I'm not teaching how to pentest,I'm asking.
I've been doing some basic hacking on systems and websites but have never done a pentest on a system or a website like a normal security guy(I'm not saying prof. simply becouse I don't want to have this as a profession but I need it as a skill.) and have been wanting to ask the questions below for a long long time.
1.How do you prepare?
So simply,how do you prepare for such an attack?Let's say you have a website like ebay.com and you want to take full control over it.How do you prepare for such an attack,do you use a vulnerability scanner or do you find the vulnerabilities yourself and exploit them yourself without any software?
2.How do you find the vulnerabilities and the ways to exploit them yourself?
If you're finding the vulnerabilities and the exploits for them yourself,from where do you learn all of them,becouse there are a lot of them?
3.What time did it took you to become a good pentester?
So what time did it took you for all of this work?I know that this cannot be done for 1-2 days and by my opinion it can take an year or two(even more).
4.How long a normal pentest on a system/website lasts?
How long can an ordinary pentest take?My guess is 2-3 hours depending on the website/system but I need to ask YOU before I make such conclusions?
---------------------------------------------------------------
Hope you understand my need on this and I will be glad to get an answer on these questions.