Description:When many pen testers, myself included, are just starting out they focus their testing efforts on the “cool” stuff (the latest exploit, pwning the database, getting root, etc.) and pay little attention to the other “not so cool” aspects of pen testing. This is reiterated in many of the CON talks – the new tool, the new exploit, etc. and always seems to be the biggest draw. My talk: ‘So you want to be a Pen Tester?’ is a unique and perfect example of the phrase “Dare to be Different” – one of my favorite mantra’s and a philosophy I strive to live by. Rather than focusing on tools/exploits, my talk will hone in on the pen testing life cycle, understanding good reports/bad reports, and how a commercial pen tester can differentiate themselves from the competition. Intended audience – intro to expert level “white hat” pen testers. Although not technically a tool, my version of the pen testing framework (Mind Map) will be released in conjunction with this talk.