Options
eCCPT after OSCP?
neb2886
Member Posts: 16 ■□□□□□□□□□
Hi all -
I have my OSCP and just passed the eLearn security eWAPT. I also hold CISSP, CISA and PMP from a past life.
I am a web application pentester and do some network pentest work as well.
Having my OSCP already is it worth sitting for the eCPPT exam or would it be redundant and/or a step down?
Any thoughts on what the logical next move would be?
Thanks.
I have my OSCP and just passed the eLearn security eWAPT. I also hold CISSP, CISA and PMP from a past life.
I am a web application pentester and do some network pentest work as well.
Having my OSCP already is it worth sitting for the eCPPT exam or would it be redundant and/or a step down?
Any thoughts on what the logical next move would be?
Thanks.
Comments
-
OptionsxXxKrisxXx
Member Posts: 80 ■■■■□□□□□□
Hello,
Having done both, if you have passed the OSCP Examination, not only would the material be redundant, but you would be able to pass the eCPPT exam as well. Congratulations on earning the eWPT (be sure to update your certifications). Logically your next move would be to move onto a more Advanced Web Application Attack course (such as SEC642, eWPTX, or AWAE) or a more Advanced Network Penetration Testing class (such as SEC660). -
Optionsneb2886
Member Posts: 16 ■□□□□□□□□□
Thanks for the reply. So perhaps the eCCPT isn't worth my time at this point? I have budget left from my employer for the year.
If I were to take it do you think based on the OSCP I could just purchase the exam voucher and skip the course material? -
OptionsxXxKrisxXx
Member Posts: 80 ■■■■□□□□□□
I recommend purchasing the exam voucher and challenging the exam. The exam is very similar to the OSCP challenge. People love the OSCE and you see it being wanted on job boards but I'm not going to go as far as to recommend it. The course material is from 2009 and they don't plan on updating it. The exploit development material you learn in the course is relevant but OffSec put the more advanced exploit development material into their Advanced Windows Exploitation class. If you have a low amount of training budget left over and want to collect certifications, Pentester Academy has great courses with hands-on exams too.
-
Options
veritas_libertas
Member Posts: 5,746 ■■■■■■■■■■
Well that's interesting. I would have assumed they would be keeping it up to date. -
OptionsxXxKrisxXx
Member Posts: 80 ■■■■□□□□□□
Me too. They keep their other courses up-to-date. I don't know the real reason why they're choosing not to update CTP but I'm assuming it's because the updated material exists inside of AWE and AWAE. When you take CTP, it's not exactly heavy in content like PWK is. You can take a look at the syllabus and see what I mean. It's almost like they made CTP (originally BackTrack to the Max) and decided to stuff the heavier exploit development material into a separate course all together (coming out with OSEE). I e-mailed them back in 2012 with the intent of taking it. They got back to me telling me they don't plan on updating the material and I said to myself it's not worth the money.
Employers still like the OSCE though. They'll be looking for candidates with it for years to come. If you're looking to take your Exploit Development knowledge to the next level and can't afford Advanced Windows Exploitation or a SANS course, Coreland Exploit Development Training all the way! -
OptionsNovaHax
Member Posts: 502 ■■■■□□□□□□
Any thoughts on what the logical next move would be?
Hey...I know this guy
. My vote is eMAPT. But you already heard my opinion on it . Congrats again on the pass 
-
Options
LionelTeo Member Posts: 526 ■■■■■■■□□□
how about the OSWE for web app testing?
https://www.offensive-security.com/information-security-certifications/oswe-offensive-security-web-expert/
