Are there any specific certifications tht delve into reverse engineering malware

MasterBullfrog

And/or digital forensics that I can begin in the Winter of this year?

I've heard that the CEH isn't worth it. And if not that, are there any other good pentest/forensics related certs that I could begin training for this Winter?

Thanks much.

cisco_trooper

I don't specifically about reverse engineering malware, but if you want a hands on security certification I find these VERY interesting and am strongly considering them just for the pure entertainment value.

Information Security Certifications by Offensive Security

MasterBullfrog

Thanks, you just reminded me about the certs offered by offensive security. I was looking at the OSCP last Winter and will definitely take an attempt at it.

Are there any EC Council ones that are doable in this time frame?

MasterBullfrog

So far it looks like:

GCIA
OSCP
GCFA
CCE

Guess it's down to choosing what can be done in a month. I already know the OSCP will run me about 3 months the least.

docrice

The GCIA isn't "forensics" in the traditional sense of file-system / memory content investigation. It's very much network focused and traffic analysis. It assumes you have a basic understanding of TCP/IP and can read a little hex.

If you're looking at GIAC certs for forensics, pentesting, or malware topics, look at:

• SEC 542
• SEC 560
• SEC 617
• FOR 408
• FOR 508
• FOR 610

rogue2shadow

IACRB has three:

Certified Computer Forensics Examiner (CCFE)
Certified Reverse Engineering Analyst (CREA)
Certified Expert Penetration Tester (CEPT) - You're required to create two exploits and reverse engineer a binary.

MasterBullfrog

^^ Thanks guys.

I'm going to do some research on those now.

edit: Lastly, I know that the EnCE training can be done online. Are there any sites you guys would recommend I steer clear from? (as in the 64hrs of training not being applicable).

Wow, those courses sure are pricey.

At this point, for namesake and others I might stick with the EnCE and CPT