Thread replies: 14
Thread images: 3
Thread images: 3
Anonymous
Computer Security General 2016-06-11 14:29:53 Post No. 55025041
[Report] Image search: [Google]
Computer Security General 2016-06-11 14:29:53 Post No. 55025041
[Report] Image search: [Google]
Talk about computer security, privacy, and so on.
Get in here.
>>
Pentesters are just professional script kiddies, prove me wrong.
>>
>>55025695
No, you're not wrong at all. It's pretty much the case.
>>
>>55025695
Agree and disagree, I believe there are two types: pentesters you hire to check your network security and those who evaluate software. The first will be trying to keep up with the latest 0days and they are essentially script kiddies because they're forced to be but they do have a general methodical process they follow. The second kind tend to be experts in a particular language point out flaws in how software is coded. I just read a pentesters breakdown of over a hundred flaws in a Perl library called PRCE and it was... humbling to say the least
>>
>>55027667
*PCRE
>>
>>55027667
link
>>
>>55025041
I intern on an InfoSec team, starting to learn a bit of malware analysis
>>
>>55025041
Bruce Schneier gave a really good talk on my university a few weeks ago, I ended up going because of a friend who is a compsec major. Never heard of the guy before, but he was a really good presenter, had some really interesting stuff to talk about IoT and bodies to regulate it, etc. Probably going to get one of these books soon.
>>
File: Tinfoil bank robbers.jpg (48KB, 634x385px) Image search:
[Google]
48KB, 634x385px
>>55025695
I'm a pen tester and this mostly true. I don't have the time to build a load of applications that are already perfect.
The other side of it is like >>55027667 mentioned.
I enjoy the work, it's a lot of automation with some tools doing what 3/4 others do, physical tests are the only 'difficult' ones and they're especially fun too.
Pic related some robbers that wore tin foil to spoil thermal detection.
>>
>>55027767
Another thing is just playing with different tools, pretty fun, I've used about 30 different in-depth packet analysers.
Hacking a company's security is quite skillful, playing with honeypots, QoS, DZ, SQLi, MangoDB break ins, etc.
>>
How about embedded security?
Like how about Qualcomm just fucking screwed up their secure world OS and allow complete access to normal world.
>>
File: 1437684932019.jpg (32KB, 480x480px) Image search:
[Google]
32KB, 480x480px
>>55027767
Wait, you mean tinfoil worked ?
>>
How do I get started on this pentest meme?
>>
>>55027868
>Suspects in a bank robbery in southern Brazil used tin foil to disguise themselves for a heist. They were seen on CCTV Monitoring but fled empty handed and evaded arrest.
>>55027914
Going to University and studying computer security worked for me, be prepared to dabble in networking heavily too. Programming a tiny beat (be able to read source code, understand where shit goes wrong, get involved with 'odays' (0 day) and bug bounties to build a credible profile.
Then learn the ways of physical security, shove-it tools, blankets on barbed wire, avoiding detection from thermal sensors, cloning credit cards, social engineering etc.
Thread posts: 14
Thread images: 3
Thread images: 3