Web pen test certificate after Security+

Hello all,

I am in the process of studing for the security+ certification.

When i pass it i am planning to learn more on web application security. So i want suggestions on certificates in that area.

From what i have searched OSCP and eJPT seem to be good options but i want a begginer cert on web app security.

Find more posts tagged with

Comments

Danielm7

Since you already looked at elearnsecurity, maybe head back there and check for their web app pentesting courses. I haven't done those specifically but I've heard they're good. Not very recognized but I don't know that many people expect a web app specific pen testing cert either.

ITSpectre

Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.

ITSpectre

Check Elearnsecurity, cybrary.it, pluralsight for courses on web pentesting....

yhadji

My aim is to get a very practical experience from the certificate i will choose.

Ideally i would want something focusing on the OWASP top 10 as i have already downloaded webgoat andtry to play around but i need structrured learning.

I don't care much about how recognisable will be the certificate.

JasminLandry

As others have said, eLearnSecurity has a web application course https://www.elearnsecurity.com/course/web_application_penetration_testing/. I've never done it but apparently it's not too bad. Or you could go the more expensive route and do the SANS course https://www.sans.org/course/web-app-penetration-testing-ethical-hacking.

JasminLandry

ITSpectre wrote: »

Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.

Why avoid a web pen test cert?

ITSpectre

JasminLandry wrote: »

Why avoid a web pen test cert?

That is just me.... If your trying to get into web Pentesting a web pen cert is only going to cover that... Its better to get the eJPT or OSCP because the skills you gain will greatly help you more then a web pen test cert.