Summary
A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. Not to be confused with a vulnerability assessment.
Baseline
-
Hard Skills
- Understanding of web application development and technologies.
- Familiarity with industry standard classification schemes such as CVE, CVSS, CWE, CAPEC.
- Familiarity with the systems / technologies used to host web applications.
- Familiarity with commercial and open source vulnerability / penetration testing tools.
- Experience developing custom code and scripts.
- Familiarity with IP network architecture technology and protocols, Windows and Linux operating systems, routing, web technologies and protocols, common programming and scripting languages, SQL databases and queries, and OWASP.
Soft Skills
- Excellent presentation and communications skills to effectively communicate with management and customers.
- Ability to clearly articulate complex concepts (both written and verbally).
- Ability, understanding, and usage of active listening skills (especially with customers!).
Education
- Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent experience
Certification
Job Salary
Asia
$58K <= $76K <= $85K
Africa
$30K <= $43K <= $61K
North America
$65K <= $81K <= $111K
South America
$56K <= $70K <= $78K
Europe
£31,624 <= £60,999 <= £98,499
Oceania
AU$60K <= AU$69,990 <= AU$75K
Interview Questions
- https://www.synopsys.com/blogs/software-security/web-appsec-interview-questions/
- https://medium.com/@techcluesblog/penetration-testing-interview-questions-22842d4d668f
Training Resources
-