TrainACE - IT and Cybersecurity Training Blog

The Steps to Becoming a Penetration Tester

[fa icon="calendar"] Nov 22, 2013 9:35:26 AM / by The TrainACE Team to statistics provided by, the cost of cyber crime will top $100 billion this year. Cyber crime affects 18 victims per second for a total of around 556 million victims per year. Just recently, the FBI warned that cyber attacks have eclipsed domestic terrorism as the primary threat to U.S. security. Penetration testers use their skills to help organizations fix vulnerabilities in their systems. But what are the steps to becoming a penetration tester?

Penetration testers fight on the front-lines of cyber security. They give financial institutions, hospitals, government institutions and businesses vital information about how to improve their network security. Penetration testers protect not only institutions but also individual customer's bank accounts, health records and private information. In a job market that has a profound shortage of cyber security professionals, penetration testers can contribute to society and potentially earn six figures for their efforts.

What is penetration testing?

A penetration tester is paid to hack into the networks of organizations to help organizations identify weak points. Penetration testers may work for companies, not-for-profits or government agencies. They can also offer independent consulting services.

What is a typical day like for a penetration tester?

Penetration testers come up with ingenious ways to launch cyber attacks against their clients. For example, a tester may sit inside a parked car and attempt to hijack company Wi-Fi to launch a man-in-the-middle attack. A tester may also use a company restroom, drop a corrupted thumb drive on the countertop and then wait to see whether employees pick up the drive.

Testers launch phishing campaigns against company e-mail accounts to educate executives about potential vulnerabilities. They may even try to physically breach security by posing as technicians or delivery personnel. From their own terminals, they may try to launch DDoS or SQL injection attacks against the organizations. Their goal is to find weaknesses and develop strategies that reduce or eliminate threats.

How does someone become a penetration tester?

A strong record of IT experience, along with certification, will help people to find work as penetration testers. For people without IT backgrounds that want to become penetration testers, experts recommend starting by earning A+ Certification and finding a job working a help desk. In addition to A+ Certification, future penetration testers can add credentials like CCNA or Network+ that will enable them to be promoted to network support, network administration and network engineering roles.

To move into information security, penetration testing candidates can earn security certifications, including Security+, CISSP or TICSA. Programming languages like Java, Perl or LISP are important as is the ability to write Unix/Linux distributions and commands. Additionally, people that want to become penetration testers should spend some time learning how to use and manipulate SQL databases.

What certifications are required?

People can earn the Certified Ethical Hacker (CEH) designation from the Internal Council of Electronic Commerce Consultants (EC-Council) by following one of two processes. After completing training or self-study, future penetration testers must pass Exam 312-50 to earn their CEH credential.

  1. EC-Council training program. The EC-Council's CEH training program is offered at some local universities. It's also offered online either as a self-paced course or as an instructor-led course. Organizations can also book instructors to teach CEH training courses onsite.
  2. Self-study. People that want to skip the training program can take the certification exam without going through EC-Council training. However, they must submit an application to the EC-Council confirming at least two years of relevant employer-endorsed information security work experience. Without this experience, they can still apply and ask the EC-Council to consider whatever work experience they have. The council makes decisions on a case-by-case basis.

What else is required?

In addition to earning certification, penetration testers need to have good social engineering skills. When trying to break into a data center, for example, they'll need to be able to convince personnel that they're authorized to be there. They'll also need to construct realistic social engineering attacks as part of their comprehensive network testing.

Most companies perform background checks before hiring a CEH. For jobs in government that require security clearance, testers should expect a background check and a polygraph test. Also, testers should keep up with EC-Council re-certification requirements. Currently, CEH holders must re-certify every three years to keep the credential.

Getting started

So now you know the steps to becoming a penetration tester are you ready to jump in? TrainACE runs regular training classes for the Certified Ethical Hacker certification. The classes are very hands-on, so you learn how to use the tools in the real world as well as prepare for the technical exam.

Learn more about our CEH training: Certified Ethical Hacker training and certification.



Topics: CEH, Cisco, Online Training, Pentesting, Programming

The TrainACE Team

Written by The TrainACE Team

Need IT Certifications?
Want more info?

Call (301) 220-2802