The Pentester Blueprint: Starting a Career as an Ethical Hacker
內容描述
The Pentester Blueprint guides readers on how to prepare and enter the cybersecurity filed as a penetration tester aka ethical hacker or white hat hacker. While there are a lot of books about technical tools for penetration testing, The Pentester Blueprint describes the role of a penetration tester, what a pentest entails, and the prerequisite knowledge required to start the educational journey of a pentester. The book goes on to detail learning resources and industry certifications that are helpful in becoming a pentester. The Pentester Blueprint evolved from the author's frequent popular presentations on the same topic at many conferences. Coverage includes: Foundation - Discuss the foundational perquisite knowledge needed to become a pentester. Discuss the IT basic skills such as operating systems, networking and security needed to be a pentester. Hacking skills - Discuss developing hacking skills and the hacker mindset. Education options - Discuss learning options such as college classes, security training providers and self-study. Education resources - Discuss education resources including; books, videos, conferences and community. Certifications and degrees - Discuss credentials useful for gaining employment as a pentester including; degrees and certificates. Getting Experience - Discuss methods for developing hacking/pentesting skills such as labs (third party and home), CTFs, bug bounties, pro bono/volunteer work. Developing a plan - Discuss how to assess current skillset and knowledge to find a starting place and the perform a gap analysis to develop a learning plan. Discuss goal setting and educational milestones to track progress. Getting employed as a pentester - Discuss how to find a job as a pentester through networking, social media and community evolvement.
作者介紹
PHILLIP L. WYLIE has over two decades of experience working in IT and information security. In addition to working as a penetration tester he has founded and runs The Pwn School Project, teaching ethical hacking. He holds the CISSP, OSCP, and GWAPT certifications. He is a highly sought-after public speaker who frequently presents at conferences about pentesting. He was interviewed for the Tribe of Hackers Red Team book. KIM CRAWLEY is dedicated to researching and writing about a plethora of cybersecurity issues. Some of the companies Kim has worked for over the years include Sophos, AT&T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. All matters red team, blue team, and purple team fascinate her. But she's especially fascinated by malware, social engineering, and advanced persistent threats. Kim's extracurricular activities include running an online cybersecurity event called DisInfoSec, and autistic self-advocacy.