Recently I’ve taken my first steps into the wonderful world of the Raspberry Pi. I know you’re probably thinking what took me so long, right? But hey, better late than never. Anyway, now I’m kinda hooked on the things and I’ve become a solution looking for a problem; always on the hunt for a cool new project. This was the impetus of my latest project. Let me break it down for you.
A few weeks ago I signed up for eLearnsecurity’s(eLS) Penetration Testing Student(PTP) course along with vouchers for the eLS Junior Penetration Tester(eJTP) certification exam. This was all due to the overwhelmingly positive responses I was seeing throughout the security community surrounding the eLS certs.
But could the training and certification experience be THAT good? I liked what I was hearing about it and the ‘Elite’ package for eJPT was only $500 for a practical pentesting certification with dedicated labs, 3 retake vouchers, etc; how could I say no?
In the realm of cybersecurity, one of the more exciting jobs is that of a Penetration Tester. You get to legally hack real production networks looking for vulnerabilities and hopefully gaining root, system/nt authority, or DomainAdmin(DA) access.
This can conjure up images of firing off your latest exploits to pop a reverse shell, then running your best priv–esc scripts, and finally issuing that whoami command to reveal your admin level access. What a job! But…
The job isn’t over yet, now you need to write up your findings into a professional-looking report for the client. This, after all, is ultimately the final product you sold them when bidding on the job. I’m going to show you what many clients are looking for in reports and give you a sample report that I created.