Penetration testing studies

Herr der Verboten

Herr der Verboten

Honorary Master
Joined
Feb 14, 2012
Messages
29,249
Reaction score
18,871
Location
Pretoria
Do we still have just that one place at Menlyn or is it just better do these courses online?

Was thinking of a bit of asm backwards engineering, so cracking mixed with penetration testing. This would just be something part time for now...
 
Starting with reverse-engineering on ASM level is pretty intense. For a wider approach to becoming a pentester, I would suggest starting with BurpSuites Web Security Academy then do their new certificate. It cheap, and the training material is good.

portswigger.net

Burp Suite Certified Practitioner | Web Security Academy - PortSwigger

Become a Burp Suite Certified Practitioner to demonstrate and prove your web security testing skills.
portswigger.net portswigger.net

After that I would probably, start looking at OSCP: https://www.offensive-security.com/pwk-oscp/

If you really want to go into binary reverse engineering, that a very niche field and there isn't a well established progression path that I am aware of. There is a lot of CrackMe CTFs that should help a lot. The OG exploit development tutorials are still great: https://www.fuzzysecurity.com/tutorials/expDev/1.html

If the "one place at Menlyn" is SensePost that you are referring to... Their training is pretty good from a corporate training perspective or rapid skill-up. Don't think it well suited for someone hoping to progress part time.
 
SLAQ said:
Starting with reverse-engineering on ASM level is pretty intense. For a wider approach to becoming a pentester, I would suggest starting with BurpSuites Web Security Academy then do their new certificate. It cheap, and the training material is good.

portswigger.net

Burp Suite Certified Practitioner | Web Security Academy - PortSwigger

Become a Burp Suite Certified Practitioner to demonstrate and prove your web security testing skills.
portswigger.net portswigger.net

After that I would probably, start looking at OSCP: https://www.offensive-security.com/pwk-oscp/

If you really want to go into binary reverse engineering, that a very niche field and there isn't a well established progression path that I am aware of. There is a lot of CrackMe CTFs that should help a lot. The OG exploit development tutorials are still great: https://www.fuzzysecurity.com/tutorials/expDev/1.html

If the "one place at Menlyn" is SensePost that you are referring to... Their training is pretty good from a corporate training perspective or rapid skill-up. Don't think it well suited for someone hoping to progress part time.
Click to expand...
thanks
 
Herr der Verboten said:
Do we still have just that one place at Menlyn or is it just better do these courses online?

Was thinking of a bit of asm backwards engineering, so cracking mixed with penetration testing. This would just be something part time for now...
Click to expand...

Honestly pen testing changed my life and I would go for it. Doing it part time is going to be a challenge and you kinda need to throw 100's-1000's of hours at it to be any good at it. I did it part time and was doing 3-4 hours mon-fri and 8+ hours on the weekend for 3 months and decided to buy another month because I wasn't ready yet.

That final exam is crazy 24hours long and it took me 22hours

After that you have to keep at it because it is your job plus you need to make it your hobby. You are also hired at big corps who require online security so this is a high pressure job, which is weird because many of the people who do it aren't exactly corporate types but it means the salary is great.

One more benefit once you have it you are in the top 5 jobs to move overseas in just about every country worldwide.

Redirecting to INE

www.pentesteracademy.com
www.offensive-security.com

Get your OSCP+ certification with PEN-200 | OffSec

PEN-200 is OffSec's foundational pentesting course-- learn and practice the latest techniques. Earn your penetration testing certification (OSCP & OSCP+).
www.offensive-security.com www.offensive-security.com
 
Hi OP
Just some options to add to all the good info already mentioned.
PNPT is a cert and has associated academy too that is very cost effective(search for TCM-Security PNPT), you can also check out thecybermentor youtube channel, the "zero to hero" is very good and free :) , but the rest of the content is really good.
If you just want to learn by examples, perhaps you might like to join one of the websites with practical gamified learning : tryhackme or hackthebox websites (they have a free option and both are brilliant).
Just adding extra options, Obviously all the above mentioned cyber security training is also very good.
Check out the hacksouth.africa site and discord, great group of people there.
Hope that may add some extra info that may help.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X