Red Team certifications

eth0eth0 Member Posts: 86 ■■□□□□□□□□
Do you know any good red team certifications?

Comments

  • 636-555-3226636-555-3226 Member Posts: 976 ■■■■■□□□□□
    Yeah, OSCP, OSWP, and eWPT. Attack away. If you have the money you could throw GPEN, GWPT, and some of the more advanced GIAC classes in there.
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    Note: GIAC provides the certifications, SANS provides the classes. Two different (although related) entities.

    I though the GWAPT is okay for testing basic web app skills, but I suspect the stuff taught in SEC642 is more in line with the type of skills expected in today's world.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • eth0eth0 Member Posts: 86 ■■□□□□□□□□
    I think that I have more that basic skills in websec, XSSI, SSRF 0days founded etc.

    Basicaly there are no any red team certificates, real red team, pentest is like entry level in red teaming to be honest :). I think about phisical red teaming mainly, but also little more technical stuff - phishing campaign, rfid cloning, using smtp relay etc...

    SANS certficates have too high price, in my country I can have good used car by that price...
  • 636-555-3226636-555-3226 Member Posts: 976 ■■■■■□□□□□
    In my experience red teaming is pentesting. If you're looking to get deep and focused enough into specific areas like RFID cloning and dedicated email hacking then you're beyond the realm of certifications. Nobody creates cert classes like that because the demand is so low you'd never break even for the time you put into it.
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Member Posts: 1,990 ■■■■■■■■□□
    docrice wrote: »
    Note: GIAC provides the certifications, SANS provides the classes. Two different (although related) entities.

    Don't let them kid you, the are owned by the same people. If GIAC was truly independent from SANS, then you should be able to pick up books from Amazon and pass the exams. While possible, it's an lot more difficult without official SANS books, which interestingly enough can't be purchased without taking a SANS course. GIAC certifications are geared to maximize profits, IC2 allows you to purchase an official study guide for all there exams for under $100 each. If GIAC certifications were not so respected in the industry, they would have priced themselves out of the market long ago.
    Still searching for the corner in a round room.
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    Not a cert but I just finished this book and it was fantastic http://www.amazon.com/Red-Team-Succeed-Thinking-Enemy/dp/0465048943 .
    When you go the extra mile, there's no traffic.
Sign In or Register to comment.