Many people out there talk about great resources to use to get into penetration testing, but few actually lay out a clear step-by-step career path. I will give you what I think is a solid way to enter the field with some of the most up-to-date hands-on experience that you can get. All of the steps I go over have content that is highly engaging, hands-on, and “gamified” If you are an experienced gamer that loves engaging content and problem-solving, then this guide will absolutely help you land a pen-testing job.
We should start off with the question, is penetration testing the right career for you? This first step is a bit more open-ended than the rest. Hopefully, you have already decided to get into cybersecurity and, specifically, penetration testing. But to answer this question, if you are unsure, I suggest signing up for our Cybersecurity Career Jumpstart. The career jumpstart is a comprehensive program to guide you toward a career in cybersecurity that best suits you. You can also watch videos on Youtube of people doing CTF exercises. A personal favorite of mine is John Hammond; his CTF videos will give you a great view into hands-on pen testing experiences. It’s ok if you don’t understand the details, commands, and methods in the videos but try to get a view of the big picture of what is trying to be achieved.
Do you want to have a career in penetration testing?
In my opinion, the real first step in acquiring experience is signing up for an account on Try Hack Me. The platform has great learning paths that will help you grasp concepts and give you tons of hands-on experience actually hacking vulnerable machines. In fact, each learning platform I will mention has Byte-sized gamified lessons that are incredibly fun. On THM, you will learn how to scan machines with Nmap, check for vulnerabilities, craft and run exploits and use privilege escalation to gain root access to the machine. You can select a learning path that fits you depending on your skill level. I chose the pre-security pathway followed by Jr pentester and Offensive pen testing. Again your starting point may be different than mine. For example, I already had a lot of experience using Windows, general knowledge of computers and networks, and experience using virtual machines and Linux. You can select the complete beginner pathway if you have less knowledge in these areas. You can jump straight into the Jr pentester path if you have more.
For example, the three pathways I mentioned have a suggested time estimate of around one hundred and fifty hours. The time invested here will give you the knowledge and confidence to understand the pen-testing universe and give you the skills to start comfortably hacking machines by yourself. Once you have completed the Offensive pen-testing path, I recommend that you start hacking the stand-alone CTF challenges. These challenges won’t hold your hand like the boxes in the previous pathways and will better prepare you to start thinking for yourself. Try to complete a few of these CTF boxes without using walkthroughs before moving on to the next step. There are other pathways like cyber defense and red teaming, but I think doing the stand-alone CTFs or moving on to the next step may be a better choice.
Both Try Hack Me and Hack The Box have badges and certifications that can be posted on LinkedIn. These badges are great for showing the progress of your technical skills. After completing a module, you earn a specific badge for that topic, posting many of these badges will really help to build out your LinkedIn profile and will help to receive more interest from employers.
Once you have created a solid foundation of knowledge and skills using Try hack me, it’s time to put all of that to the test with Hack the Boxe’s Certified Penetration Testing Specialist (HTB CPTS). This is a career path like the ones on THM, but it has an exam at the end giving a certification. The time estimated for the modules in this path totals around 984 hours, so be prepared to invest some serious time here its no joke. The exercises and exam certification here will be the factor that will allow you to bridge the gap into applying for a career.
If you didn’t pay attention to the Offensive pen-testing path on Try Hack Me, you would absolutely struggle to keep up on the HTB Certified Penetration Testing Specialist path. The content here is more difficult and holds your hand less than THM. It’s extremely important to take notes here if you haven’t been already. It would be nearly impossible to remember all the methods and commands given throughout the modules in this pathway without solid notetaking.
After completing and earning your certification from the HTB Certified Penetration Testing Specialist path, I would recommend starting job hunting. I personally believe at this point, you should have developed the technical skills needed to land a job and succeed. You can stop reading here and start applying or move on to the next step, which isn’t mandatory but will absolutely be a huge plus on your resume. I won’t go into resume specifics, but I recommend reading a bit further because even just putting that you are enrolled in the OSCP on your resume shows your dedication and is a big plus and something employers seek out.
So, I think Offensive Security is the next place to go after Hack The Box. This is the big one everybody talks about. This company provides the OSCP certification that many Jr penetration testing roles put as a requirement on the application. That being said, you don’t actually have to have the certification to land a job, but again just putting that you are enrolled in the OSCP on your resume is a big plus and really is the next step in showing your skills and passion for the field.
Here is a brief overview of the PWK and exam from Offensive Security. Remember, this is the most difficult content to go through at this point so far. Offensive Security provides a course called Penetration Testing with Kali Linux (PWK). This online, self-paced course has a virtual lab environment and a dedicated forum where students can collaborate and seek help from the community, similar to HTB and THM. The course teaches the fundamentals of penetration testing and provides practical experience in exploiting vulnerabilities in a controlled environment also similar to THM and HTB but with more challenging content. The final challenge of the course is a 24-hour exam where the student is required to exploit several machines and submit a report documenting their findings.
If you pass the PWK exam, you earn the Offensive Security Certified Professional (OSCP) certification. This certification is widely recognized in the industry and is often a requirement for junior penetration testing roles. The OSCP certification demonstrates your knowledge and practical skills in penetration testing and can greatly increase your chances of landing a job in the field.
After obtaining the OSCP certification, you can start looking for junior penetration testing roles with full technical confidence. Entry-level positions in this field usually involve performing vulnerability assessments and penetration testing under the supervision of more experienced professionals. This is a great opportunity to continue learning and gain hands-on experience in a professional environment.
In conclusion, the path to becoming a penetration tester requires dedication, passion, and continuous learning. By following the steps outlined in this article, you can gain the knowledge and practical skills needed to start a career in this field. Remember to stay curious, keep practicing, and never stop learning. Good luck on your journey, and don’t forget, TAKE NOTES!