SlideShare a Scribd company logo

Recruiters' guide to hire an Ethical hacker

ā€¢Download as PPT, PDFā€¢
ā€¢
Ayman Hussein
Ayman Hussein

a general knowledge you need to know if you wanna make sure this one is a penetration tester or an Ethical hacker to recruit him

Business
1 of 16
Ethical Hacking & Penetration testing General Knowledge Ayman Mohammed ā€“ CEH http://www.AymanMohammed.com
Outline ā€¢ Introduction ā€¢ Certificates ā€¢ Keywords ā€¢ Questions ā€¢ References
General tips about information security career
Introduction to Ethical Hacking ā€¢ Ethical hackers ā–« Employed by companies to perform penetration tests ā€¢ Penetration test ā–« Legal attempt to break into a companyā€™s network to find its weakest link ā–« Tester only reports findings ā€¢ Security test ā–« More than an attempt to break in; also includes analyzing companyā€™s security policy and procedures ā–« Tester offers solutions to secure or protect the network
The Role of Security and Penetration Testers ā€¢ Hackers ā–« Access computer system or network without authorization ā–« Breaks the law; can go to prison ā€¢ Crackers ā–« Break into systems to steal or destroy data ā–« U.S. Department of Justice calls both hackers ā€¢ Ethical hacker ā–« Performs most of the same activities but with ownerā€™s permission
Penetration-Testing Methodologies ā€¢ White box model ā–« Tester is told everything about the network topology and technology ā–« Tester is authorized to interview IT personnel and company employees ā–« Makes tester job a little easier ā€¢ Black box model ā–« Company staff does not know about the test ā–« Tester is not given details about the network ļ‚– Burden is on the tester to find these details ā–« Tests if security personnel are able to detect an attack ā€¢ Gray box model ā–« Hybrid of the white and black box models ā–« Company gives tester partial information
Ethical Hacking in a Nutshell ā€¢ What it takes to be a security tester ā–« Knowledge of network and computer technology ā–« Ability to communicate with management and IT personnel ā–« Understanding of the laws ā–« Ability to use necessary tools
Known certificates in cyber security field
Most famous certificates ā€¢ EC-Council ā–« CEH(Certified Ethical Hacker) ā–« ECSA (EC-Council Certified Security Analyst) ā–« LPT(Lice sensed Penetration Tester) ā€¢ SANSGIAC (Global Information Assurance Certification) ā–« GPEN(GIAC Certified Penetration Tester ) ā–« GWAPT(GIAC Web Application Penetration Tester) ā€¢ OSSTMM (The Open Source Security Testing Methodology Manual) ā–« OPST (OSSTMM PROFESSIONAL SECURITY TESTER ACCREDITED CERTIFICATION) ā–« OPSA (OSSTMM PROFESSIONAL SECURITY ANALYST ACCREDITED CERTIFICATION) ā–« OPSE (OSSTMM PROFESSIONAL SECURITY EXPERT ACCREDITED CERTIFICATION) ā€¢ Mile2 ā–« CPTEngineer(Certified Pen Testing Engineer)
Keywords you need to know , and search inside the resume
Top Keywords ā€¢ Certificates : ā–« CEH , ICSSP , LPT , CPTEngineer , ECSA , GPEN, OPST ,OPSA ,OPSE , CISM, CISA ā€¢ Tools: ā–« Kali , Metasploit , sqlmap , Burp Suite , Acunitix ,IBM Appscan ,Nmap ,Cain & Able ,WireShark ,Nessus ,snort ,OpenSSH ,BackTrack ,Brutus ,John the Ripper. ā€¢ Methodologies : ā–« OWASP Top 10 , PCI-DSS ā€¢ Vulnerabilities : ā–« XSS , Sql injection , CSRF , session hijacking , ....
Some questions to assess the Penetration testing knowledge
Questions & answers ā€¢ Q. What is XSS or Cross Site Scripting? Ans.Ā XSSĀ orĀ crossĀ siteĀ scriptingĀ isĀ typeĀ ofĀ vulnerabilityĀ  thatĀ hackersĀ usedĀ toĀ attackĀ webĀ applications. ā€¢ ItĀ allowsĀ hackersĀ toĀ injectĀ HTMLĀ orĀ JAVASCRIPTĀ codeĀ  intoĀ aĀ webĀ pageĀ whichĀ canĀ stealĀ theĀ confidentialĀ  informationĀ fromĀ theĀ cookiesĀ andĀ returnsĀ toĀ theĀ hackers.Ā  ItĀ isĀ oneĀ ofĀ theĀ mostĀ criticalĀ andĀ commonĀ techniqueĀ  whichĀ needsĀ toĀ beĀ prevented. ā€¢ Q. What is a honeypot? Ans.Ā HoneypotĀ isĀ fakeĀ computerĀ systemĀ whichĀ behavesĀ  likeĀ aĀ realĀ systemĀ andĀ attractsĀ hackersĀ toĀ attackĀ onĀ it.Ā  HoneypotĀ isĀ usedĀ toĀ findĀ outĀ loopĀ holesĀ inĀ theĀ systemĀ  andĀ toĀ provideĀ solutionĀ forĀ theseĀ kindsĀ ofĀ attacks.
Questions & answers (cont.) ā€¢ Q. What type of tools are there out there for packet sniffing? Ans.Ā Ā WiresharkĀ isĀ probablyĀ theĀ mostĀ commonĀ  packetĀ sniffingĀ tool.Ā ThisĀ programĀ canĀ helpĀ youĀ findĀ  oddĀ trafficĀ acrossĀ theĀ networkĀ orĀ identifyĀ aĀ programĀ  thatĀ isĀ sendingĀ trafficĀ silentlyĀ fromĀ aĀ host.Ā  ā€¢ Q. Which tools are you using in Performing automatic vulnerability testing? Ans.Ā ThereĀ areĀ manyĀ toolsĀ toĀ doĀ soĀ ,Ā theĀ mostĀ  famousĀ toolsĀ areĀ AcunitixĀ ,Ā IBMĀ AppscanĀ ,Ā BurbĀ  suiteĀ ,Ā ZAP.
WhereĀ toĀ startĀ gainĀ moreĀ knowledge
ā€¢ http://www.softwaretestinghelp.com/interview- questions/security-testing-interview-questions- and-answers/ ā€¢ http://www.eccouncil.org/Certification/professi onal-series/ceh-course-outline ā€¢ http://www.zdnet.com/article/10-things-you- need-to-know-before-hiring-penetration- testers/ ā€¢ https://www.owasp.org/index.php/Top_10_201 3-Table_of_Contents

Recommended

Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingWon Ju Jub
Ā 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
Ā 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Hykeos
Ā 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
Ā 
Web application Testing
Web application TestingWeb application Testing
Web application TestingOWASP Foundation
Ā 
WiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaWiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaEC-Council
Ā 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
Ā 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
Ā 

Recommended

Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingWon Ju Jub
Ā 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
Ā 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Hykeos
Ā 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
Ā 
Web application Testing
Web application TestingWeb application Testing
Web application TestingOWASP Foundation
Ā 
WiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaWiFi Data Leakage by Solomon Sonya
WiFi Data Leakage by Solomon SonyaEC-Council
Ā 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
Ā 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
Ā 
Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspectiveDr. Anish Cheriyan (PhD)
Ā 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
Ā 
How to Get into ICS Security byChris Sistrunk
How to Get into ICS Security byChris SistrunkHow to Get into ICS Security byChris Sistrunk
How to Get into ICS Security byChris SistrunkEC-Council
Ā 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
Ā 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
Ā 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouKevin Fealey
Ā 
DECEPTICONv2
DECEPTICONv2DECEPTICONv2
DECEPTICONv2šŸ‘€ Joe Gray
Ā 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
Ā 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
Ā 
Hunting before a Known Incident
Hunting before a Known IncidentHunting before a Known Incident
Hunting before a Known IncidentEndgameInc
Ā 
Penetration Testing
Penetration TestingPenetration Testing
Penetration TestingMd Samsul Kabir
Ā 
How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...Firojali Laskar
Ā 
What is pentest
What is pentestWhat is pentest
What is pentestitissolutions
Ā 
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industrySeminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industryRoberto Sponchioni
Ā 
Bsides
BsidesBsides
BsidesRoberto Sponchioni
Ā 
Sigma and YARA Rules
Sigma and YARA RulesSigma and YARA Rules
Sigma and YARA RulesLionel Faleiro
Ā 
Worst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedWorst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedAshwini Almad
Ā 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
Ā 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
Ā 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
Ā 
Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training briefBill Nelson
Ā 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point FirewallsBen Rothke
Ā 

More Related Content

What's hot

Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspectiveDr. Anish Cheriyan (PhD)
Ā 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
Ā 
How to Get into ICS Security byChris Sistrunk
How to Get into ICS Security byChris SistrunkHow to Get into ICS Security byChris Sistrunk
How to Get into ICS Security byChris SistrunkEC-Council
Ā 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
Ā 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
Ā 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouKevin Fealey
Ā 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsSergey Soldatov
Ā 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
Ā 
Hunting before a Known Incident
Hunting before a Known IncidentHunting before a Known Incident
Hunting before a Known IncidentEndgameInc
Ā 
Penetration Testing
Penetration TestingPenetration Testing
Penetration TestingMd Samsul Kabir
Ā 
How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...Firojali Laskar
Ā 
What is pentest
What is pentestWhat is pentest
What is pentestitissolutions
Ā 
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industrySeminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industryRoberto Sponchioni
Ā 
Sigma and YARA Rules
Sigma and YARA RulesSigma and YARA Rules
Sigma and YARA RulesLionel Faleiro
Ā 
Worst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedWorst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedAshwini Almad
Ā 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
Ā 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
Ā 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
Ā 

What's hot (20)

Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ethical Hacking Conference 2015- Building Secure Products -a perspective
Ā 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
Ā 
How to Get into ICS Security byChris Sistrunk
How to Get into ICS Security byChris SistrunkHow to Get into ICS Security byChris Sistrunk
How to Get into ICS Security byChris Sistrunk
Ā 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?
Ā 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet Noise
Ā 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
Ā 
DECEPTICONv2
DECEPTICONv2DECEPTICONv2
DECEPTICONv2
Ā 
How MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operationsHow MITRE ATT&CK helps security operations
How MITRE ATT&CK helps security operations
Ā 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the Cheap
Ā 
Hunting before a Known Incident
Hunting before a Known IncidentHunting before a Known Incident
Hunting before a Known Incident
Ā 
Penetration Testing
Penetration TestingPenetration Testing
Penetration Testing
Ā 
How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...
Ā 
What is pentest
What is pentestWhat is pentest
What is pentest
Ā 
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industrySeminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Seminario-15-04-2015-IT_professions_in_the_anti-malware_industry
Ā 
Bsides
BsidesBsides
Bsides
Ā 
Sigma and YARA Rules
Sigma and YARA RulesSigma and YARA Rules
Sigma and YARA Rules
Ā 
Worst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are DetectedWorst-Case Scenario: Being Detected without Knowing You are Detected
Worst-Case Scenario: Being Detected without Knowing You are Detected
Ā 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration Testing
Ā 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless network
Ā 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing Explained
Ā 

Viewers also liked

Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training briefBill Nelson
Ā 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point FirewallsBen Rothke
Ā 
Ce hv7 module 05 system hacking
Ce hv7 module 05 system hackingCe hv7 module 05 system hacking
Ce hv7 module 05 system hackingZuleima Parada
Ā 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
Ā 
Standard penetration test
Standard penetration testStandard penetration test
Standard penetration testhari babu
Ā 
Ceh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hackingCeh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hackingsabulite
Ā 
The immune checkpoint landscape in 2015: combination therapy
The immune checkpoint landscape in 2015: combination therapyThe immune checkpoint landscape in 2015: combination therapy
The immune checkpoint landscape in 2015: combination therapyPaul D. Rennert
Ā 
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies sushmil123
Ā 
Temel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve KomutlarıTemel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve KomutlarıAhmet GĆ¼rel
Ā 
Temel Ağ Sızma Testine Giriş DƶkĆ¼manı
Temel Ağ Sızma Testine Giriş DƶkĆ¼manıTemel Ağ Sızma Testine Giriş DƶkĆ¼manı
Temel Ağ Sızma Testine Giriş DƶkĆ¼manıAhmet GĆ¼rel
Ā 
TCP-IP Reference Model
TCP-IP Reference ModelTCP-IP Reference Model
TCP-IP Reference ModelMukesh Tekwani
Ā 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnettingIGZ Software house
Ā 

Viewers also liked (16)

Penetration and hacking training brief
Penetration and hacking training briefPenetration and hacking training brief
Penetration and hacking training brief
Ā 
Auditing Check Point Firewalls
Auditing Check Point FirewallsAuditing Check Point Firewalls
Auditing Check Point Firewalls
Ā 
Ce hv7 module 05 system hacking
Ce hv7 module 05 system hackingCe hv7 module 05 system hacking
Ce hv7 module 05 system hacking
Ā 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
Ā 
Standard penetration test
Standard penetration testStandard penetration test
Standard penetration test
Ā 
Network Dersleri1
Network Dersleri1Network Dersleri1
Network Dersleri1
Ā 
Ceh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hackingCeh v7 module 01 introduction to ethical hacking
Ceh v7 module 01 introduction to ethical hacking
Ā 
The immune checkpoint landscape in 2015: combination therapy
The immune checkpoint landscape in 2015: combination therapyThe immune checkpoint landscape in 2015: combination therapy
The immune checkpoint landscape in 2015: combination therapy
Ā 
checkpoint
checkpointcheckpoint
checkpoint
Ā 
Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies Checkpoint Firewall for Dummies
Checkpoint Firewall for Dummies
Ā 
Temel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve KomutlarıTemel Linux Kullanımı ve Komutları
Temel Linux Kullanımı ve Komutları
Ā 
Temel Ağ Sızma Testine Giriş DƶkĆ¼manı
Temel Ağ Sızma Testine Giriş DƶkĆ¼manıTemel Ağ Sızma Testine Giriş DƶkĆ¼manı
Temel Ağ Sızma Testine Giriş DƶkĆ¼manı
Ā 
Standard Penetration Test
Standard Penetration TestStandard Penetration Test
Standard Penetration Test
Ā 
TCP-IP Reference Model
TCP-IP Reference ModelTCP-IP Reference Model
TCP-IP Reference Model
Ā 
Ip address
Ip addressIp address
Ip address
Ā 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
Ā 

Similar to Recruiters' guide to hire an Ethical hacker

Introduction to CEHv12..pptx
Introduction to CEHv12..pptxIntroduction to CEHv12..pptx
Introduction to CEHv12..pptxIPSpecialist
Ā 
Ethical Hacking - An Overview
Ethical Hacking - An OverviewEthical Hacking - An Overview
Ethical Hacking - An OverviewAfaq Mansoor Khan
Ā 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationObika Gellineau
Ā 
Ethical Hacker
Ethical HackerEthical Hacker
Ethical Hackerkeriann70
Ā 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglyAlgoSec
Ā 
Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationJay Nagar
Ā 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
Ā 
An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical HackingVinny Vessel
Ā 
Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical HackerKnowledgehut
Ā 
What is penetration testing and career path
What is penetration testing and career pathWhat is penetration testing and career path
What is penetration testing and career pathVikram Khanna
Ā 
Security testing
Security testingSecurity testing
Security testingRihab Chebbah
Ā 
MITRE AttACK framework it is time you took notice_v1.0
MITRE AttACK framework it is time you took notice_v1.0MITRE AttACK framework it is time you took notice_v1.0
MITRE AttACK framework it is time you took notice_v1.0Michael Gough
Ā 
Hacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guideHacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guidePankaj Dubey
Ā 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
Ā 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptxManojverma564461
Ā 
Security and Penetration Testing Overview
Security and Penetration Testing OverviewSecurity and Penetration Testing Overview
Security and Penetration Testing OverviewQA InfoTech
Ā 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summaryudemy course
Ā 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochureKnowledgehut
Ā 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile WorldDavid Lindner
Ā 

Similar to Recruiters' guide to hire an Ethical hacker (20)

Introduction to CEHv12..pptx
Introduction to CEHv12..pptxIntroduction to CEHv12..pptx
Introduction to CEHv12..pptx
Ā 
Ethical Hacking - An Overview
Ethical Hacking - An OverviewEthical Hacking - An Overview
Ethical Hacking - An Overview
Ā 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Ā 
Ethical Hacker
Ethical HackerEthical Hacker
Ethical Hacker
Ā 
Segmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the UglySegmenting your Network for Security - The Good, the Bad and the Ugly
Segmenting your Network for Security - The Good, the Bad and the Ugly
Ā 
Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense Penetration
Ā 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Ā 
Career In Information security
Career In Information securityCareer In Information security
Career In Information security
Ā 
An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical Hacking
Ā 
Certied Ethical Hacker
Certied Ethical HackerCertied Ethical Hacker
Certied Ethical Hacker
Ā 
What is penetration testing and career path
What is penetration testing and career pathWhat is penetration testing and career path
What is penetration testing and career path
Ā 
Security testing
Security testingSecurity testing
Security testing
Ā 
MITRE AttACK framework it is time you took notice_v1.0
MITRE AttACK framework it is time you took notice_v1.0MITRE AttACK framework it is time you took notice_v1.0
MITRE AttACK framework it is time you took notice_v1.0
Ā 
Hacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guideHacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guide
Ā 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
Ā 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
Ā 
Security and Penetration Testing Overview
Security and Penetration Testing OverviewSecurity and Penetration Testing Overview
Security and Penetration Testing Overview
Ā 
Certified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book SummaryCertified Ethical Hacking - Book Summary
Certified Ethical Hacking - Book Summary
Ā 
edCeh brochure
edCeh brochureedCeh brochure
edCeh brochure
Ā 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
Ā 

Recently uploaded

0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
Ā 
Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...
Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...
Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...amitlee9823
Ā 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
Ā 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
Ā 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
Ā 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
Ā 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
Ā 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfAdmir Softic
Ā 
Call Girls In Noida 959961āŠ¹3876 Independent Escort Service Noida
Call Girls In Noida 959961āŠ¹3876 Independent Escort Service NoidaCall Girls In Noida 959961āŠ¹3876 Independent Escort Service Noida
Call Girls In Noida 959961āŠ¹3876 Independent Escort Service Noidadlhescort
Ā 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
Ā 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...allensay1
Ā 
Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...lizamodels9
Ā 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
Ā 
Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
Ā 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
Ā 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
Ā 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
Ā 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
Ā 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsP&CO
Ā 

Recently uploaded (20)

0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
Ā 
Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...
Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...
Call Girls Electronic City Just Call šŸ‘— 7737669865 šŸ‘— Top Class Call Girl Servi...
Ā 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
Ā 
VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
VVVIP Call Girls In Greater Kailash āž”ļø Delhi āž”ļø 9999965857 šŸš€ No Advance 24HRS...
Ā 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Ā 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
Ā 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
Ā 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
Ā 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Ā 
Call Girls In Noida 959961āŠ¹3876 Independent Escort Service Noida
Call Girls In Noida 959961āŠ¹3876 Independent Escort Service NoidaCall Girls In Noida 959961āŠ¹3876 Independent Escort Service Noida
Call Girls In Noida 959961āŠ¹3876 Independent Escort Service Noida
Ā 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
Ā 
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Call Girls Service In Old Town Dubai ((0551707352)) Old Town Dubai Call Girl ...
Ā 
Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ā¤ļø8448577510 āŠ¹Best Escorts Service In 24/7 Delh...
Ā 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
Ā 
Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon āž„99902@11544 ( Best price)100% Genuine Escort In 24...
Ā 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ā 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
Ā 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Ā 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
Ā 
Value Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and painsValue Proposition canvas- Customer needs and pains
Value Proposition canvas- Customer needs and pains
Ā 

Recruiters' guide to hire an Ethical hacker

  • 1. Ethical Hacking & Penetration testing General Knowledge Ayman Mohammed ā€“ CEH http://www.AymanMohammed.com
  • 2. Outline ā€¢ Introduction ā€¢ Certificates ā€¢ Keywords ā€¢ Questions ā€¢ References
  • 3. General tips about information security career
  • 4. Introduction to Ethical Hacking ā€¢ Ethical hackers ā–« Employed by companies to perform penetration tests ā€¢ Penetration test ā–« Legal attempt to break into a companyā€™s network to find its weakest link ā–« Tester only reports findings ā€¢ Security test ā–« More than an attempt to break in; also includes analyzing companyā€™s security policy and procedures ā–« Tester offers solutions to secure or protect the network
  • 5. The Role of Security and Penetration Testers ā€¢ Hackers ā–« Access computer system or network without authorization ā–« Breaks the law; can go to prison ā€¢ Crackers ā–« Break into systems to steal or destroy data ā–« U.S. Department of Justice calls both hackers ā€¢ Ethical hacker ā–« Performs most of the same activities but with ownerā€™s permission
  • 6. Penetration-Testing Methodologies ā€¢ White box model ā–« Tester is told everything about the network topology and technology ā–« Tester is authorized to interview IT personnel and company employees ā–« Makes tester job a little easier ā€¢ Black box model ā–« Company staff does not know about the test ā–« Tester is not given details about the network ļ‚– Burden is on the tester to find these details ā–« Tests if security personnel are able to detect an attack ā€¢ Gray box model ā–« Hybrid of the white and black box models ā–« Company gives tester partial information
  • 7. Ethical Hacking in a Nutshell ā€¢ What it takes to be a security tester ā–« Knowledge of network and computer technology ā–« Ability to communicate with management and IT personnel ā–« Understanding of the laws ā–« Ability to use necessary tools
  • 8. Known certificates in cyber security field
  • 9. Most famous certificates ā€¢ EC-Council ā–« CEH(Certified Ethical Hacker) ā–« ECSA (EC-Council Certified Security Analyst) ā–« LPT(Lice sensed Penetration Tester) ā€¢ SANSGIAC (Global Information Assurance Certification) ā–« GPEN(GIAC Certified Penetration Tester ) ā–« GWAPT(GIAC Web Application Penetration Tester) ā€¢ OSSTMM (The Open Source Security Testing Methodology Manual) ā–« OPST (OSSTMM PROFESSIONAL SECURITY TESTER ACCREDITED CERTIFICATION) ā–« OPSA (OSSTMM PROFESSIONAL SECURITY ANALYST ACCREDITED CERTIFICATION) ā–« OPSE (OSSTMM PROFESSIONAL SECURITY EXPERT ACCREDITED CERTIFICATION) ā€¢ Mile2 ā–« CPTEngineer(Certified Pen Testing Engineer)
  • 10. Keywords you need to know , and search inside the resume
  • 11. Top Keywords ā€¢ Certificates : ā–« CEH , ICSSP , LPT , CPTEngineer , ECSA , GPEN, OPST ,OPSA ,OPSE , CISM, CISA ā€¢ Tools: ā–« Kali , Metasploit , sqlmap , Burp Suite , Acunitix ,IBM Appscan ,Nmap ,Cain & Able ,WireShark ,Nessus ,snort ,OpenSSH ,BackTrack ,Brutus ,John the Ripper. ā€¢ Methodologies : ā–« OWASP Top 10 , PCI-DSS ā€¢ Vulnerabilities : ā–« XSS , Sql injection , CSRF , session hijacking , ....
  • 12. Some questions to assess the Penetration testing knowledge
  • 13. Questions & answers ā€¢ Q. What is XSS or Cross Site Scripting? Ans.Ā XSSĀ orĀ crossĀ siteĀ scriptingĀ isĀ typeĀ ofĀ vulnerabilityĀ  thatĀ hackersĀ usedĀ toĀ attackĀ webĀ applications. ā€¢ ItĀ allowsĀ hackersĀ toĀ injectĀ HTMLĀ orĀ JAVASCRIPTĀ codeĀ  intoĀ aĀ webĀ pageĀ whichĀ canĀ stealĀ theĀ confidentialĀ  informationĀ fromĀ theĀ cookiesĀ andĀ returnsĀ toĀ theĀ hackers.Ā  ItĀ isĀ oneĀ ofĀ theĀ mostĀ criticalĀ andĀ commonĀ techniqueĀ  whichĀ needsĀ toĀ beĀ prevented. ā€¢ Q. What is a honeypot? Ans.Ā HoneypotĀ isĀ fakeĀ computerĀ systemĀ whichĀ behavesĀ  likeĀ aĀ realĀ systemĀ andĀ attractsĀ hackersĀ toĀ attackĀ onĀ it.Ā  HoneypotĀ isĀ usedĀ toĀ findĀ outĀ loopĀ holesĀ inĀ theĀ systemĀ  andĀ toĀ provideĀ solutionĀ forĀ theseĀ kindsĀ ofĀ attacks.
  • 14. Questions & answers (cont.) ā€¢ Q. What type of tools are there out there for packet sniffing? Ans.Ā Ā WiresharkĀ isĀ probablyĀ theĀ mostĀ commonĀ  packetĀ sniffingĀ tool.Ā ThisĀ programĀ canĀ helpĀ youĀ findĀ  oddĀ trafficĀ acrossĀ theĀ networkĀ orĀ identifyĀ aĀ programĀ  thatĀ isĀ sendingĀ trafficĀ silentlyĀ fromĀ aĀ host.Ā  ā€¢ Q. Which tools are you using in Performing automatic vulnerability testing? Ans.Ā ThereĀ areĀ manyĀ toolsĀ toĀ doĀ soĀ ,Ā theĀ mostĀ  famousĀ toolsĀ areĀ AcunitixĀ ,Ā IBMĀ AppscanĀ ,Ā BurbĀ  suiteĀ ,Ā ZAP.
  • 16. ā€¢ http://www.softwaretestinghelp.com/interview- questions/security-testing-interview-questions- and-answers/ ā€¢ http://www.eccouncil.org/Certification/professi onal-series/ceh-course-outline ā€¢ http://www.zdnet.com/article/10-things-you- need-to-know-before-hiring-penetration- testers/ ā€¢ https://www.owasp.org/index.php/Top_10_201 3-Table_of_Contents