The Truth About Ethical Hacking (Pen Testing Myths Busted!)

Update: 2025-07-10

Description

Are you curious about penetration testing, aka legal hacking? In this episode of Legitimate Cybersecurity, Frank and Dustin tear down the myths of hacking, break down real-world pen testing, and share hilarious (and horrifying) war stories from the field.

We cover:

✅ The skills you actually need to get into pen testing

✅ What certs like OSCP, CEH, and GPEN really mean

✅ Why most companies have no idea what’s on their network

✅ Real pen test experiences gone sideways

✅ Why you might still get arrested after a bug bounty

✅ And how to break into the field—even without a degree

🎙️ WE NEED YOUR HELP! 🎙️

We’re in the running for Best Technology Podcast at PodcastAwards.com — and we’d love your vote!

🗳️ Go to https://www.podcastawards.com, register, and vote for Legitimate Cybersecurity in the Technology category.

Your vote helps real, nerdy cybersecurity voices rise to the top!

📌 Like, Subscribe & Share.

🔔 Click the bell to get notified about new episodes (and Frank’s midlife crises).

📎 Check the show notes for career resources, links, and our Hack the Box profile recs!

#PenTesting #EthicalHacking #CybersecurityCareers #OSCP #CEH #GPEN #HackTheBox #RedTeam #CyberSecurityPodcast #InfoSec #HackerLife #BugBounty #CybersecurityTraining #CyberMythsBusted #ITSecurity #SecurityTesting #KaliLinux #CyberCareer #podcastawards

Chapter Breaks

00:00 - Intro: What Is Penetration Testing?

01:31 - Myths vs. Reality of Hacking

02:40 - What Kind of People Make Good Pen Testers?

05:33 - You Don’t Need a Degree To Be a Hacker

07:19 - Why AI-Generated Code Is Easy to Hack

09:16 - Cybersecurity Certifications (OSCP, CEH, GPEN)

12:16 - Is CEH Still Worth It?

14:42 - What EC in EC-Council *Actually* Stands For

16:20 - Pen Test Expectations vs. Reality

19:35 - Types of Pen Tests: Internal, External, Web App, Social Engineering

22:12 - Cost, Scope & Asset Prioritization