What are the required skills to be a Web Application Pentester?
#1
I want to change career from a PHP programmer into web application pentester.

So I tried applying for a job and sadly they declined me because I don't know how to use kali linux. Honestly, I havent used any tools before but I knew how to do SQLi and XSS.
I also knew the concept about LFI and RFI.

My goal is to get a job as web app pentester or to be a full pledge bounty hunter. 

Would you guys help me on what to study and skills I need to develop?

As of now I'm reading Web Application Hackers Hand book 2nd Edition

Thank you so much!
Reply
#2
That's a very broad question with a very broad answer. Generally to become a penetration tester your employer will probably demand that you show some kind of cerification. Such as CET (Certified Ethical Hacker), CPT (Certified Penetration Tester) or any of the other known certifications. Consider applying to a course such as these, not only will you learn but you will also get one of these certifications.

But now obviously you can be self-taught yourself too, but that won't realy earn you a certificate. I can't exactly tell you how you make this path as there's so many different areas in hacking. But if you're looking for a web-application oriented security approach, check out OWASP top 10 vulnerabilities. Learn about these vulnerabilities and how to use them, there's lots of resources available for research.
Reply
#3
(05-12-2016, 02:14 PM)Insider Wrote: That's a very broad question with a very broad answer. Generally to become a penetration tester your employer will probably demand that you show some kind of cerification. Such as CET (Certified Ethical Hacker), CPT (Certified Penetration Tester) or any of the other known certifications. Consider applying to a course such as these, not only will you learn but you will also get one of these certifications.


I can't speak for every where... but here the industry standard seems to have become the Offensive Security Certs. CEH is more of a joke. the A+ of hacking certs.

(05-12-2016, 06:50 AM)Freerunning Wrote: I want to change career from a PHP programmer into web application pentester.

So I tried applying for a job and sadly they declined me because I don't know how to use kali linux. Honestly, I havent used any tools before but I knew how to do SQLi and XSS.
I also knew the concept about LFI and RFI.

My goal is to get a job as web app pentester or to be a full pledge bounty hunter. 

Would you guys help me on what to study and skills I need to develop?

As of now I'm reading Web Application Hackers Hand book 2nd Edition

Thank you so much!

Kali is an operating system. Shouldn't really matter what operating system you use. They may want/expect you to know how to use many of the tools kali includes, or at least understand how they operate.

I've got kali in a VM... but thats mainly because it has pretty much everything. more apps than i'll ever use. every now and then i'll come across something im not prepared for, so ill boot into kali cause it will have the tool i need... but i much prefer either coding my own, or using tools im familiar with in an environment i am more accustomed to.

As for what to learn... web application hacking is a complex field. Obviously you need to know how to code in the underlying languages. be it PHP, Python, Ruby, JavaScript, SQL... etc. Then you need to know what insecure coding practices are. how code is sanitized, how some code often isn't. This leads to things like XSS, LFI, RFI, SQLi, etc.

but then on top of that you should have an in depth understanding of the underlying technologies. Whats the web server running? Apache? lighttpd? nginx? how is PHP run? compiled as a module? cgi? what differences does that make. How is the web server configured, how is the programming language configured, what DBMS is being used and how is it configured. what security concerns may exist in any of those configurations. are there any control panels like plesk or cpanel running? what implication does that have? how are web application firewalls installed and configured? how about if you do find a vulnerable application? are you able to leverage that? lets say you upload a PHP shell. or even LFI? do you know anything about the operating system? do you know where the files you want are stored? how about user access/file permissions?

This is all crap off the top of my head if you want to be a pro web hacker/pen tester. i'm sure ive forgotten some shit. a lot in fact. im still thinking of shit i left out. but being able to spot weakness comes from understanding all the angles and how they all inter connect. any 10 year old can load up kali and sqlmap and hack a vulnerable web application. it takes a real knowledge and experience to hack relatively secure shit. and that type of knowledge /experience is valuable to businesses/companies.
Reply
#4
(05-12-2016, 03:04 PM)MuddyBucket Wrote: I can't speak for every where... but here the industry standard seems to have become the Offensive Security Certs. CEH is more of a joke. the A+ of hacking certs.

Haha yeah I won't deny that, it was just a quick example I came up with. Thinking about it, this is a bad example.
Reply
#5
Thank you so much sir for the great tip. I'll start from OWASP now. I cant afford certifications.
Reply
#6
(05-12-2016, 06:50 AM)Freerunning Wrote: I want to change career from a PHP programmer into web application pentester.

So I tried applying for a job and sadly they declined me because I don't know how to use kali linux.

You might want to install Kali, and go over the tools they have in there.
it will help you understand what tools you can use.
note, a lot of them kinda do the same thing, but can produce different results

But i would reconsider applying for the same job, as they think that if you can work with Kali, that you can pen-test.
Or you have an easy job where they only require you to run some tools in Kali against their website, It might help you improve your skills over time, and you build up experience in the job role.
It also might be an option to see if your current employer is willingly to let you do courses.

Like Muddybucket said, you need to understand the code to really pen-test a application.

I dont believe any certificate will prove your pen-testing/hacking skills. The only way to learn is by doing and learning from your mistakes.
Reply
#7
certs are not so good in this field. only a few ones are ok like gwapt. you can also try offsec oscp and they have some good ideas on web app pentesting.

you can also find a lot of vulnerable machines like vulnhub.

gl
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  would this be a good way to start web hacking? QMark 19 9,089 04-04-2020, 06:28 AM
Last Post: QMark
  Best books for web zebisnaga 8 6,773 09-22-2018, 08:28 PM
Last Post: QMark
  good way to learn the fundamentals before the skills QMark 14 12,329 08-30-2018, 12:24 AM
Last Post: QMark
  Web Application Hacking 101-level resources hworth 1 4,950 08-12-2018, 08:57 PM
Last Post: Insider