How to understand us, the Pentesters

Cristian Cornea
3 min readOct 4, 2021
(Photo by Arthur Chauvineau on Unsplash)

Companies and organizations are lacking a lot of understanding of how a pentester or ethical hacker is working to provide the best results possible. So in this article, we are going to focus on the parts that are still misunderstood by a lot of people when we are talking about pentesters as humans.

We are artists

Whoever sees Penetration Testing as a job or just “work”, means that you are not discussing with an expert in this field.

My statement is that we are artists, but why? It is because our everyday work is based on creativity and imagination. We consider the engagement scope as our canvas, and our keyboards are the brushes.

We have weird schedules

Do not try to fit a Penetration Tester into your normal 9–5 working hours and expect good results. It is not possible!

Some light work can be done into any time frame, like scanning, report writing, or meetings. But in reality, the hardcore work is being done at bizzaire hours, such as in the middle of the night. It was scientifically proven based on researches and surveys that humans are the most creative late in the evening. That’s when the critical findings are popped up.

We hate distractions

Besides the fact that our creativity is at the highest intensity in the night, we LOVE working in that period of time because there are no more meetings, no more chatting with our colleagues, no more emails, no more questions, no more favors to make, just us and the monitor of our computers.

Being in a quiet and lonely place with our devices is the way to enter our flow state. If you do not know what is a flow state, I recommended this article.

We dislike standards and policies

This basically applies to almost all the people out there who have strong personalities and characters, but it is a common trait for ethical hackers.

We learned how to break things by thinking out of the box, and this was reflected directly in our day-to-day life. We love questioning everything. What happens if we do this? How about that?

With this lifestyle, it is hard for us to follow pre-defined standards in society or in our companies (such as dress codes).

We grown as lone wolves

We acquired our knowledge through self-learning, we made our own paths through hard work because all this stuff was not taught in the school. We sacrificed nights with our friends to learn how to exploit a specific vulnerability, we exchanged time with the family for marathons in front of the monitor, some of us also had mental health issues. It is more harder than people think.

I put all the above together in order to give a better perspective for people out there to consider them when they are discussing with an Ethical Hacker/Penetration Tester.

Cristian Cornea

🇷🇴 Founder @ Zerotak Security & Cyber Security Training Centre of Excellence (CSTCE)