1. Web penetration testers have a certain development background (know how to code)

It is impossible for a company to hire a person who does not know how to write code as a penetration tester. The company’s Web penetration testers should be developers first, and on this basis should they consider mastering the skills of Web vulnerability scanners. The benefits are in five aspects:

· Understand the vulnerabilities and vulnerabilities of the web applications developed Defects;

· Know how to protect the security of the application, how to patch it, how to test it;

· You can enable evaluators to develop their own security tools;

· Compared with those who do not have any development experience, if properly trained, developers are more likely to adapt to the task of testing Web applications.

· A simple script can be used to write verification code to verify the authenticity of published vulnerabilities.

If a web penetration tester doesn’t even know how to code in html, or has never worked as a programmer before, will the company dare to ask him to do static code testing?

2. Understand the Open Web Application Security Project (OWASP)

Web penetration testing engineers should be familiar with the TOP 10 of the Open Web Application Security Project, which is the most important document of OWASP, because it is the most important document of OWASP. The testers convey the most important security awareness of the web application.

OWASP’s TOP 10 covers the details of some of the most serious Web application vulnerabilities, including SQL injection, invalid authentication and session management, cross-site scripting attacks, insecure direct object references, and security Misconfiguration, exposure of sensitive data, lack of function-level access control, use of vulnerable components, unverified redirection and forwarding.

If a penetration tester can deeply understand and comment on OWASP's TOP 10, and even be able to demonstrate these attacks in his own laboratory or machine, he is good enough for this job.

In addition to the above-mentioned projects, if the penetration tester is also familiar with some projects initiated by OWASP, such as Mutilidae, or has built an OWASP web application project with security issues, he is a enthusiastic one who has the enthusiasm for attacking web applications. Real lovers.

3. Participated in the vulnerability bonus project

What is the vulnerability bonus project? It is a program initiated by a company to reward hackers: hackers must be able to use the application provided by the company Find security vulnerabilities and report the vulnerabilities through a reliable method of disclosure.

If the person applying for an engineer was a vulnerability bonus hunter (hacker), he must have encountered and reported unusual vulnerabilities other than SQL injection, cross-site scripting, and RCE. This proves that the hacker was able to find some important vulnerabilities in the company's applications.

If the applicant’s name has ever appeared on the website of a company that provides vulnerability bonus projects, such as Google, Microsoft, Twitter, Facebook, etc., especially if he has reported vulnerabilities in Firefox, IE, and Chrome. Bonus, then, the applicant is an outstanding penetration test engineer.

4. Exploit programs have been published in Exploit-DB, Packet Storm or other vulnerability databases

Vulnerability exploit developers, vulnerability researchers, vulnerability hunters, etc. are often exposed Have experienced security vulnerabilities in open source software and enterprise products. It is especially worth noting that if these people have ever obtained CVE (Common Vulnerabilities and Disclosure) ID or OSVD (Open Source Vulnerability Database) ID, they will be very good applicants. .

These applicants can easily copy, repair, and deal with the vulnerabilities discovered by the security scanner. Since these people are also security-savvy developers, it is very easy for them to develop verification code for specific vulnerabilities.

Most of these applicants are skilled reverse engineers and static code auditors, so unless they are not motivated, they will be excellent choices. Of course, if they have contributed exploit modules and auxiliary modules to Metasploit Framework, it will be even more icing on the cake.

5. Curiosity and enthusiasm for security (or hacker thought)

The company cannot hire people who only theoretically know the OWASP method, nor should it be read through security Document while hiring someone. A real Web penetration tester must also understand how to think from the outside and use or test this method. For example, he can build his own security laboratory, so he can practice the methods he has learned and attack his own vulnerable Web. application.

A good web penetration test engineer should think like a hacker, because a hacker is a person full of curiosity and constant innovation. For companies, is it better to hire a security expert who is always willing and willing to learn, or is it better to hire a person who has many security certificates and has a lot of knowledge in the field but has not applied what he has learned to practice?

It must be admitted that certificates do not create hackers. Hackers are innovative and passionate, but this does not mean that security certificates are not valuable.

6. Proficient in UNIX or GNU/Linux

Although most corporate web application vulnerability scanners (such as IBM’s Security Appscan) run on Windows, there are still many free The open source Linux tools can be used for web penetration testing and auditing.

Proficient in GNU/Linux and UNIX can give penetration testers an advantage over Windows users, because users who are proficient in Linux can more easily use Linux distributions with penetration testing tools such as Kali Linux and Backbox Linux. Version. If the person applying for a penetration testing job has a Linux and UNIX background, then using command-line tools is not a problem.

It is especially worth noting that most websites are managed by GNU/Linux servers with good stability and reasonable TCO (total cost of ownership).

7. Safety certificate is still a bonus item

Passing a certain safety certification exam (such as CEH, ECSA, CEH, CISSP) is itself an investment. Users invest their time in ethical hacking and penetration testing. Participating in a certain safety certification exam training can enable users to obtain, read, learn, and practice various high-quality resources.

Passing a certain certification does not guarantee that someone is already a hacker, but it is a good start and foundation.

When hiring web security testing engineers, passing security certification is not necessary, because web security penetration testing still relies on the applicant’s web security and security testing skills. The three-pronged approach of knowledge, skills, and certification is ultimately a powerful proof.

8. Participated in security conferences or local hacking activities

Spent a lot of time to participate in hacking conferences (such as DEFCON, black hat, ROOTCON) may prove that people who apply to become Web penetration test engineers Passion for security and hacker culture. The hacking conference has many topics and competitions, in which a lot of information and new information will be revealed to the participants.

The process of becoming a networker isn’t considered for the faint-hearted. It requires lots of hard work and nice and trustworthy CEH 312 50 Exam Dumps, like that offered at the ITCertDumps, to clear this grueling exam.


Leave a comment