Search content

Frequently asked questions

How to prepare for an Ethical hacking / Penetration testing job?

What is an ethical hacking / penetration testing job?

What is Data protection profession / Privacy profession?

What is Security operations center (SOC) job?

What is GRC / ISO27001 / ITGC career?

What are the various free / open source test platforms to practice ethical hacking / penetration testing?

How to practice Android security testing?

What are the common interview questions in Ethical hacking / Penetration testing job interviews?

What are the tools to learn ethical hacking / Penetration testing?

Where to practice ethical hacking on Cloud setup?

How to practice API testing for free?

How to prepare for an ITGC / ISO27001 / GRC job?

How to prepare for an Ethical hacking / Penetration testing job?

Helpful resources

There are many practical ways that a college student could learn professional ethical hacking / penetration testing to prepare for a job. One thing that students need to remember is that communication, report writing, email writing are an integral part of every job and hence just focussing on technical aspects is not sufficient. They must learn to communicate, interview, write professional reports, write professional emails etc. Following are the steps one can follow and keep repeating to become ready:

Install Kali Linux, DVWA, metasploitable
Install testing tools such as Burpsuite, nmap etc.
Start testing DVWA and metasploitable (all levels)
Familiarize yourself with OWASP top 10, understand common terms such as vulnerability, threat, risk, likelihood, impact, Patches, patch management etc.
Write a formal VAPT report and classify gaps into low, medium or high severity
Present the report to a friend of yours. Record it and listen to it
Repeat the above with a different application (bwapp, portswigger labs etc.)
Simultaneously register in test hacking platforms such as Hackthebox , tryhackme and start solving boxes