SO YOU WANNA BE A P E N T E S T E R

Penetration Testing
Resource Guide

Introduction
Do you know what it takes to get started as a penetration tester and break into the field? There´s a lot you
can do on your own. Many of our consultants have built their careers on development and security self-
study.In this guide, we’ll offer recommended resources for you to jumpstart your career as a pen tester from
online courses and traditional books to certifications and standard industry tools.

THERE’S LOADS TO LEARN ONLINE

‒ PentesterLab: An introduction to pen testing via tutorials, plus hands-on challenges based on common vulnerabilities. pentesterlab.com
‒ Coursera: Online classes on technical and professional development topics, including programming, with certification and
specializations available. coursera.org
‒ OWASP Top 10: A regularly updated report from the Open Web Application Security Project detailing the 10 most critical risks for web
application security. owasp.org/www-project-top-ten
‒ Hacker101: A collection of free videos on YouTube that will teach you everything you need to operate as a bug bounty hunter.
bit.ly/hacker101playlist
‒ Web Hacker Basics: Offers a free introductory course on YouTube on hacking basics for web app security testing. bit.ly/webhackerbasics
‒ Web Security Academy Series: A free YouTube series that walks through each of the challenges in
Portswigger Academy. bit.ly/websecurityacademy
‒ AWS in Plain English: An easy-to-understand breakdown of each AWS cloud service. bit.ly/awsplainenglish

LEARN MORE THE OLD-FASHIONED WAY

‒ Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman

‒ The Tangled Web: A Guide to Securing Modern Web Applications by Michal Zalewski
‒ Web Application Hackers Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard
‒ Hacking APIs: Breaking Web Application Programming Interfaces by Corey Ball
‒ Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz and Tim Arnold
‒ The Hacker News: Read about cybersecurity news in one trusted cybersecurity publication site. thehackernews.com

GUIDE
 GET FAMILIAR WITH INDUSTRY STANDARD TOOLS

‒ Kali Linux: A Linux distribution that comes preloaded with security tools.
‒ Burp Community Edition: An integrated platform for performing security testing of web applications.
‒ Nmap: A security scanner used to discover hosts and services on networks.
‒ Virtual Box: An application that allows you to simultaneously run multiple operating systems inside multiple
virtual machines.
‒ Amazon Web Services (AWS): Use Amazon Elastic Computer Cloud (E2C) to create and run victual machines, or instances,
in the Cloud.

TEST YOUR SKILLS

Put your skills to the test. These resources can help you hone in your skills and determine your proficiency level and where you can spend
more time learning.

‒ OWASP Broken Web Application Project: A downloadable collection of vulnerable web apps distributed on a
virtual machine. owasp.org/www-project-broken-web-applications
‒ VulnHub: A catalogue of downloadable, intentionally vulnerable, virtual machines, with walkthroughs challenging users to compromise
Windows, Linux, and other hosts. vulnhub.com
‒ Hack The Box: Host servers you can practice breaking into to the computer flag. hackthebox.com
‒ TryHackMe: Offers free hands-on cybersecurity training with guided tasks and challenges. tryhackme.com
‒ PortSwigger: Visit their Academy for free, online web security training from the creators of Burp Suite. portswigger.net/web-security
‒ PicoCTF: Free computer security education program with original content built on a capture-the-flag framework. picoctf.org
‒ OWASP Juice Shop: The open-source vulnerable web application hosted by OWASP, showcasing vulnerabilities from the entire
OWASP top 10. juice-shop.herokuapp.com

CERTIFICATIONS

If you are interested in getting a security certification, keep reading for a breakdown of some of the most popular and common certs. If you
decide, certs aren’t for you, we also dive into some alternatives (like finding a cybersecurity mentor) to earning a cert that can still help boost
your skillset and make you more appealing to potential employers.

‒ Certified Ethical Hacker (CEH): Issued by the EC-Council, CEH is a good “starter” cert, so it’s a perfect option if you’re just getting your
feet wet in security.
‒ Offensive Security Certified Professional (OSCP): Offered by the Offensive Security organization, this cert is easily the most well-known
and highly sought-after. The OSCP exam is fairly difficult for anyone who is just starting out in security, but the good news is that it doesn’t
require renewal.
‒ Certified Information Systems Security Professional (CISSP): This is a cert you’ll want to get if you aspire to be a security leader. It is
intended to teach how to effectively design, implement, and managed a best-in-class cybersecurity program. It is geared more for those in
mid-level or senior positions.
‒ GIAC Penetration Tester (GPEN): SANS GIAC Certs are some of the most reputable names in security training. The GPEN certification
focuses on technical deep dives of penetration testing.

GUIDE
 FIND A MENTOR

A mentor can help you dig into technical subject matter that you want to familiarize yourself with (e.g., enhancing your network pen testing
skills), as well as soft skills to develop effective communication and management. Other skills mentors can help you improve include salary
negotiation, interviewing, and advocating for yourself in the workplace. These skills might not be as flashy as red teaming, but they are still
extremely beneficial in developing professionally!

How Do You Get Started?

‒ Begin with your network (co-workers, professors or teachers, friends, classmates, and even family members)
‒ Look up to someone at work or online? Talk to them!
‒ Network, network, network: Take advantage of casual online or in-person meetups and local conferences.
‒ Try the weekly #CyberMentoringMonday thread via Tanya Janca (@SheHacksPurple).

Helpful Resources
‒ Bishop Fox’s RedSec Discord: discord.gg/redsec
‒ Women’s Society of Cyberjutsu Slack Channel: womenscyberjutsu.org/page/joinslack
‒ “How Great Leaders Inspire Action” – A Ted Talk by Simon Sinek

JOIN YOUR LOCAL SECURITY COMMUNITY

Some of the best ways to learn is from peers around you. Consider attending local meetups or national conferences, as well as participating
in Capture the Flag (CTF) events.

CONFERENCES

There are many security conferences out there to attend, and we love so many! Since there are simply too many to share here, we’ve chosen
to highlight some of our favorites that bring us back year after year.

‒ SANS Cyber Security Summit: sans.org ‒ RSA Conference: rsaconference.com/usa

‒ DEF CON: defcon.org ‒ OWSAP Global AppSec: owasp.org/events
‒ BSides: securitybsides.com ‒ The Diana Initiative: dianainitiative.org
‒ Wild West Hackin’ Fest: wildwesthackinfest ‒ CactusCon: catcuscon.com

CAPTURE THE FLAG (CTF) EVENTS

CTFs are a gamified exercise designed to test cybersecurity skills, with the goal, much like in the live-action, outdoor game, of obtaining the
highest score by capturing the most flags.
There are hundreds of CTF events taking place every year, which means ample opportunity to find some that fit your timing and needs just right.
Some CTFs are virtual, while others happen on-site at a conference or meeting. A few we recommend:

‒ PicoCTF: Perfect for young minds in STEM who want to take their coding hobby to the next level, PicoCTF provides year-round cybersecurity
education content (PicoGym practice challenges) for learners of all skill levels. picoctf.org
‒ Red Team Village: Offers a couple of events per year, plus Red Team stations where attendees can practice their skills and interactive
workshops focused on web attack training, HackerOps, hacker APIs, OSINT skills lab, and more. redteamvillage.io
‒ DEF CON: One of the most elite competitions available to hackers. The teams conduct reverse engineering, pwning, and pushing other
hackers off their boxes in the head-to-head competition to directly demonstrate effective exploitation for the future. forum.defcon.org

GUIDE
 GUIDE

WANT MORE INFORMATION?

We have even more free tools, style guides, and resources on our website. bishopfox.com

Cybersecurity Greatest Hits: Breaking & Entering:

Style Guide Ultimate Lists Guide A Pocket Guide for Friendly
Remote Admins
Get the lowdown on the latest tech The ultimate guide of all our favorite
terms for cybersecurity writing that’s lists – from red team and cloud Designed to serve as a complete CTF
accurate, consistent, and clear. penetration tools to the best reads for engagement roadmap. Use this asset
your offensive security journey. as either a step-by-step guide or as
a reference during any given phase if
participating in a CTF competition.

bit.ly/cybersecuritystyleguide bit.ly/ultimatelistsguide bit.ly/remoteadminsguide

Advisories Bishop Fox Labs Careers & Internships

Explore the latest security bulletins Our dedicated R&D team works with We’re hiring! Explore our open positions
and advisories released by our team. experts across our consulting and and discover why the Fox Den is a
engineering organizations to develop great place to build your career.
new research, create novel security
tools, and publish technical articles.

bishopfox.com/advisories bishopfox.com/labs bishopfox.com/careers

About Bishop Fox

Bishop Fox is the leading authority in offensive security, providing solutions ranging from continuous penetration testing, red
teaming, and attack surface management to product, cloud, and application security assessments. We’ve worked with more than
25% of the Fortune 100, eight of the top 10 tech companies, and hundreds of other organizations to improve their security. Our
Cosmos platform was named Best Emerging Technology in the 2021 SC Media Awards, and our offerings are consistently ranked
as “world-class” in customer experience surveys. We’ve been actively contributing to and supporting the security community for
almost two decades and have published more than 16 open-source tools and 50 security advisories in the last five years. Learn
more at bishopfox.com or follow us on Twitter.

C O NNE C T W ITH U S

Get started today.

Are you ready to start “defending forward”?
Get in touch with our offensive security experts
today to explore solutions that meet your unique
business needs.
8240 S. Kyrene Rd. • Tempe, AZ 85284
480.621.8967
23010116 © Bishop Fox. All rights reserved worldwide. [email protected] • bishopfox.com