3. Web App Pentesting Career Path

Web App Pentesting Career Path

if we take out the recognition of the OSCP, can it be assumed I can table that cert for some other time so I can focus on the above goal?

Honestly, OSCP isn't a huge win for web-app and app-sec in general. OSCP is a network penetration testing cert, is there an overlap with web-app-sec sure, but OSCP atleast where I have worked (appsec, included web but not only) really wasn't really worth much.

That said, OSWE, is a newer cert (atleast online) is web focused. And while I'm a bit mixed on the value of the content (there are better free resources) as a certification I really like it. I think its more relevant to app-sec and web-app stuff than OSCP.

With that being said, I'm looking to go after the eLearnSecurity (eJPT, eWPT, eWPTX) / PentesterLab track as they seem to focus solely on that area.

So, I'm going to mostly avoid commenting on eLS and PL because I don't have hands on experience with them.

Instead I will say the most important thing is having the skill to do the job. One really nice thing about this side of the industry is that while there are a ton smaller, boutique firms doing testing that will give anyone a chance to interview if they can show some minimal competence. Usually involves doing a challenge or two first before they interview but a lot of solid companies do not actually expect formal qualifications (even if they list them). They'll just give you a challenge before hand.

As such, imho worry about your skill first not certs, and for that there are a couple cheaer resources you can reference.

  1. Web Application Hackers Handbook - Its the usual recommendation for web security. Its age is showing, but its good. I know atleast one company that actually gives the book for free to potential candidates.

  2. Portswigger Academy - Instead of updating the above book, Portswigger released the Academy which is free lab-based training. They update the Academy on occasion so its more up to date, covers most of the main web-issues you're going to run into.

Once you've gone through the above, CTF are one way to get practice in, but one of the best things you can do is find a handful of CVEs yourself. And I'd encourage you to try sooner rather than later, its totally normal to need to do research while working, you don't need to know it all upfront.

I'd rather see CVEs on a resume than certifications. A CVE generally means that you found a real vulnerability in a real application, which is exactly what the job requires.

Other than that, having some security related projects looks good too. Automating some stage of an assessment, some technique or whatever. Even if its not new, just adding your own take.

/r/AskNetsec Thread
Previous
Next

Recently removed from /r/AskNetsec

Pentesters, what web vulnerability scanner do you use? Is a "security engineer" = a software dev focused on security or is it something uniquely different? What subjects would you take in hackerschool? Most reasonable way to protect Windows laptop from BadUSB? Your recommendations, I have an opportunity to learn netsec but I am at the starting line. I will be traveling to one of the countries hosting a great firewall, will only be using my phone to access anything. What kind of modifications and precaution should I be taking to protect myself from both of privacy and security perspective? Anyone interested in Advanced WiFi Pentesting Webinar? if net neutrality fails, could an online company provide a "neutral net" loophole? GCIH - using braindump questions to test my knowledge. Good or bad? Let's say you find an exploit in a vendors application. What's the best way to inquire about a bug bounty if one isn't already listed? Minimum Requirements For Entry Level Pentesting Job Can someone recommend how I can get into malware research/reverse engineering? Security clearance question What can a script kiddie do? Early Career Options?

More Random Comments

My wife feels like she's missing out on life being married to me, and I don't know what to do. Why is it so hard to buy raw land? 'Nothing to cure': French Senate votes to ban LGBT conversion therapy After 3 years I’m finally no longer known as “the f*** up” Was the Djed pillar a primitive battery, known as a voltaic pile, used to power an arc lamp? Vandy vs UChicago? AITA For pointing out just how well off my bf grew up? Explicação do dinheiro em crypto(em inglês). Vocês apoiam o uso de crypto? Eu tenho começado a ter interesse sobre o assunto. If you could go back in time and completely change what team you chose to be a fan of, would you? Anyone find that they share a common ancestor with someone famous? A man throwing objects at dogs Mini rigs for the win! Finally... thank you, Yoshi-P! Granted, soviet casualties were 5 times bigger, but to Stalin there practically was no such thing as "victory coming out of price". Exams / Newbie Thread for two weeks