How to become a penetration tester - Part 2

In this reddish edition of the Exploring Information Security podcast, Andrew Morris of Endgame joins me to discuss how to become a penetration tester.

Andrew (@Andrew___Morris) is a security researcher at Endgame. Before he got that role he was a penetration tester. I had an opportunity to get to know Andrew at some events in the Columbia, SC. He's very knowledgeable and excited about what he does in the information security space. In this two-part series we discuss some of the nuances of being a pen tester and how to find yourself in that particular role.

In this episode we discuss:

  • What tools a penetration tester uses
  • What skills are needed to be a penetration tester
  • Andrew discusses how he became a penetration tester

More resources:

How to become a penetration tester - Part 1

In this reddish edition of the Exploring Information Security podcast, Andrew Morris of Endgame joins me to discuss how to become a penetration tester.

Andrew (@Andrew___Morris) is a security researcher at Endgame. Before he got that role he was a penetration tester. I had an opportunity to get to know Andrew at some events in the Columbia, SC. He's very knowledgeable and excited about what he does in the information security space. In this two-part series we discuss some of the nuances of being a pen tester and how to find yourself in that particular role.

In this episode we discuss:

  • What is a penetration tester?
  • Why become a penetration tester?
  • What writing a report is like
  • What is the day-to-day life of a pen tester

More resources:

How to break android apps for fun and profit - part 2

In this ruptured episode of the Exploring Information Security podcast, Bill Sempf joins me to discuss how to break android apps.

Bill (@sempf) is an application security architect who loves the grind of security. He recent spoke at DerbyCon on "Breaking android app for fun and profit." Watching the talk prompted me to invite Bill on the show to dive in a little more. What I like about the talk is that it's almost entirely a demo that walks through the steps of setting up the test environment. You can find more content from Bill at his website and the OWASP .NET project.

In this episode we discuss:

  • Other tools to use for testing mobile applications
  • OWASP Mobile Top Ten
  • Methodology for testing
  • Types of vulnerabilities Bill has found

More resources:

How to break android apps for fun and profit - part 1

In this ruptured episode of the Exploring Information Security podcast, Bill Sempf joins me to discuss how to break android apps.

Bill (@sempf) is an application security architect who loves the grind of security. He recent spoke at DerbyCon on "Breaking android app for fun and profit." Watching the talk prompted me to invite Bill on the show to dive in a little more. What I like about the talk is that it's almost entirely a demo that walks through the steps of setting up the test environment. You can find more content from Bill at his website and the OWASP .NET project.

In this episode we discuss:

  • Whybreak an android app
  • The skills needed to break android apps
  • We start to get into some of the tools needed to break an android app
  • What operating system to perform the tests on

More resources: