Finding Your Inner Evildoer
This whitepaper discusses the three pillars that every security testing foundation must have, according to Joe Basirico, Security Analyst at Security Innovation. These pillars include:
- Imagination - A great imagination extends beyond the ability to imagine a system as it could be, but extends to envision the truly interesting bugs and vulnerabilities in a system. You need to be able to ask yourself "what’s really going on here?" and "how would I build this?"
- Complete Knowledge of the System - An awesome security tester has deep knowledge about everything that goes on in a computer system. There are so many things that can go wrong, be misconfigured, or be out of place. A good hacker needs to be able to quickly identify things that are out of place so they can assess the application for potential weaknesses.
- Evil Streak - This is the ability to take a potential vulnerability to it's logical end. It's possibly the most important quality in a hacker. Not because it gives you some superhuman ability, but rather because it gives the spark that will drive the other two qualities.