4 Replies - 1462 Views - Last Post: 09 March 2013 - 08:37 PM

#1 Welendowd  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 20
  • Joined: 27-March 12

Thinking about Software Development career, any advice?

Posted 02 March 2013 - 07:47 PM

I want to preface this by saying that I am a college student with ten months left to graduate. I am/have been majoring in Computer Information Systems, with a distention in Internet Security. While it is fun for me, it isn't quite what I thought it would be. From what I have read it is more just scripting skills (as far as programming skills go) for patches. What I mean is, most of the programming I would be doing is just placing a patch on something that creates a exploit.

Recently I have become very interested in programming. Well I mean that is the only courses that I have truly been interested in. So I was wondering if you people on here )and I am sure a lot if not 90% of you guys are software developers) think that even though my college degree is in CIS that I could get into the software development career, and how hard of a task that would be for me at this point.

I also enjoy pentesting. My school doesn't offer any classes related to just pentesting, but a couple of semesters ago I had a project where we looked in our desired career field (the class was career development). Pentesting really caught my eye and I have been interested ever since. I have bought a book that I am going to start working through on my own soon hopefully. It's just a basic pentesting book called: "The Basics of Hacking and Penetration Testing" by Patrick Engebretson. However, all the job postings I have seen reacquire X amount of years experience. Lots of jobs are like that though.

Anyway, I guess my question in short is, Should I just forget about software development for now, and focus on building my pentesting skills to hopefully find a job like that out of college, or could I pull off graduating and getting into software development.

Is This A Good Question/Topic? 0
  • +

Replies To: Thinking about Software Development career, any advice?

#2 Martyr2  Icon User is offline

  • Programming Theoretician
  • member icon

Reputation: 4189
  • View blog
  • Posts: 11,863
  • Joined: 18-April 07

Re: Thinking about Software Development career, any advice?

Posted 02 March 2013 - 11:17 PM

How do you expect to be good at penetrating systems if you don't know how they are built? Software development is going to help you go far in your testing in that you will know where systems are weak and why a given technology works the way it does.

Programming is the language of computing and so you are going to know something about it and how programs are designed if you want to get into security of those systems. Heck you may need to even code your own tools to help you.

:)
Was This Post Helpful? 0
  • +
  • -

#3 BobRodes  Icon User is offline

  • Your Friendly Local Curmudgeon
  • member icon

Reputation: 571
  • View blog
  • Posts: 2,979
  • Joined: 19-May 09

Re: Thinking about Software Development career, any advice?

Posted 04 March 2013 - 10:35 PM

The point about penetrating the security of a codebase is that you think of something that the average programmer hasn't thought of. That means that you have to be better than the average programmer, and security programmers are better than average. So get to work! :) I would suggest that you start by learning how to program security systems, to get a baseline understanding of the mistakes people make. Then keep developing your skills. In other words, stick with the course you started on.

One of the great myths about the job world is that your job is determined by the degree you get. This is only a little bit true, especially at the undergrad level. My degree was in music, for example, and it's easier to get into law school with a music degree than it is with a prelaw degree. Why? Because you had to work like hell to get a music degree, and you have to work like hell to get a law degree. So don't get the idea that you're frittering away valuable time and money doing something you really don't want to do. You're gaining skills that you will be able to put to use, and any sort of CS degree will get you a job as a junior level IT person somewhere. Then, once you're in somewhere, go after projects that will teach you the things you really want to learn.
Was This Post Helpful? 0
  • +
  • -

#4 troyb408  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 67
  • Joined: 18-August 12

Re: Thinking about Software Development career, any advice?

Posted 08 March 2013 - 01:39 PM

I recently graduated with a CIS degree focusing on Web Development. But I had never programmed, developed a web page application before I was in finance. The best thing to do that I learned the hard was is teach yourself the skills required. Don't think the school will teach you everything you need to learn. It took several horrible, unprepared interviews before I realized I needed to learn alot more than what was offered in the course. What ever you want to do find a book read it and figure out a way to apply it and go after what you want. Dont get discouraged
Was This Post Helpful? 0
  • +
  • -

#5 stackoverflow  Icon User is offline

  • D.I.C Addict
  • member icon

Reputation: 164
  • View blog
  • Posts: 545
  • Joined: 06-July 11

Re: Thinking about Software Development career, any advice?

Posted 09 March 2013 - 08:37 PM

You're a long way for becoming a good pentester or reverser. It takes a deep understanding of everything-- and I mean everything. Not only do you need to understand code pitfalls but you need to understand everything that the code touches (from hardware through the operating system). If you're a good reverser or pentester you're the type of person that can look at a blob of bits and understand how those bits turn into processor instructions and how those instructions get executed.. and that's just the start.

I don't consider myself a "pentester". I would consider myself a reverser. I love reverse engineering. My hobbys include making video game emulators (PSX in particular), reversing file formats and other activities (creating exploits for learning purposes, reversing known malware etc). A "typical" pentester or reverse will tend to have similar hobbies because learning the depth required is very time consuming and it will consume almost all of your development (and free) time.

With that being said, it is very rewarding. When you create something that uses preexisting software (like an emulator) you feel such a high seeing it work. Likewise, finally figuring out a file format you get a fantastic "aha!" moment.

I have never had those kinds of moments doing normal everyday development. Maybe it happens to some people when they finally track down a bug or something of that sort, but it never has quite the same feeling. I can't imagine myself doing finance apps or some other kind of mundane work... not after doing (and enjoying) the art of reversing. It kind of ruined all over development. :P/>/>

PS

As for advice-- learn how to code and learn how and why code works. Learn as much as you can! Dig deep and don't stop digging.

You won't be able to learn much about pentesting or reversing here.. the mods don't like it if you post or ask questions about exploits or anything that could be used maliciously. However you can certainly learn more about programming and general stuff here.

I would recommend trying to reverse well understood file formats to get your feet wet with reversing (a typical skill someone would have that does security work). Not only that but it would help you understand how data is stored and get used to working at a lower level.

This post has been edited by stackoverflow: 09 March 2013 - 08:46 PM

Was This Post Helpful? 0
  • +
  • -

Page 1 of 1