I know and heard of a lot of pentesters who search for a ton of stuff most of the time and have a pretty low skill in hacking.
Of course, you need some basic skills, the classic linux, networking, active directory, some coding etc and you will learn how things work as you gain experience.
But a lot of hackers simply learn some basic skills and then google for exploits, vulns, tools, and other stuff that others made.
To be honest it is pretty simple to hack stuff when you have so much information available.
Of course, I don't want to be a simple script kiddie, but as a beginner myself I was wondering if I should focus my efforts on searching for stuff with google dorks and other osint stuff like that at this level.
I am going to be a web app pentester in a few months and this is my first real-life experience with hacking and my superior colleagues who both have OSCP said that they mostly google stuff.
What do you think ?
[link] [comments]
from hacking: security in practice https://ift.tt/BEnzosk
Comments
Post a Comment