Experience prior to ceh and other security certs

Tech333Tech333 Member Posts: 21 ■□□□□□□□□□
Should you know how to programme beforehand? I know ceh teaches sql injection.. Do you need to learn sql?


  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    You do not need to master SQL. You need to be familiar with the 101-level concepts of how SQL works the way it does. Plenty of free tools out there to help you actually exploit it, but you'll never use them effectively if you don't know what they're actually doing. You could probably get by with free Youtube, etc videos for "how sql works" or the like
  • adrenaline19adrenaline19 Member Posts: 251

    Just do the free stuff, no need to pay them money for the pro.
  • OctalDumpOctalDump Member Posts: 1,722
    No, you don't need to know how to programme for CEH, although if you want to go down the Pen Tester path, then programming knowledge is almost obligatory. Some understanding of web programming is very useful, which would include javascript, sql and one or more backend languages (PHP, Java, ASPX, Python).

    If you want to go really deep, then some knowledge of assembly is useful. And if you start auditing code to look for vulnerabilities, then you need a good understanding of those languages and what common mistakes can be, and then also how they might be exploited.

    But for CEH, probably just Codecademy and some basics of programming and SQL is sufficient to understand what you need for the exam.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • renacidorenacido Member Posts: 387 ■■■■□□□□□□
    Minimal SQL knowledge or programming knowledge in general is needed for CEH. Nothing is stopping you from diving deep into the curriculum and learning those things, but basic SQL query syntax is about all the SQL you need for the cert.

    DO install Kali linux and get to know your way around nmap, netcat, snort, wireshark, etc.

    If you want to be a pentester then for sure learn a basic programming language like Javascript, then either python or ruby. Depending how deep you want to go into advanced exploit development you can add a few more languages as needed. Most professional pentesters know at least a scripting language but they don't spend days writing and testing their own custom exploits when they've got a tool that will work. They want to get it done as quick and painless as possible.
Sign In or Register to comment.