A Day in the Life of a Penetration Tester | Red Team Reality w/ Carson Sallis

This episode originally aired in collaboration with Simply Cyber and is re-released here as part of The Cybersecurity Mentors Podcast archives. ________________________________________ In this episode of The Cybersecurity Mentors Podcast, we sit down with Carson Sallis, Senior Offensive Security Engineer and Vulnerability Researcher at NVIDIA, to break down what a real day in the life of a penetration tester actually looks like. Carson walks through how professional pentesters approach assessments, research vulnerabilities, and think like attackers in real environments. We discuss what skills matter most for getting into offensive security, how fuzzing is used in real-world vulnerability research, and what aspiring red teamers should focus on learning early. You’ll also see a live demonstration of fuzzing using AFL (American Fuzzy Lop) and hear how tools like this help uncover bugs that traditional testing can miss. Whether you’re exploring penetration testing for the first time or actively working toward a red team role, this episode offers practical insight into the mindset, tools, and learning paths used by professional offensive security engineers. ________________________________________ Episode Resources GitHub (Episode Materials) https://github.com/cybersecmentors/se... Carson Sallis LinkedIn:   / carson-sallis   ________________________________________ Recommended Certifications PNPT – Practical Network Penetration Tester Simulates a real-world penetration test from start to finish, including recon, exploitation, reporting, and video walkthroughs. https://certifications.tcm-sec.com/pn... PEH – Practical Ethical Hacking Covers the full pentesting pipeline with hands-on labs and tools used in real engagements. https://certifications.tcm-sec.com/pr... OSINT Fundamentals Teaches reconnaissance techniques used during the information-gathering phase of pentests. https://certifications.tcm-sec.com/os... ________________________________________ Hands-On Practice Platforms TryHackMe – Offensive Path Guided labs for learning offensive security fundamentals https://tryhackme.com/ Hack The Box Real-world pentesting labs and CTF-style challenges https://www.hackthebox.com/ PortSwigger Web Security Academy Free training on web application vulnerabilities https://portswigger.net/web-security ________________________________________ Fuzzing Tools & Resources AFL (American Fuzzy Lop) The fuzzing tool demonstrated in this episode https://lcamtuf.coredump.cx/afl/ AFL++ A modern fork of AFL with extended features https://github.com/AFLplusplus/AFLplu... Fuzzing: Brute Force Vulnerability Discovery (Book) https://nostarch.com/fuzzing ________________________________________ Tools to Explore Kali Linux https://www.kali.org/ Burp Suite Community Edition https://portswigger.net/burp Metasploit Framework https://docs.rapid7.com/metasploit/ ________________________________________ Connect With The Cybersecurity Mentors Podcast • Join Our Community on Skool Connect with other aspiring and experienced cybersecurity professionals, continue the conversation beyond the podcast. Link: https://www.skool.com/the-cybersecuri... ________________________________________