Thread: career in infosec and how to get job in india?

Originally Posted by worldblackstar

I like to work as security professional(PenTester). I come to know about OSCP certification. So i planned to do it. Here i have some doubts, please anyone help me.
After i complete the certification, how can i search for pentester job in india?

i have good knowledge in programming(c,java,php,j2ee......) .also i have basic knowledge in ethical hacking.

Hi worldblackstar,

If you are good at programming, things would be bit easier and learning process would be faster for you. Please mind it that a certificate could lead you to an interview but only your skills would take you beyond that. OSCP would be a good choice but it is not easy and needs dedicated time. If you do it sincerely, you'll learn a lot while preparing for it and that's the best part of this cert.

Your best bet to get into infosec as pentester would be through contacts. Stay here, share your ideas, your projects, research, make friends and you would be amazed to see the outcome of it.

In order to help you more and guide properly, we need to know what exactly you know in ethical hacking. It's a vast field and depending on your interest and expertise, you could choose the right path for you.

Cheers!

Thank you b0nd. I know sqli, xss , cracking,rat,and some other basics... Now i'm learning malware analysis.

I have lot of interest in pentesting but don't know how to get into.

Can you please specify best pentesting certification which develop my knowledge and value in IT world?

Originally Posted by worldblackstar

Thank you b0nd. I know sqli, xss , cracking,rat,and some other basics... Now i'm learning malware analysis.
I have lot of interest in pentesting but don't know how to get into.
Can you please specify best pentesting certification which develop my knowledge and value in IT world?

Then I would suggest you to work hard for next 6-12 months, understand and learn:
1. Network Penetration Testing
2. Web Application Penetration Testing
3. Wireless Penetration Testing
4. Learn the usage and functionality of tools, modify and develop few if you could.

Install backtrack on your PC and make it your primary OS. Learn BASH in parallel to it. Mind it that no one becomes a hacker overnight and most of us had to wait for couple of years before we could get into this field professionally. Learning should be your prime focus.

Once you have advanced and feel comfortable, go ahead for OSCP or some relevant certificate from SANS but don't get trapped by private institutions who claim to manufacture hackers in weeks. Such trainings are of no use.

Few advanced topics like "vulnerability research", "exploitation techniques", "malware analysis", "assembly programming and shellcoding techniques" and "reverse engineering" shall be left for later learning.

Cheers!

PS: Another very crucial factor is getting into right environment and right mindset. Be part of local and online security/hacking communities and interact actively.

Thank you very much for your suggestion . I plan to take 3month online course for pentesting(oscp). Will oscp online course provide all the topic you mentioned? Or shall i download books/video and learn myself?

@bond, what is the advantage of learning bash when one already knows python or perl for example?
I can do most stuff in python which I can do in bash.

Can you give me some examples, where as a security person, using bash would be of more advantage thn python?
Thanks.

Originally Posted by worldblackstar

Thank you very much for your suggestion . I plan to take 3month online course for pentesting(oscp). Will oscp online course provide all the topic you mentioned? Or shall i download books/video and learn myself?

You better re-read what I suggested in previous post.

Originally Posted by mayjune

@bond, what is the advantage of learning bash when one already knows python or perl for example?
I can do most stuff in python which I can do in bash.

Can you give me some examples, where as a security person, using bash would be of more advantage thn python?
Thanks.

They say - the more you know, the better you become

Definitely you can do things better with python but bash helps with its quick, dirty scripts and on-the-fly commands etc.
Another advantage I see is, with bash you not only learn bash but you come closer to the OS you are working on i.e. *nix, which is the recommended platform for pentesters/hackers. That's why I strongly recommend newbies to learn bash while they learn linux, at least basics of it so that they could work faster.

Cheers