Categories: Hacking

The Hacker Academy on Penetration Testing

Penetration testing is a skill, a profession that requests specific capabilities and the respect of strict rules. Hacking is different from pen testing …

Professional hackers are an essential component in today IT landscape, in a previous post I highlighted the great request of the market for so precious figures.

Being a hacker is a state of mind, a different way to approach IT world, penetration testing is just an example of the activities that hackers can do as part of a corporation, but there is much more.

Companies need security experts able to share the results of their investigations, that have an analytical approach to the problems and are able to find innovative solutions.

In today’s society the data is probably the primary asset for the majority of the company, results focused professionals must be able to drive their clients in the right direction with professionality and ethics.

Every professional has to adopt a code of ethics based on the following fundamentals described by(ISC)²:

Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principals.
Advance and protect the profession.

Penetration testing is a precious skill, not a technique, that must be refined through practice and hard study.

To start this fascinating work there are some useful requisites that could help youngsters such as a strong background in the IT security, a good knowledge of current tools and it could be an advantage to have followed a specific certification (e.g. GPEN – GIAC, OSSTMM Professional Security Tester Accredited Certification (OPST) and Certified Ethical Hacker).

Pentesting is often confused with hacking, but there is a substantial difference that novices have to understand, while “hacking” is exploratory and unstructured, penetration testing is based on a scientific and structured method.

Pentester follows structured approach documenting each phase of its test and the results obtained. Every step must be argued detailing the following things:

scope of the test.
results of the test.
precedure followed.

Penetration testing is almost always a consulting-focused job also when companies have their own internal security team, consider that during their career pen testers works for many different companies as contractors.

Our surface of attack is increasing with the exponential growth of the penetration level of technology, everything surrounds us has an “intelligent component” that could be compromised by hackers, it’s clear the importance of security for those objects and the rule of a penetration tester for their evaluation.

This and much more is possible to understand taking a tour in the Hacking Academy Modules, that also gives to the participants to test what they learned with specific Interactive Lab … Test it for free

Pierluigi Paganini

(Security Affairs – Penetration Testing, hacking)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.