Monday, August 6, 2012

Why & how did I start to learn about security testing!

This was during my initial days of realizing that there exist something called as 'Security Testing':

Spamming, hacking, online-frauds were the terms that I used to read in news tab of google or in newspapers.
Even today when I search the news section of google with keyword 'hacked' you get atleast 20 articles in the past 24 hours.
One way to get into the mood of knowing security testing is to think constructively on 'How to stop such things' the other way ie the way I learned about security testing is by watching people do it & see the energy levels gushing out of them after having achieved any task in it. The 'Cloud 9' feeling of having hacked & having found a loop-hole in any application is just insanely awesome.

The person whom I watched do it was Santhosh Tuppad. He is one of the coolest security testers that I have met. You may want to read his blog about how much of passion that he has into security testing. Most of the articles that he writes these days are more or less related to security testing.
The other great quality that I liked about him is about the enthusiasm that he has to teach or guide anyone who is interested to learn security testing.

He was the one who pointed me to an interesting site: http://hackthissite.org/ which has thrilling exercises with  lots of learning in the end. The other source of information that he had pointed me is 'Hacking for dummies by Kevin Beaver' which could be treated as a bible for someone who has just started to learn security testing.

I hope to make greater progress in learning more about security testing along with Santhosh.

May be my next post would be about how we paired up for testing an application & crucified its security vulnerabilities.