Web pen test certificate after Security+

yhadji

Hello all,

I am in the process of studing for the security+ certification.

When i pass it i am planning to learn more on web application security. So i want suggestions on certificates in that area.

From what i have searched OSCP and eJPT seem to be good options but i want a begginer cert on web app security.

Danielm7

Since you already looked at elearnsecurity, maybe head back there and check for their web app pentesting courses. I haven't done those specifically but I've heard they're good. Not very recognized but I don't know that many people expect a web app specific pen testing cert either.

ITSpectre

Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.

ITSpectre

Check Elearnsecurity, cybrary.it, pluralsight for courses on web pentesting....

yhadji

My aim is to get a very practical experience from the certificate i will choose.

Ideally i would want something focusing on the OWASP top 10 as i have already downloaded webgoat andtry to play around but i need structrured learning.

I don't care much about how recognisable will be the certificate.

JasminLandry

As others have said, eLearnSecurity has a web application course https://www.elearnsecurity.com/course/web_application_penetration_testing/. I've never done it but apparently it's not too bad. Or you could go the more expensive route and do the SANS course https://www.sans.org/course/web-app-penetration-testing-ethical-hacking.

JasminLandry

ITSpectre wrote: »

Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.

Why avoid a web pen test cert?

ITSpectre

JasminLandry wrote: »

Why avoid a web pen test cert?

That is just me.... If your trying to get into web Pentesting a web pen cert is only going to cover that... Its better to get the eJPT or OSCP because the skills you gain will greatly help you more then a web pen test cert.