I want to become a Professional Pentester (LONG Introduction)

*already posted on Discord

Wonderful hello to community:
I Want to become a Professional Pentester. I want to learn it step by step with a strong basic knowledge. 1 Year ago i Worked in IT Helpdesk and before i studied Aerospace Engeneering. (completly different field). For this goal i knew that reaching this goal will not be easy, specially running the extra mile after a hard working day. So I decided tochange myjob. Getting even a Junior Pentesting Job was not an easy task for me, let me be honest, at this time (1 year ago) it was even impossible. I also had my own company wich I started with a friend. But due to personal problems he left me alone with this company and many debts (still to pay). During my learning process i first started with networking (I had very very poor knowledge about general IT and how everything works, I was first/second level supporter at this time) So I started to learn Networking, specially CISCO Networking Essentials. After 4 Month of learning during and after the work (at least when I had the energy) in the beginning of 2022 I quit the Helpdesk Job and started in a provider Company as a Junior Network Engeneer. In this time I had my first experience with Professional Networking Job from the WAN side. I learned troubleshooting, first time I entered Router CLI and Switch CLI and saw configurations of VLAN, STP and got in touch with different technologies like 6cos, VPN Instances, Leased Line, MPLS and so on. Unfortunately my knowledge base was to low and the enviroment was very toxic. The end of the game was that I had to leave. Being unsucessful in my first Junior Position. I had to leave after 4 Months. After that I added my new skills to my CV and I got alot of offers. Everyone wanted me- But Only in Helpdesk- In Network or securoty it was still very hard. I even got offers for project Manager positions in Helpdesk and local IT. Payment was great, I would be able to pay all my bills and debts within a Year.
But on the other hand I knew: If I go back to IT again, I will loose my way and becoming a security expert in the future will be ever a dream. I rejected all offers and continued searching for Networking Jobs. I never cared about the payment. I would even work for very low amount € if I just pay my rent and feed my wife and my child. I was even okay if my debt cases would go to the court. I knew I can always go back to IT Helpdesk in worst case. I was 2 months without a project or work and we had problems to pay even the rent. My wife took our last reserves and after that I was prepared to move back to IT Helpdesk to make at least Money for some time.Just in the last second I got an offer from a very big telecommunication Company here in Germany, and I dont know, I never expected that they will give me that chance. The great thing about this is not the fact that they choose me for the project and hired me, they hired me as a freelancer. In my case I get very good payment, all my debts can be payed hopefully until beginning of 2023. And I have to learn alot. Important topics are Spanning Tree - VPN - VLAN - BGP and Autonomous Systems and so on. My goal is also doing the CCNA until the end of the year. But lets stick back to the Topic: The long Term goal is to be an Securoity expert with core competences in pentesting. My Plan is to build a strong base. One base will be build on the Job with networking. That means, in my freetime I will not care seriousely about that Topic, I can invest my resources in other basic Topics. I dont want to “start hacking asap”. I want to view this whole thing as a journey.
I considered some rules of Engagement for myself during this Path (still to complete)
1.) Basic knowledge must be very strong
2.) Build an enviroment wich always confronts me with that topic and forces me to learn
3.) go step by step

Focus Areas:
At the moment I am concentrating on following areas
1.) Networking (Job)
2.) Linux Distribution and Architecture (Uninstalled even Windows and put Kali Linux as Main distribution to force myself to learn active or passive )
3.) Python Programming (just Programming on Linux Terminal and PyCharm)
4.) Web Requests HTTP, Protocols, curl and so on

Next Step Focus:
Next Step will be:
1.) HTML, CSS and Java Script (Goal will be to program my own Buisness Website completly with code. It will not be advanced like an apple website, but it will be my own website- Every line will be written with my bare hands)
2.) SQL basics
3.) Very Basic Machine Language Assembler and General Computer Architecture (Neumann Architecture, Registers and so on)

Maybe some more experienced persons can answear that Questions:

  1. What Modules would you add to Basic knowledge ?
  2. Would you prefer maybe another way? Problem with this basic thing is, its very long term and sometimes it becomes very hard to be keep motivated. Maybe somebody of you have an Idea how to add maybe some small modules wich can give me short time success? (It would be nice if I could say that I practically can do some stuff.)
    3.) Somebody have an Idea optimizing this Path?
    4.) How and where can I get connected with experienced and unexperienced Hackers? Forums/ Plattforms and so on? (I dont want to register on 100 different Plattforms…one two or 3 maximum are enough
    5.) Somebody want to connect with me an learn, talk or inspire together ?

Thank you for your patience and best regards whereever you are.

1 Like