How I got started pentesting

It all started when I was 8. I was writing some basic pages to host on my fathers home server to show off to my classmates who could access the internet. My love for the internet evolved very quickly, and when I was 11 I was hit by my first hacker. Someone managed to manipulate and run code on the home server, and my father found it. I was quick to fix the hole, but it got me thinking… if this person could do it so easily and illegally, I bet there’s a legal way to fix bugs, right?

Fast forward many years, I took a career in Software Development but quickly evolved into cybersecurity after the threats kept growing, and settled somewhere in the middle — a hybrid software developer/system administrator/pentester.

My first pentest on a vulnerable machine was incredible, the rush of finding and exploiting a bug that exists gave me this thrill inside — a thrill that software development couldn’t give me! As the weeks became months, and the months turned into a year, I got more and more confidential with my abilities to find vulnerabilities and exploit them. I never imagined it would have become such a lifestyle — for me, it’s a big lifestyle because before I look at anything in my day to day life, I ask myself about the vulnerabilities in the design and the weaknesses that could be easily uncovered.

For me, having the security knowledge allows me to challenge real-world applications and issues with a “hacker” mindset. They say curiosity killed the cat, but I disagree entirely. Without curiosity, where would we be as a modern society? I encourage people to try to break their own applications — the time to invest in pentesting and security is now before you’re the next big headlined hacker target. It’s nieve to not invest in security, and there are tons of resources that can help you out. Take some Pluralsight courses, try ITPro.tv, and practice on HackTheBox — you won’t regret your decision.