Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Services
Re: Security consulant/code reviewer
by
PotatoPie
on 10/02/2015, 10:24:07 UTC
Quote from: madmadmax on February 10, 2015, 10:19:39 AM
Quote from: PotatoPie on February 10, 2015, 10:04:35 AM
Quote from: madmadmax on February 10, 2015, 09:53:06 AM
Quote from: PotatoPie on February 10, 2015, 03:34:09 AM
From what I read, you're just making stuff up on the spot with no actual experience of evidence to back it up. $40/hour is an absolute joke unless you can actually prove you know what you're doing. I know a lot of pentesters that are good and will work for less than that. Secondly, you're an idiot because you start flaming everyone on your sales thread. This is business 101, you're not going to get any clients and you might as well start a new thread and get a new mind set.

I am not flaming anyone, sure I am young and passionate about my work and like to call idiots by their rightful name, idiots.

Throwing blank statements just appeals to the ignorant public, provide an argument I will provide a counter argument.

$40 an hour on a full time job could indeed be relatively high, on a part time job I have seen offers worse than mine run up to 120 euro per hour.

Business 101 is people who matter don't care and people who care don't matter, don't know how much business experience you have but I assure you nobody cares who and what I called someone in the free market. Those who care don't have the money to employ me for 15 minutes anyway.

I've had plenty of business experience as I've run a business for many years. Customers generally don't flock towards you if you're volatile to other people that try to put you down. You're in a market where there is plenty of pentesters and almost no demand at all for them. You're not going to get someone giving you $40 an hour with no examples of what you can do and absolutely no idea what you're going to achieve in an hour.

Join programs such as:
-> Hackerone.com
-> Bugcrowd.com

Gain a bit of a profile and get on some bug bounty lists and then come back and try sell your services as you can prove that you at least know something Smiley.

Thank you for your feedback but pentesting is exactly what I am against if you bother to read the thread, there is no point in pentesting or in white hat hackers, if your system isn't faulty to begin with there is no reason to ask a white hat hacker to attempt to exploit it.

A lot of the time, it's not the code that is vulnerable. I'll be honest in saying that when I used to do 'illegitimate testing' against websites, the code was normally not the issue. You'll find now that people are using frameworks more and more that get rid of the issues such as the owasp top 10 and so on. It also comes down to the issue that if they're using a lot of classes and a large system (PHP), it would take a long time to go through multiple PHP files just for one single function (hence the per hour thing being a bit ridiculous here).