1
General discussion / Re: Anyone working in the penetration testing industry?
« on: October 28, 2015, 03:59:18 pm »
Perfect reply, much appreciated Mordred, just what I was looking for
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
General discussion / Anyone working in the penetration testing industry?
« on: October 26, 2015, 04:19:06 am »
So I'm graduating soon and so far (as far as I can tell) the thing I want to do is work for a computer security company which outsources pen tests. I imagine a few people on EZ work in the area. For any of you that do and want to take the time to answer a few of my questions, that would be sweet.
1) How did you get your foot in the door? (Did you specifically look for a pen testing job, did someone come to you, etc?)
2) Were there any specific qualifications your employers looked for? (Degree in some area, published papers, code, etc?)
3) What's the pay like?
4) Do you enjoy your job?
5) What exactly is your position and what do your specific duties entail?
6) Do you work for a company or do you do freelance work?
Those are all the relevant questions I can think of for now, feel free to not answer any questions you don't feel comfortable answering for any reason. I'll post more if I think of any.
1) How did you get your foot in the door? (Did you specifically look for a pen testing job, did someone come to you, etc?)
2) Were there any specific qualifications your employers looked for? (Degree in some area, published papers, code, etc?)
3) What's the pay like?
4) Do you enjoy your job?
5) What exactly is your position and what do your specific duties entail?
6) Do you work for a company or do you do freelance work?
Those are all the relevant questions I can think of for now, feel free to not answer any questions you don't feel comfortable answering for any reason. I'll post more if I think of any.
3
General discussion / Re: Do you include your malicious code in your portfolio?
« on: October 26, 2015, 04:08:46 am »
Yeah looks like the overall opinion here is that the people hiring you most likely ain't gonna know shit and will likely see you as a possible threat. Really sucks though, can't even show off the work I do in my free time, have to write other code I likely won't want to write to include in my portfolio. Real shame.
4
General discussion / Do you include your malicious code in your portfolio?
« on: September 22, 2015, 04:03:59 am »
So let's say you're applying for a job that's not in the security industry. Let's say as an application/game developer, etc. Would you include your code that could be considered 'malicious' or 'illegal' in the portfolio of work that you'd present to your potential employer? Would it still be considered unethical if you never used your code for anything other than testing purposes?
I guess it wouldn't make much sense to include work like that if you're not going into the same area but it's always good to show what you can do and what areas you're effective in. But if you're applying for a job in a completely different area I don't see why your employer would bother to take the risk of hiring someone who spends their free time writing backdoors and shit. I was wondering this for myself but now I want to know what your guys opinions are on this or if you've been in a similar situation.
Including naughty code in your portfolio, yay or nay?
I guess it wouldn't make much sense to include work like that if you're not going into the same area but it's always good to show what you can do and what areas you're effective in. But if you're applying for a job in a completely different area I don't see why your employer would bother to take the risk of hiring someone who spends their free time writing backdoors and shit. I was wondering this for myself but now I want to know what your guys opinions are on this or if you've been in a similar situation.
Including naughty code in your portfolio, yay or nay?
5
General discussion / Re: What do you eat?
« on: January 22, 2015, 04:16:27 pm »
I don't know anyone who has a worse diet than me. I have a fear of trying new foods (it's really bad, I once got offered a hundred euros to try something and ended up staring at it for around an hour before finally bailing out) and all I eat is junkfood. This is literally the list of the only foods I eat:
Hotdogs, burgers, pizza, pasta with butter, snacks (God damn do I love snacks)
There are probably a few more but they don't come to mind at the moment. Each day my diet shifts between the foods mentioned above (while eating snacks throughout). Surprisingly (to my friends' discontent), I'm actually quite healthy and in shape. I guess growing up only eating these foods my body didn't know any better.
As far as veganism goes I'm totally cool if you're a vegan and I think in the end you're doing the right thing; just don't preach to me about it. Vegans tend to think they're better than others because of the way they eat so they always bring it up (in my experience).
How do you know if someone's a vegan?
Don't worry they'll fucking tell you
Hotdogs, burgers, pizza, pasta with butter, snacks (God damn do I love snacks)
There are probably a few more but they don't come to mind at the moment. Each day my diet shifts between the foods mentioned above (while eating snacks throughout). Surprisingly (to my friends' discontent), I'm actually quite healthy and in shape. I guess growing up only eating these foods my body didn't know any better.
As far as veganism goes I'm totally cool if you're a vegan and I think in the end you're doing the right thing; just don't preach to me about it. Vegans tend to think they're better than others because of the way they eat so they always bring it up (in my experience).
How do you know if someone's a vegan?
Don't worry they'll fucking tell you
6
High Quality Tutorials / Re: Local File Inclusion (LFI)
« on: January 11, 2015, 06:35:55 pm »
For anyone trying this who just set up their own server, if you are getting "Warning: include(): Failed opening 'filename.ext' for inclusion" when using the %00 operator, this is because the null byte vulnerability was patched as of PHP 5.3.4. magic_quotes_gpc used to allow/disallow this but this option was completely removed as of 5.4.
If you still want to try out this tutorial try setting up your server with PHP version < 5.3.4
If you still want to try out this tutorial try setting up your server with PHP version < 5.3.4
Pages: [1]