Student Roadmap: Becoming a Penetration Tester

so it's all yours take it away okay all right let me get my screen shared out here see this one there we go all right and me move some things around I got a bunch of screens in front of me all right so welcome everyone thanks for taking the time to uh come stop by my talk today um for those of you that don't know me my name is John helmus we're going to talk a little bit more about me here in a second um but for those of you that do know me I did this talk uh back at Defcon in the red team Village back in August um this is actually a amended version of The Talk

um just from taking questions and answers from the previous one and applying it to this one I've also taken out some of the the material that you know was kind of redundant in the old presentation so it's a lot more concise in this one um so with that being said let's go ahead and just you know get to it huh so here's going to be the agenda for today so we're going to go through all these bullet points and I don't want to mention everyone because we are we do have a limited amount of time so I can sit here and talk about these bullet points all day however um just to brief give a brief mention introduction just

going to give a brief introduction uction of myself let you see some of the things that I've done over the course of my career and how it's been at different uh ends of the spectrum we're going to talk about how you develop a student mindset not an academic mindset a student mindset talk about some ways of how we can become a penetration tester look at degrees and certifications which is a big big thing in this uh in this area cost analysis how much we got to spend then we're going to look at some actual roadmap diagrams that I put together and we're going to look at how you go from being a help desk specialist

to a penetration tester or even just a student um because those are the two more common tracks that I see then we're going to talk about staying curious and there's a a common question um that I wanted to answer at the end so let's go ahead and get going so who am I my name is John helmus um I'm currently a penetration tester and a ad junk Professor however I wasn't always that I actually used to be a naval engineer um and a help Des specialist myself and I've gone through the ranks over the past uh about six years um after my military career my military career ended in 2014 so now I've been going you know

from being a help desk guy to to what I'm doing now um I'm also monitoring the Discord Channel just so you know so if I peek over and I start answering questions um just so you know that's uh that's it so somebody said is that am I holding a chicken yes that is uh one of my chickens I have a uh small farm outside of Seattle um where we have alpacas which you'll actually see in in a slide or two uh we have goats a pig ducks chickens the whole nine yards so let's uh let's get going with that huh so but to to give brevity to what's on the slide right now as you can see I've had a lot of

different experiences that have led me into pen testing so what I want to project on to you is to let you know that you know there's a ton of different avenues that you can use to get into pen testing and it's not a one-sized fits all you can do a lot of everything and we're going to start to notice that there's going to be a common theme where you have to kind of just be curious about everything it's not just about hacking or a certain technology it's just kind of being curious about any kind of technology that you want to get your hands dirty with so these are some of the current things I'm doing I am a penetration tester red

teamer at Nordstrom headquarters up here in Seattle Washington I'm also a Adon professor at City University of Seattle and National University I teach uh online courses for both of the schools that range from basic cyber security network and wireless security cyber warfare um at National I actually teach uh red teaming and penetration testing so if you're interested in getting a master's degree in pen testing uh look them up and you'll probably have me as a professor so and then uh I'm also a PhD candidate at the Dakota State University I'm currently in the uh PhD of cyber Ops program um it's a pretty fun program so far I just started it but I'm really really enjoying it so far and as you can

see here at the bottom right that is another asset of my life where I actually have a small mini Farm um we have alpacas we have goats we have pigs we have chickens Ducks the whole nine yards right um so that's what I like to do in my free time because it's something that actually gets me outside and away from theu computer so it's uh it's one of those nice things that physically puts me away from everything so uh and just so you know if I look over to the side again just monitoring the Discord chat no moose no uh male mooses are pretty aggressive from what I've heard so let's really talk about what

we're here to talk about because we're not here to talk about me we're here to talk about how we can learn to become a pin tester so penetration testing Al known as pen testing or a pentest ethical hacking key word is ethical there right is an authorized other key word is authorized simulated attack on a computer system to perform um and evaluate the security of that system so we're looking at the security posture of a system through actually exploiting vulnerabilities and assessing the impact and severity on those vulnerabilities to the organization however while you think you might think it's just technical vulnerabilities we look at more than just technical vulnerabilities we look at people we look at processes we even

challenge culture in an organization right because culture is something that is hard to make um to Pivot so it's really um crucial that you understand that even changing culture is part of being a penetration tester where you actually have to look and see if there's something that's toxic within an organization that you actually have to change otherwise the uh the company may you know start losing Revenue all right so it's more than just hacking right it's a lot of research a lot of writing a lot of writing a lot of reading um I always like to say that you know it's about 70% writing reading reporting and about 30% technical so you know a lot of writing

and reading and research goes and takes place before the pen test during the pen test and after the pen test and there is a lot of technical um portions where your hands- on keyboard however think about it is if you your hands on keyboard and you actually find a vulnerability on a on a system you then have to turn around and actually do research on that vulnerability because you want to be concise and precise with your attack methods so that you can um illustrate that later to the client or your organization whoever you're working for so it's um it's crucial that you you're able to perform not just good technical skills but also uh proper cyber research

and um and illustrating what you find and then I always like to put this the reality check is it's about people and processes right we're looking at the te technology that is intertwined with business people or well I'm sorry the people of a business and the processes of that business right so we're looking at all the technology stacks and the culture and the people the processes the all all the good stuff right it says technical skills play a major role they do technical skills are one of the is the is a very crucial role because it plays a huge part in pen testing it's just not the most utilized one because um you know it's about people

right and making an organization better than it was before so you have to have soft skills that play a vital role in doing so so you have to concurrently be able to walk the walk and talk the talk so that means you have to be able to do the technical stuff while you're also able to illustrate it uh properly and what I mean by properly is is more professionally where you're able to actually take lowlevel um technology findings talk jargon whatever you want to call it and display it at a level that everyone can understand it because otherwise you're going to it can make people stray away from understanding it and they might just completely forget

about whatever you're talking about so the reality of pin testing is bang your head against the wall and looking for systems that are typically locked down I always like to say that pin testers are just highly technical quality assurance engineers and I'm sure there's some people on the other side of the screen that are that don't agree with that um but that's just my opinion so and penetration testing is 70% report writing and research and probably only about 30% Hands-On um that's just you know from my own research and and being in the field is there's it's just so much research and Reporting and writing and very little and a lot of Hands-On but the the Hands-On portion makes up

the smaller portion of P testing and then a big reason why we have P testing besides wanting to know what your security posture is and having to you know actually have a simulated um attack executed on your organization so that it can illustrate your security posture before the bad guys actually get in is a is a is a big thing however the other big reason is compliance right it's being regulated companies are now regulated to have their organizations ethically hacked I'll say that again organizations are being regulated to have their companies ethically hacked at least once to twice a year so what does that mean that means there's job opportunities because it has to be done right and we're going to talk

a little bit about that later about their certifications um that can get you so that you can be compliance um pentest ready right because in order to be a pin tester to do compliance-based pin testing you have to have those CS there's no whats or buts about it you got to do it so becoming a pin tester it looks like we're going to start to make our journey down the rabbit hole as we do this let's make sure we stay open-minded and stay curious so down the rabbit hole we go all right so the student mindset not an academic mindset will an academic mindset help you of course but a lot of other things will help you

too so developing a student mindset is going to help you engage yourself be humble with yourself to continuously learn and know what you don't know right so that goes with continuous learning staying out of your comfort zone there's a book that I really um really really enjoyed a couple years ago uh called Peak Performance don't know who wrote it I'll have to look it up and I can put in the Discord chat here in a bit after the talk um there's a talk or I'm sorry a book called Peak Performance where it actually talks about maintaining just slightly out of your comfort zone and then taking breaks so that you're able to expand um your comfort zone right

because if you're here and then you expand a little bit out and then you rest might go only like halfway back and then you actually have a new comfort zone you're able to take on more um it also teaches you that you know you you can continuously learn and gets you um conditioned for that being humble being humble is a big um issue in this career field uh so I've noticed um and there's a the next slide kind of mentions a little bit about that um but we have to be humble and know that we don't know everything and by we I mean pentesters and secur researchers and just offensive Security Professionals in general we

don't know everything we know a little bit about the things that we're we're targeting right and then we might have a subject that we have U mastered but we don't know everything so be humble stay grounded and ensure that you portray that to anyone that you interact with continuous goals this is where you set continuous realistic goals for yourself don't set something czy easy within a six Monon span because if you burn out in the time before that you're probably not going to want to do it and I speak that from experience many many times and just from OB observing it from other people take your time this is a career field that is not going anywhere

and you can you know the sky is the limit but it's and the sky isn't go anywhere so just set continuous goals throughout your career seek mentors find people that know more than you that are willing to help uh key word is willing to help you don't want to find some jerk who's not going to help you because they want to hold the keys to the kingdom of their information and knowledge find people that are going to help you and are helping others because when they help others you may able be able to help out the other people that they mentee at some point you may surpass the master so to speak or you may get to a level where

you're able to help other people another big thing is don't seek validation in this field seek education seek to educate yourself and others don't don't pentest just to say I validate myself as a hacker no you're GNA turn into that non-h humble jerk um always seek to be educated and educate yourself um that's a that's a big thing and then none of this can be possible without leaving uh fear in the rearview mirror if you are scared to do any of this and anything else within this uh this talk today you're not going to be it's G to help it's going to make you fall short and it's going to have a a a Snowball Effect where you won't be be

able to to probably achieve the things that you desire so you just have to leave fear in the rear ofie mirror and not care about the risk right I'm not saying like go into hundreds of thousands of dollars of student debt to buy Cs and education but do set realistic goals for yourself that you can achieve and don't worry about um you know the trivial risk that comes with that so be humble not a megalomaniac I I uh tied in a uh Twitter post that I put out not too long ago it says I don't know who needs to hear this but offensive security doesn't make you better than anyone last I checked Megalania is not a must have on job

applications for those of us that work in the field we know this very well where we see a lot of individuals who think because they're a hacker and they know how to break a certain type of technology that all of a sudden they have this Superior than thou Godlike complex don't do it um you know your technical skills are not too much power powerful right your job is to help people and make organizations better because it's one common goal to make organizations Better and U eliminate any kind of threat right so be humble not a necromaniac so be curious don't ditch the bucket list but do ditch The Bucket List don't ditch The Bucket List when I

think about it is like something you want to do before you before you die right don't think about the end just think about how you're going to continuously grow right and be curious so always look at things from a different perspective be hungry to learn new things be willing to dive into anything and Tiner with anything you have to be kind of like a yes person you have to be able to just dive into anything and take it on right and that also feeds into staying out of your comfort zone you have to do that I don't know any penetration tester that hasn't had to maintain some type of level outside of their their comfort zone for

quite a while because you're constantly learning new things so you have to if you want to get into this field Why not start prepping yourself up right try to understand different technology because being a pentester is about being a jack of all trades and a master of none you might Master something however if you master it today it might change tomorrow so do you really Master it debatable right it's it's up for argument uh looking at the Discord chat really quick oh there's a lot you guys are chatting it up man so growing your network this is probably one of the most crucial things in my opinion and why because there's a saying that you know getting into infos SEC is

sometimes not about what you know but who you know right so growing your network how can we grow our Network well for us that are going to school or work for a school rather whatever way it is or if you do both use the school network typically alumni are working in the field or may not be working in the field but if they are working in the field you the alumni networks to get into the field LinkedIn LinkedIn is my favorite place on the internet um it's a great place to to collaborate to reach out and illustrate your skills I see a lot of um individuals on there right now they're doing like try hack me challenges and

getting Sears and they're publicizing it all over the place and that helps you get visibility because somebody will like it and then that gets displayed on somebody else's feed and somebody might share it and then that gets displayed on somebody else's feed so just keep grinding and posting things on LinkedIn and it's going to help you find find a spot and you can network with people fairly easily right you just send them a friends request you know just go find the CEOs of all the big tech companies just kidding Twitter is another good place Twitter I like to think about as like the Common Ground between LinkedIn and Facebook where you link with other professionals but you don't have to be

so professional um so that's a good place to do look because there's a lot there's an infos Twitter that is wonderful there's lots of resources always being posted out lots of information a great place to learn and just to network in a less professional um more laxidasical

and so hit them up mentoring you need to find um people that can mentor you and also find people below you that you can mentor right it it's it's kind of a roundabout way but you're able to share Knowledge from who you are a mentee of and Mentor other mentees um and it creates this kind of like telephone effect but what happens is you think it you speak it and then you hear somebody else comprehend it and it helps solidify that knowledge in you even more and it helps um you know you never know a mentee of yours might actually get into the field because of their Network and they can say oh yeah hey uh come on over you know we got a

spot to fill over here conventions such as today with besides Denver again thank you for having me is uh another great place to network right uh for those of you in the Discord chat are on the twitch stream you guys can sit there and hit each other up and and banter and talk about anything you want and you never know you might make an actual really good relationship out of that and that might be the key to your success to getting into information security or finding that new uh role in offensive of security internships are another good thing I know they're they didn't really happen this past uh summer because of covid so you know that's the

exception not the rule but internships are really good to do um and you don't necessarily need to be in school to do an internship don't ever think that um internships are not exclusively to just students and then on the job training you know go find a a company that might be looking for free help um or any kind of help that will lead you into information security or penetration testing um I did that I actually was a sec guard at one point and then went and worked in sock because I wanted to get into it that bad so I did a lot of free labor working in the sock fun fact so just you know that's again it's about

being just tinkering and saying yes to a lot of things and staying out of your comfort zone growing your technical skills John how do we grow our technical skills well there's lots of ones thankfully in this day and age there's a lot I even when I started in in offensive security like five years ago there there was nothing you go download a virtual image of Cali Linux and then you try to find other things to Tinker around with now they have you know things like this like try hackme hack the Box vul Hub these organizations are creating platforms where you can learn in a fun and encouraging environment to be honest um I really like hack the Box because it's

competitive and I really like try hackme for the fact that it's very um student student Centric where it's more about learning um and then vul Hub is obviously where you can go grab images install it on your machine and go hack away um in a safe sandbox environment within your own home the other great thing about Von Hub is that they recently made a partnership with offensive security so if you're looking to do the ocp I would look at bone Hub images in the future for extra study material um books obvious one right and I can't recommend a book because there's so many um I do have a book coming out in the next couple months uh with pack

about AWS pen testing so if you're interested in learning cloud pen testing pick it up hacker one and Bug crowd what are these These are uh bug bounding platforms these are where you can sign up create an account and then actually go hack real websites I love these because they actually have you hack production websites and provide vulnerability reports on what you find and then if you find something it actually goes into your account you actually can have a a hacker badge that you can display on LinkedIn or Twitter and and um use that as a way to publicize yourself uh programming I can't recommend a language necessarily but I am um biased towards like Python and

Ruby just because I'm not a a programmer um but I do know enough Python and Ruby to do enough for my job as a penetration tester um so if you're looking at that I would highly recommend diving into one of those two languages probably python is the more popular one um so yeah so look at those and we'll talk a little bit more about that later um and then IO and synac these are two platforms that are actually pentesting um Services right it's kind of like a pentest as a service where you can go and do uh you submit an application and then they run you through a a um a couple interviews that are Technical and non-technical and then

they put you on their teams and they basically send you pentests that you can do and make money so and you actually are pen testing real companies so it's a pretty cool way to do like crowdsource pen testing I really really like it um I wish I had the time because if I had the time as I really don't right now um I would do it but um if you're looking to get in the field and get some your hands dirty that's a great way to to do something um for those of you that were in the Discord chat I did mention uh some e-learn security stuff so uh IE and e-learn security um have made a

partnership where they're actually creating a training platform that allows you to take all the e-learn security uh courses on this one Central platform at one Central price the reason why I put this here is because their training platforms are amazing their training courses are amazing they have amazing certifications that are going to um give you 100% Hands-On knowledge in a specific topic um so if you want to learn something in an academic and in a realistic sense these are your guys to go to um and if you have any questions uh feel free to ask Lily in the Discord she can tell you all about that so speed bumps speed bombs are another big thing uh

lacking experience security programming technical stuff it's it's a it's a conundrum right how do you get experience in the field without being in the field well that's where you have to use your network and you have to use all these other resources that we talked about those bug Bounty platforms creating a Blog a technical blog that's going to help you out right getting certifications those are going to help illustrate your security experience and your technical experience so you just really have to climb the ladder in that sense and you also need to utilize your Network right and I know I didn't put it there but utilize your network again utilize it the network um lacking Sears start with the

easy ones uh you know I know a lot of individuals that when they come into this field they just want to go grab ocp and you know while that's great you can do it uh why not get an easier CT that's gonna help you get a job right especially if you're on the outside looking in you're like okay uh you do a LinkedIn search for penetration testing jobs or security jobs and you're like okay I need at least this sert go for that sert that you at least need not the big one the one that you need at least uh certifications like CH which we'll talk about in a minute are not extremely difficult but they are compliance-based

um certifications so if you get CH you can actually start going and doing compliance-based pen testing um I actually did that and I got a job as a a red teamer for the dod so and I didn't have ocp at that time lack of job openings um you know Denver I mean I know this is virtual but Denver is actually a hot bed for security so if you're in Denver and watching this you're good if you're in Seattle and you're watching this you're good uh Seattle's a pretty hot bed um for pen testing and security as well however um I'm actually from a uh a smaller town in North Carolina and I don't really think

there's any pen testing jobs there uh so if I stayed there I wouldn't have made it in the field right so I had to move um so followed the jobs if you're in an area where where you know you can't get a job you got to go where the where the jobs are and luckily a lot of them are now but you know if that's not the case you might have to move and you know just got to do it lack of motivation that's going to be a big speed bump because you're gonna burn out because you're gonna set expectations for yourself and you're gonna not hit them sometimes and you're gonna burn out so make sure when

you burn out you take a break because Field's not going anywhere right enjoy the little things and you know I feel I'm sure you know if some of my family is watching this they're they're sitting there laughing because I don't take breaks really um um so maybe I should eat I should eat my own words but uh make sure that you you take breaks and that you enjoy the little things in life from the fruits of your labor for trying to get into the field or getting into the field somebody called me a cheater funny all right so career paths right these are the various things that we can do to get into infos right we can

take these Furious jobs help Des CIS admin net admin very security Specialists right you can see there's a lot there you can be an independent researcher or a bug Bounty Hunter signing up for programs like bug crowd and um and hacker one or just be a programmer a lot of individuals go and and get um you know a four-year computer science degree or go to a coding boot camp and go be software Engineers for a little bit and then they come into the field there's really not a a strict way to get into this field it's just about you know what can you bring to the table that's different right so these are various uh uh career fields that you can

go into um I'm sorry jobs that you can go into to get yourself into infos has a of course security Specialists you're going to be in in information security so that's more directed if you want to become a pen tester but these are just different avenues that you can take um I've taken a couple of them I start as a help desk guy and then I was a security specialist engineer uh worked in vulnerability management for a while and uh and now I'm here knew someone who got into security by starting as a pastor GNA have to talk about that afterwards that's interesting pin testing careers you can be a pin tester red teamer offensive security

engineer applications security engineer ethical hacker which actually is still a job title in some places um exploit developer consultant or purple teamer purple teamer is a is becoming a Hot Topic because it's the in between of a blue Team and Red Team right so you actually kind of like do a little bit of both and you oversee red team and blue team operations and then so the rest of these exploit developers you're actually developing exploits for the uh the things that you're hacking uh red teamers are the the offensive operators offensive security engineer you get it we have a lot of slides so I have to cruise through some of this so that I don't take up too much time so education

these are some degrees that you can get compiz Cyber Security even an NBA uh I know plenty of people in this field that have an NBA um because you understand the business sense of things and it really helps out so bachelor's degree typically required master's degree typically desired stay in school if you want to stay competitive right and I know there might be some people on the other side looking at me and being like John you don't need a degree you don't but it is nice to have a degree and make you competitive right there's nothing wrong with that so um and coming from someone who has a Bach degree master's degree and getting a terminal degree I mean it's

helped that those have helped me out a lot um in both um you know growing my career and you know for monetary gain essentially I mean you get paid typically you get paid more if you have a degree um it's not always the case but it's a lot of times it's the case so don't quote me on that but you know and you also learn things from a different sense if you do the academic model as well right there's things in in in degrees that certifications can offer you so here's the big one we got certifications so here's some CTS that we're going to talk

about so cona SEC plus this is a good SE to get because it's going to give you a foundational knowledge and certify you um in that knowledge 350 bucks for a voucher we say $200 for extra material and you're going to have to study for about one to three months one to three months of two hours a day about five days a week and anytime I say consistent study if I don't say how an extra amount of time just say think it's about two hours a day for you know five days a week at least um the exam is 90 questions maximum you can get less I think when I took it I took it a while back but a

long time well long time ago um I think I got like 55 questions but you have 90 minutes to do it and you have to get a 750 to pass which I believe is like a 83% passing without industry experience because I want to make sure that for those of you trying to get into the field understand the difficulty um it's not too challenging if you if you study properly um again using the methods that I just mentioned you should be able to pass it on your first time so the average cost per month 160 bucks because we want to make sure that we're not going into crazy debt right and if you look at it on a month scale about 160

bucks a month the controversy CT of the decade controversial sht of the decade the ethical hackers um it is a $1,200 voucher with a about $200 an extra material so you're going to spend about 1,400 bucks total it's a good sear to get because like I said you can get it and then you're you're ready to do compliance-based pin testing um it's about one to three months of consistent studying 125 questions four hours and you have to get between a 60 to 85% a pass so how difficult is this to get without any new industry experience could be challenging but EC Council has a $2,000 course that you can use uh to to prep you up that might make it less

challenging but it's too Grand so the average cost per month without that $2,000 class is about 450 bucks a month so three months at about 160 and then plus this and you know you get it and we'll we'll have a a breakdown here in a second of everything um the e-learn junior penetration tester this is without out the best valued penetration testing CT you're going to get talk to Lily about it because it's amazing uh the cost is 200 bucks for a voucher however you can spend 500 bucks get four exam vouchers Labs materials the whole shebang that all you need to do it one to three months of consistent studying the exam awesome enough is a three-day real life

penetration test it's awesome right because it's one it's it's Hands-On so you're actually going to learn the techniques tactics and procedures that you have to do in order to pinest so that's uh sorry I was getting pinged in Discord so that's what you you know you get you get from it um passing without industry experience less challenging without with proper study but why do I say that because you know you think well it's a Hands-On assert it's because e-learn security really preps you to take the exam they give you everything that you need and they and that's it you don't have to go digging for extra information if you don't want to they give you everything to your to

success to pass the uh the certification so I highly recommend this CT no matter where you are in your career because it's it's just an amazing CT the cona pin test plus this is a very difficult CT in my opinion um the voucher is 350 bucks you're going to spend about 300 extra dollars on materials three to four months of consistent studying because this is actually going to challenge you it's going to give you um test questions that are based on scenarios so you really have to know from a different angle the exam is 165 minutes with a maximum of 85 questions you can have less and you have to get a 750 to pass

that's about an 83% very challenging without industry experience I had industry experience when I took this and I found it challenging um you know as humble as that is to say it was an actually challenging exam I honestly didn't think I passed when I took it um but I did barely um humbly enough but uh somebody asked what made it challenging there's a lot of scenario questions in it a lot of scenario based questions that if you didn't work in the field it would be very very difficult to answer them correctly very difficult um and I know like the Cyber Mentor um Heath Adams has talked about mentioned like it's a difficult one because of the scenario

based questions it's and and it's not like uh like sterts or like you know these uh e-learn SS where you have you know open books or internets or the internet or anything you you go in Close book and that's it 650 bucks for four months so I'm not bad we're not doing too bad on price the certified penetration testing professional this is a 600 $1600 uh CT that you get materials Labs all that good stuff it's a two to four months of consistent studying would argue that you're probably G to need to do about three to four hours a day um it's a 7-Day Hands-On penetration test with an additional seven days of report writing

it's a real world black Bo pin test so for those of you looking to get into the field if you get this sht it says hey I know actually how to do this in a real world sense not like a like a CTF like a real world sense passing without industry experience it's going to be challenging and like I said 1,600 bucks so you're looking at about 400 bucks a month then we have the creme delem the offens of security certified certified professional um you're going to spend about I would say probably about 1,500 bucks on materials Labs vouchers all that good stuff stuff for this you're going to spend about 6 to 12 months to

take this if you do it in less awesome on you but um you know it's a difficult exam you got to use hack the Box try hack the vone hub for extra study materials just so you can understand things at a different level uh the exam is 48 Hours you got 24 hours of a of a hands-on experience that will just condition you and break you um it's you it's a CTF like challenge but it is not easy by any means um and you have a 24-hour span to write a report that you then submit um you have five machines that vary in difficulty and you have to get a 70% to pass and then passing without industry

experience it's really difficult um and then I wanted to give this so uh for those of you looking at the OSP it's a different type of certification um as opposed to e-learn I love e-learn security because they really teach you the uh techniques tactics and procedures on how to do things offensive security is more like a grueling experience it it conditions you into a offensive security engineer right so the training platform with e-learn is a good way to build up technical chops offensive security is just a mindboggle that grinds you and pumps you out as a as a different breed of security engineer um I also would like to shout out to my one of my buddies who works

with me uh Glenn Moran who actually got his pass on the certification today so congratulations to him so try harder is isn't just a Creed it's a way of life it's transformative and that's 100% true that was my buddy Chris who said that um he mentioned that to me on my first time when I took this exam and failed it um the ocp ocp is a process unlike any other certification out there it's going to condition you and prepare you to think like an offensive security engineer um and it's really going to push your limits and push you out of your comfort zone so the real cost of this is priceless the entire journey is priceless of course

there's a monetary value to it but once you're done it's it's relieving and it's it's amazing so so the road map this is the cost analysis I wanted to mention so first year second year right we're looking at a total of2 $2,400 on the first year $3,700 on the on the second year um we are running short on time so I'm G to kind of like Glimpse past this a little bit I will publish the publish the side publish the slides in uh Discord when we're all done so that way you can use these for later um and then there the talk will also be published later um on YouTube so but look at this know that

that's about the money that you're going to be spending and it's only about what 6,500 bucks give or take that's really cheap for a bunch of certifications that are going to really push your career and get you a six figure income if that's what you know part of the part of the game right because we all want to make sure we get a return on our investment a lot of times it's monetary values right so degrees versus certifications that's a big thing degrees help build your network because of the alumni groups that you become a part of um they teach you business processes you understand people influence culture um NBAs are going to really help you do that phds

are really going to help you do that uh to keep you accountable you have to turn in assignments right otherwise you fail and some provide you with high level technical skills uh even technical phds are are doing a thing now right the PHD that I'm doing is highly technical certifications provide accredited accredited proof of knowledge right so that means that you are accredited and certified by a governing body that you are able to understand this right uh provide technical skill sets right the ejpt pentest plus um ecpp and the ocp and then some required for D DOD or compliance those are the Cs that you can get to help get you a job um Security Plus CH and OSP obviously ocp

is the big on maybe not go after that one first um and then jobs often require them because of HR uh I saw somebody post on Twitter yesterday that they have ocp but they couldn't get a job as a penetration tester because they didn't have C that's the kind of silliness that we see with HR filters so you kind of have to play the game we don't make the game we just play it right so we have to kind of go enroll with the punches of the uh of the industry the other big question is why not just do both degrees provide your career to Excel and certifications provide your technical skills to excel so line now both do it all you got

plenty of time programming python bash Ruby C and Java so python bash and Ruby are good for scripting um I've really been getting big into Ruby lately because I'm trying to develop AWS Metasploit modules um so I'm having a lot of fun with that so if you are interested in developing metas modules look at Ruby um bash and python are just really good scripting um languages python you're going to learn you can use that to write EXP and things like that and yes I did mean Excel sorry typos dang PhD candidate can't even type or Spell correctly um C and Java those are what a lot of uh uh exploits are written in so um for

those of you that go through like the OSP and stuff too you're GNA see a lot of exploits written in C and Java uh other knowledge you're going to want to know obviously the domains of Windows Linux networking and software cloud is a big topic right now and if you learn that you're going to be able to be competitive highly recommend going into Cloud if you can um because it's just a new technology and um it's it's gonna it's going to become more than just like deploying ec2 instances like there's um Cloud business intelligence platforms there's uh a lot of different things that cloud I feel like everything is being directed to the cloud in the

next 10 years or so um and on print stuff while it will still be there will almost start to become an afterthought so here's those high level road maps what's up so six months to two years at a help Des position this is the help Des of pinest track by the way while you're in that position why not get Security Plus right and in six months to two years I guarantee you'll get into like kind some kind of CIS admin net admin maybe even some kind of security engineering position once you're at level two where you see right there under assis admin look at start getting some other CS like ch pintest plus ejpt to start propelling your

career into security and then go get a security engineer position remember too while we're doing all this besides the certifications you can also get a degree um and and utilize your network that's you know rule Numero Uno utilize your network um and so while you're a security engineer get uh ecppt byn security or OSP or both um and then once you have those Sears you can get into red teaming and Pen testing um while you know they're not required to to do it it is always pretty good um and this is a pretty common path that people people go on and then obviously after that you can go into management become a director um you know maybe even become an executive

ciso c um you know it's the the world is yours you know so says Tony Montana so um you know just use this as a template and you know feed in your own data into it and know that you know you can go from a help desk to becoming a pin tester within less of two years and I it's pretty common for for that to happen so this is the student to pin test track this is another one that I see where students become pin testers um you know you go through your fall spring internship stuff while you're doing an internship get aert I see a lot of interns just work and then that's it and

that's great but why not get aert while you're doing it you might even be able to get your company to pay for it degree programs you see the list there compiz cyber security info te or I'm sorry uh information technology and informatics um once you get out of uh school you know look at an entry level position whatever job that is it doesn't matter whether it's in security or it's not in security right take an entry level Tech position or a level one and then stay in that role for you know six months a couple years to get comfortable with the industry and then boom Find Your Mark and get into pen testing also get some

of those Sears that we mentioned you know on this slide all right staying curious and giving back it's a big thing big Community we're big on community in this uh industry so make sure that you give back on various hacking forums different blogs um then also sub subscribe to those hacking platforms that we talked about those are going to help build your technical skills and you're going to meet a lot of new people and find your Niche you know you got I only listed a few here but there's so many things that you can do in this career field so you know just make sure that you really you keep your hands dirty and you stay

active make sure you find a mentor make sure you're you're finding other student pin testers and then also make sure that you're finding people that you can teach and then also make sure that you're getting on those bug Bing platforms because those are going to help so here's a question um that somebody wanted answered so how to you get into pin testing with cs but no experience right because you hear a lot about that I hear a lot um sign up for bug Bounty programs do crowdsource pin testing platforms such as C.O and synak find those internships use your network and what and big thing is be humble you know don't say Don't just think because

you have a c security certification or even if you have ocp that you're all of a sudden some big hot shot Guru pen tester um you know you you have to be humble otherwise nobody's going to want to work with you um as harsh as that may sound and then take security related roles with a company where you want your pen testing career to go so if you want to go work for a big tech company maybe and you can't get a pen testing job um think about just you know going and working for them in a typical security position look like we're about five minutes to my time so which is good because we're closing up so closing

thoughts had you go on your journey into infosec pentesting whatever it is that you decide to do with your life you're going to start and you're gonna have a lot of ambition you're gonna have you're gonna be hungry you're gonna be so hungry then you're gonna fail you're gonna hit a ditch you're gonna hit a wall but make sure when you do that that you get back up or if you fall make sure that you make a make a fall forward that way when you get up you at least have a little bit of forward progress right and when you fail be humble and think about why you failed what did you do wrong and

from there you're going to learn you're going to learn what you did wrong and you're going to be able to use it as a learning experience a lesson learned and be able to grow from that because security is a journey and it's not a destination and with that that is my talk today here are some where places where you can find me you can find me on Twitter at Moy moose I'm on LinkedIn under John helmus um I also have a Blog on medum uh under Jonathan the helmus and then upcoming events I'm actually doing a 4H hour AWS pin testing workshop at shellcon unfortunately it's sold out uh it's sold out within about five days so um those tickets are gone

um however I'm G to be talking at vet setcon on October 16th at 10:30 a. that's um Pacific time I'm going to be doing a talk similar to this but it's geared towards veterans so if you know any veterans that are trying to get into cyber security and more exclusively in the pin testing please direct him to that talk direct him to me be glad to help him out um I'm also talking a great this year um at the end of October I don't have a set date but my talk is um it's about bypassing AWS policies through pentesting and then also um last but not least I have a book release um I have my book published by Pac um it's

called AWS pin testing and that's going to be coming out sometime in the fall so follow me on LinkedIn and Twitter and you uh make sure that you know it gets P published out when uh when it comes out so with that we got Q&A so Q&A on the twitch or on the Discord I'm at your uh your questions for the next three

minutes can we pre-order the book uh let me talk to the publisher about that yeah I was going to say go ahead and watch the Discord but answer the questions on the stream for people who are not on the Discord okay so on the twitch stream please read the questions before you answer oh go ahead did anybody else sorry uh it doesn't look like there's anything on the twitch stream somebody said 20 or 24,000 maybe I made a wrong number uh was kind of funny so before I publish the uh the slide deck out to everyone I'll make sure to do a good throw cleansing of grammar in it um but yeah if uh so if anybody has any

questions it doesn't look like there's anything on the twitch Channel um but I'm going to be hanging out in the Discord channel for the next 20 30 minutes so if you guys want to hang out and talk to me I'll be in there and yeah great thank you very much John we appreciate it yeah thanks guys