off-Topic a couple days ago about this topic and I was curious if in SA there was any demand for developers with this kind of experience or if you have to move over-seas to actually work in this space.
I know of 1 bank that uses penetration testing but it's once in a blue moon and only when something political is afoot.

Would really appreciate some advice on the subject matter :)
 
There are a couple of companies around that do pentesting. I worked at SensePost in Pretoria. It's a great company with very highly skilled people. We are also building a pentesting team at the CSIR (also in Pretoria), so if you are interested in discussing it further, feel free to PM me. :)

The work is challenging, but also a lot of fun... especially when you rip your target a new one. ;) If you are skilled and/or bright enough, you shouldn't struggle getting into that space.

You mentioned "developers with this kind of experience"; it turns out not all pentesters started out as devs, and in fact there are pro's and cons to moving from development into pentesting. On the pro side, dev experience allows you to make more accurate educated guesses about your target and what they could have potentially done wrong. On the other hand devs generally lack the absolute ferociousness that allows a seasoned pentester to get root (or SYSTEM) within a couple of minutes. That is not to say that it's impossible, it just takes a bit longer - I went from dev to pentester myself.
 
I was at the PHP South Africa conference in Cape Town a while ago, held at the Liquorice offices.

Their head of development (sorry, can't recall his name right now) had an in-depth talk about penetration testing - you might want to get in touch with him?
 
Pho3nix said:
Hi all,

There was an interesting post in Off-Topic a couple days ago about this topic and I was curious if in SA there was any demand for developers with this kind of experience or if you have to move over-seas to actually work in this space.
I know of 1 bank that uses penetration testing but it's once in a blue moon and only when something political is afoot.

Would really appreciate some advice on the subject matter :)
Click to expand...

There is a huge demand. I was at Cybercon Africa conference and they are definitely looking for people. Are you looking for training or a position in the industry?
 
Nefertiti said:
There is a huge demand. I was at Cybercon Africa conference and they are definitely looking for people. Are you looking for training or a position in the industry?
Click to expand...

Both actually. Sorting out my registration with SensePost for some training in February next year :D
Any info you have would be greatly appreciated. PM me if possible.
OOC: Glad to see you back on the forum Nefertiti :)
 
Pho3nix said:
Both actually. Sorting out my registration with SensePost for some training in February next year :D
Any info you have would be greatly appreciated. PM me if possible.
OOC: Glad to see you back on the forum Nefertiti :)
Click to expand...

life gets a bit busy sometimes ;) I dont know of specific opportunities, but I know the RSA guys that form part of the EMC group is looking for people. The list of sponsors for the conference can be found at http://cyberconafrica.org/sponsors/. Maybe a good place to start? Not sure which other info you are looking for? I just started going down this rabbit hole :D and its more to protect my systems.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X