How To Become A Penetration Tester

Let’s Ask The Experts!

I started this site way back in 2007 which makes it old by Internet Standards.

One of the most common questions I’ve been asked over the years is: “How Do I Become An Ethical Hacker” or “How Do I Become A Penetration Tester” – so, I thought, rather than re-invent the wheel and regurgitate the same reply it would be better to ask existing Penetration Testers working in the field for their opinions and advice on how to get started in the Pentesting (Cybersecurity) Industry.

There’s no doubt: the job cybersecurity market is booming and it expected to grow from $75 billion in 2015 to $200 billion by 2024.

What About Coronavirus? Has That Screwed Things Up?

Not really. One area which is likely to increase (or “grow”) in light of the anticipated mass unemployment is Cybercrime so yes, I’d say that the demand will continue to grow for skilled Cybersecurity Professionals.

An InfoSec Career

A career in the industry can mean a very good salary, job security, and the potential for upward career growth. A Penetration Tester can be a fun and highly fulfilling role within Cyber but of course, like everything else in life, it can have challenges.

More than 210,000 cybersecurity jobs in the U.S. are unfilled, and cyber job postings are up 74 percent over the past five years, according to a 2019 study by the Bureau of Labor Statistics; but the question remains on “How To Get Started in Cybersecurity!”

In this post we ask current Professional Penetration Testers working in the field how they become professional hackers.

We really appreciate the time that the respondent took to write their answers.

What Will You Learn From This Resource?

In summary, you’ll learn a bunch of things from these experts, namely:

  • That you must be passionate;
  • You MUST learn hacking tools and how best to use them;
  • Certifications do help! CEH, CISSP, Security+, OSCP, C)PTE
  • ….And – a few Tips ‘n Tricks and how to get started

Justin Keller | C)PTE, ACMT, ACTC

Justin is a Certified Penetration Testing Engineer (CPTE), Apple Certified Technical Coordinator, Apple Certified Macintosh Technician, Hurricane Electric IPv6 Certified Sage.

How did you become a Penetration Tester?

I’ve always liked computers and learning. I was online, one day, and I started reading about the requirements, which include in depth knowledge of systems.

I decided I wanted to get that in depth knowledge and pen testing was the best way to apply it.

What advice would you give to someone interested in becoming a Penetration Tester?

Buy textbooks and read them. Buy certification guides, even if you don’t plan on taking the certification. The guides provide questions which you can use to gauge your understanding. Get training either online or in person from a trusted source. Finally, when ready, get certified. I recommend C)PTE, C)PTC, and CEH

Suleman Malik

Suleman Malik is a dedicated and resourceful computer professional with 9+ years of the extensive learning experience in Cyber Security, Penetration Testing, Security researching, recovering and maintaining a diverse range of hardware and software. He is based in Leeds and currently a full-time student studying Computer Forensic & Security. He is an I.T security professional and has a keen interest in Ethical hacking/Pen-Testing, social engineering, security researching and developing exploits.

How did you become a Penetration Tester?

Ethical computer hacking was my personal interest and I moved into this when I was 12 years old.

I have been doing this all since I was a kid. So, I started learning ethical hacking from the internet and learned a lot of information about it. I’m still learning [cybersecurity] in-depth. Ethical hacking is not an easy task if you don’t have the knowledge. If you are keen then you have to go into depth to understand its’ layers, networking and how two devices communicate with each other over the Internet and which protocols they use to transfer bit by bit from one device to another; and what are the security issues that are raised while the two devices are in connection.

You’ll learn to love it once you understand!

What advice would you give to someone interested in becoming a Penetration Tester?

To become a penetration tester you need to start from independent learning. I would suggest that you start your learning from web application pentesting. It will make you stronger to understand about the client-side and server-side attacks. You will also learn the common web apps vulnerabilities and how to exploit them. There are some pentest virtual machines that are available online and will help you to understand the vulnerabilities and how to exploit those vulnerabilities. The few popular VM machines are Metasploitable, Dojo web, Pentest Lab and Hack Labs. You can download them and start learning from these machines as they are made for beginners. You will find Top 10 Common Web Vulnerabilities from OWASP website. You will also find a lot of detail about bypassing restricted characters using OWASP cheat sheet, (which is managed by a previous Concise Courses Hacker Hotshot: Jim Manico.

So, it’s better to start learning how to hack from Web application pentesting and when you think you are proficient you should move into “Network Hacking” and other areas.

You’ll understand more if you have command over PHP, JAVA and HTML.

Nijat Taghiyev, OSCP

IT Security Specialist, Azerbaijan

How did you become a Penetration Tester?

I’ve started by reading some articles, books, forums, and taking a PWK course (Penetration Testing with Kali Linux).

What advice would you give to someone interested in becoming a Penetration Tester?

Practice, reading books, blogs

How did you become a Penetration Tester?

After years of dedication and showing my knowledge, I was able to land a job doing what I loved. It has to be a passion, it has to be something that you start in your spare time as a hobby. Nobody just becomes a penetration tester overnight. It was always a hobby until it became a satisfying career.

What advice would you give to someone interested in becoming a Penetration Tester?

Penetration testing is a hot market. Security, in general, is in demand, especially now more than ever. It is saturated however with a bunch of people who also want to a legit penetration tester. You really need to have a passion for it. You need to be able to put something on your resume/CV that stands you out from others.

This doesn’t mean a bachelor’s degree in computer science. It doesn’t mean a CISSP that you have. Do you have a security blog, are you active on any security forums, are you working on any projects on your own using GitHub or bitbucket, have you participated in any CTF’s?

Are you participating in your local hacker groups? You need to get yourself involved in the security community. You need to become a member of that community and surround yourself with people that have the same passion. With anything else, there will be times where you might step away, or want to give up but you have to keep on and put in the time. You will be rewarded someday for your passion.

This is an art. It is a skill. This takes time to learn, it can be a lifelong journey if you let it.

You should never stop learning, get well rounded and pick a subject of security that you find yourself liking just a tiny bit more. If web applications interest you, if network LAN based pentests interest you, reverse engineering, crypto, whatever it is, there are many parts to this area. Find one that you can specialize in. Become that go-to person for that skill.

We do not have the years to master all of it, get well rounded, but have a specialty. You can apply this to anything but it is true: find something that interests you, become good at it, then become great at it, and then become a master of it.

As a legend once said: “A boy comes to me with a spark of interest, I feed the spark and it becomes a flame. I feed the flame and it becomes a fire. I feed the fire and it becomes a roaring blaze.”

Choudhary Muhammad Osama

Penetration Tester and Application Security Researcher.

How did you become a Penetration Tester?

Well, from my childhood I had been enthusiastic about Information Security; if you are requesting about the serious part, however, it’s been around five years.

I was a teenager going to cybercafes and everything commenced there, I was impressed by the things the fellas were doing and I simply fell deeply in love with hacking. It was that much much easier to attain goals, hacking into machines, stealing information, pictures and a total whole lot of fun. I went into other activities then, some “professional work”.

What advice would you give to someone interested in becoming a Penetration Tester?

Love learning!

In the event that you cringe at the very thought of needing to quickly learn a fresh skill, operating systems, program syntax, or strike strategy, you might feel overwhelmed, however, there is hope! Take what you do love, find out improved ways to secure it in a business feasible way, and work for the “Red Teams” out there that frantically need more security-minded people as well.

Razvan Gabriel Coman

Penetration Testing Advisor at Dell SecureWorks (offering services such as Penetration Testing to Fortune 500 Healthcare customers).

How did you become a Penetration Tester?

I can say I’ve wanted to do this since high-school, but it took a BSc, an MSc and 5 years of working in several IT Security roles before moving into a Penetration Testing position.

What advice would you give to someone interested in becoming a Penetration Tester?

Try to enter a hacker’s mindset. Security is everywhere around, not just in computers, always think out of the box and how you can bypass restrictions. Learn something new every day.

Learn some Cryptography principles. Learn about computer networks and protocols, practice with Wireshark and a network simulator like GNS3. Learn Operating Systems principles, install Linux, try to use it every day. Learn about Web Technologies and Security (HTML, JavaScript, PHP, SQL, OWASP Top 10), analyze vulnerable apps available online with Burp Suite, OWASP ZAP, Nmap, Metasploit, etc.

Grab a general-purpose programming language, like Python, learn it while working on a small project of your choice.

Fire up some vulnerable virtual machines and create a small pentest lab, play with these hacking tools and other Kali Linux tools. Get into any IT/Security job available, as some things can only be learned on the job. Learn all you can there and when you start doing the same thing every day move to another. Don’t expect over the night results, it’s a long road, requires constant study, but it’s definitely worth it if you’re passionate enough.

Mohamed Tehami

Penetration tester at SCASSI.

How did you become a Penetration Tester?

Well, since I was young I was interested in security and hacking, it was all about curiosity and wanting to learn how things work and how we can change the way they work.

It was the main reason I choose a Computer Studies career on the university (now several specialties on information security are available); to learn the basics of all what is related with IT, networks, programming, design, etc., and in my part-time, I liked to have fun doing some tests on my local lab at home, while now there is so many websites that offer hacking challenges that are great for a beginner. Taking internships related to security is also important to be a professional pentester but that is not always necessary.

What advice would you give to someone interested in becoming a Penetration Tester?

In order to become a good pentester, you should first have good knowledge about how things work, network protocol, applications. Because pentesting is not just about using hacker tools (that what we call script kiddies) but it’s about knowing what you’re doing while the tools can help reduce the work for you.

After having good basics in IT, you should start reading about security and vulnerabilities and way to exploit them, that requires patience and curiosity to learn, and also with pentesting you never know everything because each time you may test a different kind of platforms with different technologies and you need to find you’re way out to break it, and yet you can’t do that if you don’t know how things really work, so a pentester should be on a constant learning process.

Moataz Moustafa

Ethical Hacker & Penetration Tester

How did you become a Penetration Tester?

When I was 12 years old, I was very interested in the computing world, programming and internet, I wanted to be Android Developer, so in the summer vacation when I was 13, I started to learn to code with Java and Eclipse to gain more experience I started to visit a website called XDA Developers, it was my whole life, I was spending my whole day on this site, learning and gaining experience I then started to learn about Linux, root and open source then I made my first script to root my Huawei phone.

I saw security and hacking as a very exciting topic, so I started to read more and more and learn, that was my intro into the field, I started then to take online courses, read articles, proof of concepts and get into online communities, learning Programming, Networks, Linux Administration and Penetration Testing, I started my career as a freelancer Penetration Tester then I moved on to establish positions in companies.

What advice would you give to someone interested in becoming a Penetration Tester?

Being a Penetration Tester is something requires hard work and motivation, having the passion for the technology and information security is a must, being a penetration tester doesn’t mean someone who know how to write some terminal commands or automate some tools,

A penetration tester is someone who have extensive knowledge of how computers, systems and networks work, every penetration tester must master a programming language, learn how networks work and operate, how systems are designed, learn about the internet and information security then it’s time to learn the hacking techniques, the most important thing to master penetration testing is practice so a new penetration tester should prepare vulnerable virtual machines and try to hack them and participate in CTF competitions.

One of the best books someone can learn from about hacking vulnerable VM is (Kali Linux CTF Blueprints) also the best website to download such machine is Vulnerable By Design, one last thing that information security is not a static field, you learn new things every day so you should keep yourself updated every day, keep practicing, keep gaining new skills and never stop learning.

Mr. OoPpSs

Mr. OoPpSs is a Cybersecurity and Cybercrime Investigator.

He has been involved in the information technology And Cyber Security field since 6 years. He later pursued his higher studies in the field of Cyber Law and Computer forensic.

He holds professional International certifications Like CEH , CPH, CHFI, LPT,CISE ,CEHIE, Certified Information System Security Expert, Internet Cyber Security Expert, Certified Android Development & Forensic Expert, Cloud Computer Application Developer Expert, Certified Cyber Crime Investigator, EnCase Certified Examiner, Certified Computer Forensics Examiner, Cyber Law From Indian Law Institute, MCSE and CCNA Certified, Diploma in Digital Forensic & Cybercrime Investigation, and a Diploma in Certified Information System Security Expert Forensic.

How did you become a Penetration Tester?

Here are some article that I wrote that will help…

What advice would you give to someone interested in becoming a Penetration Tester?

A kind request for the welfare of students. Please follow the Ten Commandments in Ethical Hacking Training for Students.

  1. Always Start with Cyber Law, as that will give a clear picture of what and why we go for Ethical Hacking.
  2. Always teach “Ethical Hacking” & not “Hacking”. Many students are behind bars due to improper guidance.
  3. Create awareness on “Ethical Hacking” and the Career prospects of Information Security Field.
  4. Give proper guidance for future studies and international certifications like M.S., M.Tech (Information Security & Cyber Law) or Certifications which will help them.
  5. Always be clear on what can be done / cannot be done, don’t misguide students like “Nobody can catch you / trace you.”
  6. Discuss how Cyber Cases are solved and motivate them to become an Ethical Hacker & not a Hacker.
  7. Don’t teach illegal things which is against Cyber Law.
  8. Promote the usage of Open-source Software and encourage students to learn and code their own tools / Software.
  9. Always Cite the sources of whatever you teach, so that students also will follow you and not copy others’ material/codes.
  10. Teach them clearly that Ethical Hacking is not a Game & not for Fun. Tell them how important it is and tell them real-life scenarios of how it could save a lot of people.

Most Important: Don’t Be Stupid Be Creative In Cyber World, Use Knowledge to Save Yourself & Your Country, Respect your Country’s Cyber Law.

Be proud to be an Indian & Ethical Hacker ! Jai Hind And Love Your Country.

Dimitris Pallis, OSCP

Dimitris is currently a freelancer/self-employed professional who probes for and exploits security vulnerabilities in web-based applications, networks, and systems using the resources of bug-bounty/freelancing platforms (Bitdefender Bug Bounty Hall of Fame Bitdefender)

How did you become a Penetration Tester?

It was actually my career plan.I was always curious about how computers work and was fascinated about how they interact with each other.Breaking the rules was even more exciting (being always a “white hat” ofcourse) so why not get paid for it? I made a huge research online on tools and techniques that are used by pen-testers so I was 100% self-taught which was hard at the beginning but it’s still the best way to learn.

When I was comfortable enough with the Kali Linux operating system and its tools I opted for one of the hardest certifications in the Security industry and in IT in general, the OSCP.

Then I was officially a professional penetration tester and confident enough to apply for such positions.

What advice would you give to someone interested in becoming a Penetration Tester?

Regarding soft skills, I would advise him/ her to have determination, patience, passion about hacking and the ability to explain technical stuff to non-technical personnel. It may sound cliche but you won’t survive without them. On the technical side, I would advise someone to be comfortable with the Kali Linux OS, refresh his knowledge on computer networks and security concepts.

There are a lot of free courses online so it would be beneficial to check them out. When you feel confident enough you can also download vulnerable machines and try to get root! On an academic level, there is not yet a bachelor or master that can (even) prepare you to become a penetration tester. Even degrees on security will teach you outdated stuff in most cases and will not cover penetration testing in depth. If you want to start sending resumes for junior pen-testing positions I would definitely suggest to sign-up for the Offensive Security Certified Professional certification.

Alfonso Garcia Alguacil

Alfonso is a Penetration Tester at Cisco.

How did you become a Penetration Tester?

This was in my career plan from the beginning, even before my first security-related job.

What advice would you give to someone interested in becoming a Penetration Tester?

I would say that once you have a good knowledge base in programming, networking, and operative systems the best is to play CTFs. Playing CTFs will open your brain and you will start to think about how to break software, and also you will learn to learn by yourself, looking for documentation about the technologies implied in each challenge, looking for similar vulnerabilities discovered in the past, etc. And the most important part, it is very fun!

How did you become a Penetration Tester?

It was something I started as a hobby, then proceeded to be professional

What advice would you give to someone interested in becoming a Penetration Tester?

There are vast and the majority of resources you can learn from both online and from real people. If you have an issue/problem don’t back down, keep at it.

Suraj Rajkumar Waghmare

Suraj is a Security Analyst at Jainam Technologies

How did you become a Penetration Tester?

I was driven by incident.

What advice would you give to someone interested in becoming a Penetration Tester?

Gain knowledge.

Ranjan Kathuria

Ranjan is a Security Engineer at NestAway Technologies Pvt Ltd

How did you become a Penetration Tester?

I started moving in to security domain after a guy in our college hacked a Facebook by a keylogger. It was a seminar and I paid Rs 500 to attend that seminar and later I thought how easy is for these script kiddies to fool people, after this I decided to solely move in to this domain. Later I managed to be at #1 on Quora Bug Bounty.

What advice would you give to someone interested in becoming a Penetration Tester?

Don’t search on Google :- “How to hack facebook”.

Mohamed Magdy Hassan

Mohamed has experience with ethical hacking, penetration testing and vulnerability assessments and security code auditing.

Aside from having good knowledge in programming languages (C , PHP, Java, JavaScript…) & scripting languages (such as Bash, Python, Ruby) he is also the technical lead at “InfoSec Elites”, which is an information security community in Riyadh, Saudi Arabia.

How did you become a Penetration Tester?

I started my journey working as a security engineer. I worked on Firewall, IPs, Web Gateway, Anti-virus, Advanced Threat, etc.

During that, I learned about networking and Windows systems. After that, I started with web penetration testing, since I was a web developer originally, by taking an eWAPT certificate.

Subsequently I started working as a web penetration tester. During that, I was studying for my OSCP until I finally got it.

What advice would you give to someone interested in becoming a Penetration Tester?

To become a successful penetration tester, you need to understand 2 topics, Networking and Systems (Windows/Linux). After that, it depends on your goal. If you are planning on web penetration testing, I recommend eWPT certificate and participating on the bug bounty programs. If you are planning on infrastructure penetration testing, I recommend eCPPT and/or OSCP certificates and participating on CTFs. Some general tools that will help you are: Nikto, Nmap, Metasploit, Ettercap, John The Ripper, Wireshark, Burp Suite, Sqlmap, BeEF and Hydra.

Chaitanya Bobhate

Being a Patriotic person, I always craved to work for my Nation as a Cyber Security and in Information Security Field and this is one of the fields that I craved for.

How did you become a Penetration Tester?

In this growing technical world, everything is digitized and so parallel that security comes in picture and every organization focused on their system security; you need to secure your confidential data from intruders. Penetration tester probes for and exploits and security vulnerabilities that will simulate real-life cyber attacks and your ultimate aim is to help an organization improve its security posture. Penetration testing is a “cool kid” job, but it is also a personal interest of mine; hacking is my passion, this is a challenging career and you need to brainstorm to complete your tasks. To pursue my passion at a professional level I have pursued a Penetration Testing certification and also completed the CEH.

I am also preparing for the OSCP to level up my knowledge in my domain.

What advice would you give to someone interested in becoming a Penetration Tester?

From my knowledge of understanding the important things in the penetration, the testing field is that one should have lots of patience with passion and need to be updated on technologies. One should be a self-learner, and self-motivator and should know the knowledge of Networking, Operating systems, Database and basic knowledge of Programming.

Omar Ahmed

Omar is a Penetration Tester with 6 years of experience in web application & Network Penetration Testing, and Incident Response. Conducted vulnerability assessment and penetration testing for many high profile companies all over the Middle East, Highly skilled hands-on application security assessment and development of security tools with a deep understanding of vulnerability management process and risk assessment. Involved in security challenges by joining online CTFs.

How did you become a Penetration Tester?

Actually, It was something I started as a hobby, but I was always curious about how computer works. When I was young, I didn’t have a lot of friends, I spent my days learning about computers and how I can do this, and how to do that. After that, I found the right path to understand Penetration Testing and I read a lot of books about InfoSec and Cybersecurity.

I started writing about Penetration Testing in technical blogs and learned a lot by that because every topic I talked about I had to also research. Learning by doing and learning by teaching: that’s how I became a penetration tester.

What advice would you give to someone interested in becoming a Penetration Tester?

The most important thing, is Penetration Testing is not about hacker (pentesting) tools; mastering certain tools will not make you a Penetration Testing. Relying on automated tools will just make you a tool’s slave. What you really need to know is how these tools works, and how you can write your own tools even if there is a tool doing the same thing already, just try to write a tool to do that thing too because in that phase you really need to know the right path to Penetration Testing.

You have to understand how to do things manually, after that you are ready to save time by using automated tools. If there is two carpenters both of them use the same tools, but one of them is good and the other is not, Why is that? It’s because the good one understood that tools don’t make you what you are, it’s just tools to reach your purpose and help you with your work.

Aaron Herndon

With a Bachelor of Science in Computer Science and extensive coursework in IT Security, including completion of my Offensive Security Certified Professional (OSCP) certification, my primary focus resides with assisting organizations in testing their security controls, assessing procedural gaps, and providing a road map for improvement.

Experience with penetration testing, social engineering, and physical security allows me to provide a “full-stack” assessment for organizations. Outside of work I enjoy researching new security exploits and testing them in a personal sandboxed environment. When I am not at a computer, I can be found outdoors backpacking, rock climbing, and playing in recreational softball and volleyball leagues.

How did you become a Penetration Tester?

In my junior and senior years of high school I was presented with the opportunity to take dual enrollment courses at a local university (and go for my Net+ and A+ certs). While taking these courses, the professor acted as my mentor and introduced me into ethical hacking.

My senior year I took up an internship under him, learning basic security concepts in both defense and attack. One thing I learned was that pen testing would require knowledge in a diverse amount of technologies, and being some what of a jack of all traits when it comes to computing. Therefore I went to college for a BS in Computer Science, and heavily specialized my coursework in security.

No college degree, in my opinion, provides a wide enough breadth of information and experience to immediately become a penetration tester. Outside of coursework, one truly needs to understand how a corporate environment functions, such as business processes and system administration.

Therefore I took an internship (which led to a job) as a *nix sysadmin. My primary job role was to manage *nix environments, automate deployments, and build out security hardening standards for RedHat/ AIX. I also took an opportunity to work with Internal Audit for 3 months on evaluating a global technology deployment within the company. This opportunity led to my understanding of the ‘auditing’ process (different from pen testing, but still helpful to understand threat modeling and risk assessments). In search of getting more security in my role now that I understood how environments functioned, I took a job as a Cyber Security Analyst with a financial institution, with job tasks ranging from threat modeling, risk assessments, deploying security solutions, speaking to the business about security, and also conducting pen tests.

My defining moment which moved me into pen testing was passing the OSCP Cert (PWK) course. This course provided a plethora of information and hands-on experience and gave me the understanding and knowledge to join as an entry-level pen tester at Rapid7.

TL;DR – I knew pen testing was my ultimate career objective, and I took on multiple job roles and learning opportunities to gain a breadth of knowledge in computing (not just security) all to further my progress towards becoming a penetration tester.

What advice would you give to someone interested in becoming a Penetration Tester?

Self-learning. Understand how tools do what they do, not just how they function. Dig into Metasploit modules and see what is going on behind the scene. Spend time on looking at new exploits, testing them, and understanding how they function. Also, obtain a wide variety of sysadmin, programming, and corporate process knowledge to understand at least at a basic level how everything functions in a corporate environment.

Highly recommended certifications and courses:

  • Offensive Security Certified Professional (OSCP)
  • Network Assault (NWA, by Rapid7, shameless plug)
  • Web App Assault (By Rapid7, shameless plug)

Derick Ansignia

Derick is a Penetration Tester at TCISS.

How did you become a Penetration Tester?

It was actually a career plan since am studying information systems in a bachelor’s degree, I had a passion to learn how systems work and to break codes running behind the scene. I attended a hacking class, learned a couple of things on my own since then and the passion to penetrate into systems has ‘been a thing’ for me, I love the art; sometimes [this makes] you feel you so smart!

What advice would you give to someone interested in becoming a Penetration Tester?

Anyone who wants to be a pentester now should approach this career path with a high level of interest sometimes it does not turn out to be too exciting you have to work smart, learn more and more. I recommend eLearnSecurity, they have a great start for a beginner. Nmap, sqlmap, Metasploit, responder are some of the tools of the trade.

Lorenzo Vogelsang

Lorenzo is a Penetration Tester with experience in Web Application & Network Penetration Testing. He is also a CyberArk Certified Engineer and he implemented the software solution across multiple financial institutes in Italy. Involved in security challenges by joining online CTFs and Bug Bounties.

How did you become a Penetration Tester?

I’ve always liked the underground ecosystem and I started learning about computer and network security since I was a kid. Even though I took a degree in Philosophy one day I have decided to turn my hobby into a job starting a Master in ICT Security. This was for me the turning point as it allowed me to gather the necessary connections for finding a job in the penetration testing industry.

What advice would you give to someone interested in becoming a Penetration Tester?

My main advice is to try to enter the hacker’s mindset and to always be in the lookout for new opportunities and challenges in the field. Follow your passion and try to learn from the defeats you will encounter during your path and do not surrender but always “try harder”.

Phillip Wylie

I am an Information Security Consultant/ Penetration Tester with over 19 years of information technology and information security experience.

Specialties include application security, penetration testing, ethical hacking, security vulnerability assessments, threat and vulnerability management.

How did you become a Penetration Tester?

I spent my first seven years as a system admin and moved into the InfoSec department of my employer. My first year and a half I worked doing network security supporting firewalls and IDS’.

After that first year and a half, my employer hired a CISO and he created different functions in our infosec department. I was assigned an application security role. I performed web application vulnerability assessments, coordinated third party penetration tests and managed vulnerability remediation.

After seven years I was laid off and I got a consultant position working as a Penetration Tester.

What advice would you give to someone interested in becoming a Penetration Tester?

For people that don’t already work in IT, information security or have a related degree, then I would recommend learning operating systems, networking and scripting and, or programming. You need a foundation in technology because it is easier to hack something that you understand technically.

If you have the technology background or after you gain this background, then you are ready to learn how to hack. To become a successful Penetration Tester, you need to develop a hacker mindset.

There are a lot of great resources available through books and online training. Websites like and offer free training and videos. Two books I would start with, are Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, The Hacker Playbook 2: Practical Guide to Penetration Testing by Peter Kim.

A great book to learn web application penetration testing is Web Application Hacker’s Handbook 2nd Edition by Dafydd Stuttard and Marcus Pinto. The Open Web Application Security Project (OWASP) website found is another great resource for application security and web application penetration testing.

Certifications are helpful when trying to break into the penetration testing field. Some certifications employers look for are the OSCP (Offensive Security Certified Professional) and SANS GIAC certifications such as the GPEN (GIAC Penetration Tester) and GWAPT (GIAC Web Application Penetration Tester).

The SANS courses run around $5900 and the Penetration Testing with Kali course required for the OSCP starts at $800 for 30 days of lab access, $1000 for 60 days lab access, and $1150 for 90 days lab access. What I liked about the OSCP is that it helps you develop the hacker mindset as well as learning to manually pen test and not be reliant on vulnerability scanners.

Capture The Flags aka CTFs and bug bounties are good places to legally practice and hone your hacking skills. CTFs are environments set up for people to hack. They are available online as well as at some InfoSec conferences. Bug bounties are setup for hackers to find security vulnerabilities for organizations. Some of them offer cash for discovered vulnerabilities, while some offer swag or honorable mention. Bug Crowd is a good place to find bug bounties.

It is also important to network and gets involved in the hacker/ InfoSec community. It’s typically easier to get a job if you can get referred by an employee of the company. is a great place to find InfoSec meetings in your area. If you are in the Dallas, TX area checkout Dallas Hackers Association (DHA), DC214 and North Texas Cyber Security Group (NTXCSG). For application, security meets check out your local OWASP chapter meeting. InfoSec conferences are a great place to learn and network. A very popular conference, which is typically free, is Security B-Sides.

Junior Carreiro

Junior is a Member of DC-Labs Security Team, staff on BlackHat conference, Area31 Hackerspace founder and contributor for the Pentest Magazine.

How did you become a Penetration Tester?

I was always focused on the area of information security when I was still an infrastructure analyst, I was always involved in defense, such as hardening, Firewalls, IDS/ IPS and WAF.

When I was working in the defense area, I followed closely how the complexity of the attacks increased and this increased my curiosity and I ended up changing my area of interest and became security offensive, especially in web applications, which became my focus. Today, my studies and research are all focused on flaws and web application pentests.

What advice would you give to someone interested in becoming a Penetration Tester?

My advice for those who want to start acting in the area is to study, study and keep studying! The Internet helps us a lot these days and we have a lot of stuff, my suggestion is to learn how things work, TCP/ IP, OS, any programming language. It is necessary to form a solid base of knowledge because it is important to know what you’re doing. The profession pentester is much more than simply running automated penetration testing tools.

Some books that have helped me and help until today:

  • The Web Application Hackers Handbook
  • Hacking Exposed Web Applications 3
  • O’Reilly – HTTP – The Definitive Guide

Sites that recommend for studies:

  • Hacking Lab
  • Pentester Lab
  • Cybrary

Yehia Mamdouh

Yehia Mamdouh has 8+ experience in penetration testing and information security, and now he is a holding position as Penetration Testing Specialist and security researcher @ DTS-Solution (Dubai), He is the author of many tools like XSSYA & BetWorm. Yehia has also been a keynote speaker for many conferences like QuBit – DefCamp – Middle East Info Security Summit and he has has been acknowledged on many websites as part of their Bug Bounty programs.

How did you become a Penetration Tester?

I got my first computer on end of 90’s at that time I start learn programming with visual basic, I start creating some basic programs, then I was hit by the Melissa Virus at that time and cause a lot of damage but I was amazed how a few KB can cause that damage after that I start make a lot of researchers on Worms, backdoor’s etc.

I learned how to write them, and i create a sample virus with Visual Basic and then I continued learning about hacking and security, so yes I can say by accident!

What advice would you give to someone interested in becoming a Penetration Tester?

Actually, many advices, first advice if you want to become penetration tester, you should focus on Programming Languages at least one low level programming languages and one scripting language like Perl, Python, Ruby which allow any pentester not depend only on existing tools because every pentester deal with dynamic and different environments which sometimes require to write special script for special environments.

My second bit of advice is to be persistent to finish of what you are learning till the end, and get yourself involved in security community and learn from them, keep yourself updated with last vulnerabilities and exploit being discovered, read a lot books, participate in CTF’s, and in the end share your knowledge with others because we learn from sharing knowledge.

John Clarke

Hard-working self-motivated, organized and capable of working under pressure. I enjoy working alone or as part of a team. I have a logical mind with a practical approach to problem-solving and not shy to request help if needed. In short, I am reliable, hardworking and eager to learn and I have a genuine interest in IT Security.

How did you become a Penetration Tester?

It was actually something I fell into and now it has become my career. I was given a break by a great man: I was a 34-year-old intern who had returned back to education after the recession hit and luckily someone saw something in me and hired me into their security team.

What advice would you give to someone interested in becoming a Penetration Tester?

Play safe and within the confines of what is ‘ethical’. There are plenty of CTFs and security meetups for you to learn and practice your skills. Believe in yourself and keep on educating yourself!

Daniel Saibt

I have experience in the areas of Security Offensive, Cloud Computing, Linux / Unix environments, monitoring, and backup.

I execute projects related to the area of offensive security. The main objective is to identify and exploit vulnerabilities, whether in Web Applications, Mobile or Infrastructure. I work in projects of this nature in the most varied types of companies/segments such as banks, hospitals, hotels, retail, government agencies, software development agencies, etc.

My areas of study are intrusion testing, vulnerability analysis, and research, exploit development, hardening, and perimeter defense strategies.

How did you become a Penetration Tester?

Since entering the area of technology I have always been curious about the intrusion test. He liked to read about how the intrusions were made, methods used, motivations, etc.

What advice would you give to someone interested in becoming a Penetration Tester?

  1. Be thirsty for knowledge. Study for pleasure and never out of obligation.
  2. Lab, lab, lab, and more labs. It sounds obvious, but this is what will make you learn for real. There are many options on the internet like pentesterlab, vulnhub, pentestit, hacking-lab, etc.
  3. Master at least one programming language. Any one you like. This will give you a very interesting technical advantage.
  4. Knowledge of infrastructure is essential. Learn networks, operating systems, protocols of all types, etc. You will deal with different types of environments and will have to adapt to each of them during an invasion.
  5. When exploiting a vulnerability do not just do it with tools. Really learn how the exploration was accomplished.
  6. Know your limitations. If you do not know how to program, study. If you do not master a given protocol, study. Believe. With the right motivation we are capable of doing anything. I speak from my own experience.

Nikit Jain

Searching for a challenging career as an Information Security Engineer with your Company that rewards hard work, organizational abilities and superior honesty and integrity.

Having knowledge about vulnerability Assessment and Penetration testing, web application security, and python. I am also familiar with major penetration tools such as Burp suite, Nmap, Netsparker, and Metasploit.

How did you become a Penetration Tester?

From script kiddies to penetration tester.

What advice would you give to someone interested in becoming a Penetration Tester?

Just do and get the depth knowledge about the digital world.

Adam Ziaja

I have extensive competence in the field of cybersecurity, both attack and defense. I worked a minimum of one year full-time in such positions as a system administrator, investigative computer scientist, a security specialist in the CERT / CSIRT team, penetration tester, red teamer (real simulations of attacks, red teaming), threat hunter / SOC (active threat search, threat hunting, and threat intelligence).

In private I also dealt with bug hunting (responsible reporting of vulnerabilities), for which I have dozens of thanks, which mostly come from well-known companies and organizations (including Adobe, Apple, BlackBerry, Deutsche Telekom, Netflix, Nokia, Harvard University,,,, Empik,, …).

In addition, I act as a court expert where I focus on matters related to cybersecurity (post-fraud analysis, hacking, cybercrime, etc.). I am the author of the PWN publication “Practical post-burglary analysis” in which I described my approach to DFIR (Digital Forensics and Incident Response).
Since 2017, together with Paweł Wyleciał, I run the Red Team company, in which we offer expert services in the field of cybersecurity, performed only by the most competent people in given specializations in the field of offensive security (broadly understood security audits, penetration tests, red teaming, social engineering tests) ) as well as defensive security (DFIR – computer forensics and incident response, threat hunting, and threat intelligence within SOC).

How did you become a Penetration Tester?

From Linux sysadmin to pentester.

What advice would you give to someone interested in becoming a Penetration Tester?

Do techblog under your real name. You will check all before post because everyone else will call you lame.

Harshit Sharma

Harshit is a Cyber Security Researcher, Ethical hacker, and CEO at Techinvo.

How did you become a Penetration Tester?

I used to get bullied alot so in that way i got ento hacking and ethical hacking.

What advice would you give to someone interested in becoming a Penetration Tester?

Pursue it with full passion.

Henry "HMFIC"

I'm Henry, the guy behind this site. I've been Growth Hacking since 2002, yep, that long...

4 thoughts on “How To Become A Penetration Tester

  1. A penetration tester is, in fact, an ethical hacker who works for an organization. He is very concerned with performing attacks into the system, attempting to utilize an exploit here or there in the organization’s networks, systems, and web-based applications. Your main function is to be that cool kid who can get into the system legally; that is in fact what your boss pays you for.

  2. I’d like to learn how to do computer hacking. My desired course when I will get to college will be an IT major in Computer Engineering and I want to advance my learning for this entire lockdown

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recent Posts