Pentesting Certifications
pentest
Member Posts: 23 ■■■□□□□□□□
I'm going through certifications in the pentesting field which would give me a hard challenge and where I can prove myself. I'm not really interested if it's recognized by HR. So far I've come up with:
Are there any other good ones which would fit into the above?
- GIAC Certified Penetration Tester (GPEN)
- GIAC Reverse Engineering Malware (GREM)
- Offensive Security Certified Expert (OSCE)
- Offensive Security Certified Professional (OSCP)
- Certified Expert Penetration Tester (CEPT)
- Certified Penetration Tester (CPT)
- Certified Reverse Engineering Analyst (CREA)
- Certified Network Offense Professional (NOP)
Are there any other good ones which would fit into the above?
Comments
-
ibcritn Member Posts: 340I would consider this:
- Offensive Security Certified Professional (OSCP)
GPEN is also a very good certification. I took the class and learned quite a bit from Mr. SkoudisCISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+
Next Up: Linux+/RHCSA, GCIA -
JDMurray Admin Posts: 13,091 AdminGeez...isn't that enough? How about a cert in social engineering? That's certainly pen testing.
Seriously, make sure that you understand the differences between those certs. They aren't all about exactly the same skills and technologies. Some are about (wired or wireless) network pen testing, (at least) one is about application pen testing, and some are just a general survey of pen testing and related areas, such as incident handling and response. There are also some tools used in pen testing that have their own vendor cert (such as Wireshark). -
pentest Member Posts: 23 ■■■□□□□□□□I've already completed most of them (CPT, CEPT, OSCP, OSCE, GPEN, CREA), so I was looking for any other certs towards those areas. A social engineering cert would be fun, but I'm not aware of any.
I'm not sure if vendor or tool specific ones are what I'm currently looking for. -
iVictor Member Posts: 45 ■■□□□□□□□□I've already completed most of them (CPT, CEPT, OSCP, OSCE, GPEN, CREA), so I was looking for any other certs towards those areas. A social engineering cert would be fun, but I'm not aware of any.
I'm not sure if vendor or tool specific ones are what I'm currently looking for.
GREM / CREA is not really pentest stuff but more of a research / offline stuff. You wouldn't do that on a typical pentest engagement, now would ya?
And did you miss this:
SANS 660This is the Right Time -
pentest Member Posts: 23 ■■■□□□□□□□We had quite a few pentests which involved binary auditing/ reversing and exploit development. Clients not always favor source code reviews.
Sec 660 sounds interesting (as does Sec 710), unfortunately there aren't any certifications involved. There would be quite a few other courses which would fit into it, such as Offensive Security's Advanced Windows Exploitation (AWE), but I'm missing the challenge then. -
Nobylspoon Member Posts: 620 ■■■□□□□□□□Does Mitnick still teach the Certified Social Engineering Prevention Specialist course?WGU PROGRESS
MS: Information Security & Assurance
Start Date: December 2013 -
pentest Member Posts: 23 ■■■□□□□□□□Yes, thanks for bringing this one up. From my understanding, it's not an advanced course (although there are several 'levels' you can reach), though (similar as with Certified Professional Penetration Tester (eCPPT)).
I assume there aren't too many others as the ones mentioned in the initial post. Guess I'll try to get the ones I'm still missing and see what to do then. -
kriscamaro68 Member Posts: 1,186 ■■■■■■■□□□I'm going through certifications in the pentesting field which would give me a hard challenge and where I can prove myself. I'm not really interested if it's recognized by HR. So far I've come up with:
- GIAC Certified Penetration Tester (GPEN)
- GIAC Reverse Engineering Malware (GREM)
- Offensive Security Certified Expert (OSCE)
- Offensive Security Certified Professional (OSCP)
- Certified Expert Penetration Tester (CEPT)
- Certified Penetration Tester (CPT)
- Certified Reverse Engineering Analyst (CREA)
- Certified Network Offense Professional (NOP)
Are there any other good ones which would fit into the above?
If your looking at collecting the entire set of pentesting certs then there is:
elearnsecurity's ECPPT.
Also as another user said Hacking DOJO.
No mention either of CEH but it looks like you are way past that. -
rogue2shadow Member Posts: 1,501 ■■■■■■■■□□
-
iVictor Member Posts: 45 ■■□□□□□□□□rogue2shadow wrote: »
This is cool.! Their cost is half of that of SANS and curricula / process is realistic, IMO. Only aspect missing perhaps is their geographical coverage. It's still in its nascent stage. Hopefully it'd spread over soon.
Till then SANS it is.This is the Right Time -
blackhole Member Posts: 59 ■■□□□□□□□□JD - I want your take on CEH7 or SANS 504. Which one has better value given consideration as 7 is brand new.
-
JDMurray Admin Posts: 13,091 AdminJD - I want your take on CEH7 or SANS 504. Which one has better value given consideration as 7 is brand new.
What's your specific reason(s) for wanting either cert? -
blackhole Member Posts: 59 ■■□□□□□□□□to supplement CISSP cert. my current job is to configure routers for large customers mpls/internet cloud on edge and private routers. firewalls VPN extensions etc etc. now I want to expand my horizon given CISSP cert prime importance so want something that will give me knowledge as well as value added when I make switch to full time security position.
-
JDMurray Admin Posts: 13,091 AdminI want to expand my horizon given CISSP cert prime importance so want something that will give me knowledge as well as
value added when I make switch to full time security position. -
blackhole Member Posts: 59 ■■□□□□□□□□that's why I need advise .... I don't want to be pen tester, ultimately i want to step in to risk-management and I want something that will give me boost. so making question easier given a choice of CEH7 or SAN 504 where you will lean ?
-
docrice Member Posts: 1,706 ■■■■■■■■■■I've heard that CEH version 6 was basically just tools-oriented, while version 7 upped the class more (in terms of what, I'm not sure, so I can't comment much here).
I'm finishing up the 504 course now and plan to sit for the GCIH exam soon. If you want to know "attack tools and methods" in the context of attack phases as well as a balanced perspective from a defender's / incident handler's perspective, I think the SANS route is probably better.
It seems CEH is more recognizable on a resume, although I see some job postings also asking for GIAC certs.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
phoeneous Member Posts: 2,333 ■■■■■■■□□□This may be a broad question but what is the job market like for pentesters, specifically network security? Is there a high demand? Is it mainly government that contracts for these spots?
-
Darril Member Posts: 1,588I was just reviewing the new PenTest magazine (PenTest Extra 01/2012 | Issues | PenTest Magazine) and it was advertising courses for the Social Engineering for Penetration Testers (S.E.P.P.) certification. I had never heard of this before so did a few searches and came up with this page among others. This page (Black Hat ® Technical Security Conference: USA 2012 // Social Engineering for Penetration Testers by Chris Hadnagy and Robin Dreeke) says that it "is a multiple day, hands-on exam (scheduled within 60 days of completing the course) with true-to-life practical tests that will prove you have accomplished the skills needed to earn your S.E.P.P. credentials."
I can't vouch for it, but it certainly sounds like a multiple-day exam would challenge anyone, which is what the original poster was looking for.
Does anyone else know anything about this cert?
Darril -
pentest Member Posts: 23 ■■■□□□□□□□Thanks Darril, that seems to be an interesting one.
Since my last post, Offensive Security has added two more certifications to their arsenal:- Offensive Security Exploitation Expert (OSEE)
- Offensive Security Web Expert (OSWE)
-
beads Member Posts: 1,533 ■■■■■■■■■□Just how would one test Social Engineering in the real world? Follow a potential attacker around with a video camera? I mean just how do you prove you social engineered anyone? Oh yeah. He got me. Let me do a video interview admitting I'd been had.
-
Darril Member Posts: 1,588Just how would one test Social Engineering in the real world? Follow a potential attacker around with a video camera? I mean just how do you prove you social engineered anyone? Oh yeah. He got me. Let me do a video interview admitting I'd been had.
A couple of techniques I've seen used in actual test are related to tailgating and phishing.
Tailgating. In organizations that require users to enter a cipher code or use a proximity card badge to gain entry, the tester simply walked in with other employees without entering a code or using a proximity card. The fact that the tester is inside is proof that it was successful.
Phishing/spear phishing. An email is spoofed so that it looks like it's coming from someone official and sent to multiple employees. As a classic phishing email, it explains some problem and includes an urgent requirement that user's respond with their username and password. The credentials received by individuals is proof that it was successful. -
JDMurray Admin Posts: 13,091 AdminThere are many companies that will do social engineering and phishing testing. Kevin Mitnick's company comes to mind. And I have professional acquaintances that work at phishme. You can certainly make a profession at social engineering.
-
SephStorm Member Posts: 1,731 ■■■■■■■□□□I think the question was more about how do you test SE skills for an exam.
-
gabypr Member Posts: 136 ■■■□□□□□□□I was just reviewing the new PenTest magazine (PenTest Extra 01/2012 | Issues | PenTest Magazine) and it was advertising courses for the Social Engineering for Penetration Testers (S.E.P.P.) certification. I had never heard of this before so did a few searches and came up with this page among others. This page (Black Hat ® Technical Security Conference: USA 2012 // Social Engineering for Penetration Testers by Chris Hadnagy and Robin Dreeke) says that it "is a multiple day, hands-on exam (scheduled within 60 days of completing the course) with true-to-life practical tests that will prove you have accomplished the skills needed to earn your S.E.P.P. credentials."
I can't vouch for it, but it certainly sounds like a multiple-day exam would challenge anyone, which is what the original poster was looking for.
Does anyone else know anything about this cert?
Darril
I havent heard of this certification, but sounds interesting. Lets see how this certification evolve and increase security awareness and practices.
I didnt see the EC-Council Licensed Penetration Tester LPT certification Ethical Hacking, Information Security, Computer Security, Penetration Testing, Certified Ethical Hacker, Pen Testing, Penetration Tester, Ethical Hacking Training, Network Penetration TestingEC-Council Master in Security Science M.S.S [Done]
Reading Project Management Professional (PMP) Certification Exam prep by Sohel Akhter -
JayTheCracker Member Posts: 169good ones may be eCPPT, CEH, LPT, CPT, CEPT, OSCP, OSCE, GPEN, GWAPT, GAWN & GXPN
-
the_hutch Banned Posts: 827I've got a few to add. I'm surprised nobody has mentioned OSWP (Offensive Security Wireless Professional).
In addition to that, there are all the SecurityTube options, by Vivek Ramachandran. These include:
- SWSE (SecurityTube WiFi Security Expert)
- SMFE (SecurityTube Metasploit Framework Expert)
- SPSE (SecurityTube Python Scripting Expert)