|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Swaminathan, Balaji (Balaji.Swaminathan
kla-tencor.com)
Date: Wed May 13 2009 - 09:55:33 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thnx for the info, all.
How far does Assembly Language fits into this category? Or its usage
restricted only to some thing(!)...?
Regards,
Balaji Swaminathan .M
-----Original Message-----
From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com]
On Behalf Of JoePete
Sent: Monday, May 11, 2009 1:38 PM
To: Swaminathan, Balaji
Cc: pen-testsecurityfocus.com; security-basicssecurityfocus.com
Subject: Re: Programming SKills for PT...?
On Mon, 2009-05-04 at 21:02 +0530, Swaminathan, Balaji wrote:
> 1. What are the programming/scripting languages needed to accompolish
> the above?
This is a bit of a moving target, depending largely on what you are
trying to attack. This is why people work in teams. A simple case of
trying to attack a Web based application: You have browser scripting
(javascript), server scripting (PHP, .net, etc.), A database is probably
involved (SQL). That is before you even get to attacking the underlying
services (Apache, MySQL, etc.) or the OS. I would start by specializing.
Learn one technology/language really well and then move on. Don't try to
do everything at once.
> 2. I see most of the real hackers are well proficient in almost all of
> the the technologies like Networking, Application/WebApplcn testing,
OS
> etc. Is it so...?
Not necessarily. They are really good problem solvers -- they do what it
takes to solve the problem and aren't afraid to fail 1000 times before
they get it right once. Again, learn one thing well first. Find people
who need your skills, work with them, learn from them. But you have to
make yourself valuable to them. Crawl before you walk, walk before you
run. The worst thing, whether you wear a white or a black hat, is
arrogance. Mentally, breaking and securing systems is really hard work
and frustrating.
--
JoePete
------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute
Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both
Instructor-Led and Online formats is the most concentrated exam prep
available. Comprehensive course materials and an expert instructor means
you pass the exam. Gain a laser like insight into what is covered on the
exam, with zero fluff!
http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]