The original post: /r/cybersecurity by /u/Few-Tree3490 on 2024-11-06 14:29:01.

Title: Transitioning to Cybersecurity (Pentesting) – Need help clarifying some practical and theoretical aspects!

Hi everyone,

After several years in a completely different field, I’ve decided to make a career switch into cybersecurity, specifically in pentesting. I love the idea of contributing to security from an ethical angle, but I have to admit there’s a part of this profession that still feels pretty vague to me.

I’ve taken several courses and feel comfortable with the basics—vulnerability scanning, configuration audits, standard penetration tests… But the further I go, the more I realize that the ethical approach only scratches the surface of the job. For example, I’m still a bit lost when it comes to understanding how some hackers (ethical or otherwise) manage to gather information like specific IP addresses or exploit certain vulnerabilities to gain an overview of a network. There’s this general “gap” in my understanding of deep data collection, especially when it comes to targeting specific objectives.

It feels like there’s a difference between standard pentesting methodologies and the techniques used by skilled hackers in real-world scenarios. For example, how does advanced OSINT work in practice? How do you get a broader view of a network’s vulnerabilities (without crossing any legal boundaries, of course!)? I’m sensing some gaps in my knowledge, and I want to make sure I’m not overlooking anything important.

Do you have any advice on how to bridge these “grey areas”? Did you feel this same kind of uncertainty when starting out? Do you know of any resources (books, training, communities) that cover deep reconnaissance techniques, information gathering, or even real-world stories that could help illuminate these topics?

Thanks in advance for any advice or experiences you can share. I’m excited to improve and build a more complete understanding of this fascinating field!