EH-Net

Hi all,

I am looking at getting into pentesting, and I have been throwing the choices around in my head for some time. As someone with no real pentesting experience, is OSCP recommended?

i am also considering CEH,CPT,CPTE,and any other T1 pentesting certs, if anyone thinks one of these would be more appropriate.

I want to mention my experience: A+N+/S+, Security5, CIW Associate

Thanks in advance.

Hi SS,
My first certification was the CEH and it served as a great introduction to the field of penetration testing. The material was just enough to get me started. The exercises/labs looking back at them now were pretty basic :) So the 'exploits' were against a windows 2000 box and if I remember correctly the exploit was the good old rpc_dcom. Point is it was nothing fancy, but at the end of the course it got me thinking about security. So everything I did from that point on was done with security in mind.

The OSCP on the other hand was a different beast. This course took it to an entire new level. So, I remember 'reading' about buffer overflows in the CEH. Well I actually did it in the OSCP. A lot of the topics covered in the CEH came to life in the OSCP. Sql injection that I had read about in the CEH, I actually got the chance to do it on several occasions. Another is example is metasploit. During the CEH, someone in the class used msf to pwn the windows 2000 server. And let me tell you I was blown away by it. Fast forward to the OSCP and I was not only using the msf but I was actually editing some of the exploits. Really getting into the guts. And where as in the CEH I could identify exploits that were say in the C programming language, in the OSCP I was editing the code.

The OSCP is also ALL YOU. No lecturers to run to. Nobody to hold your hand and spoon feed you. It can be REALLY frustrating at times. Google and the oscp irc channel become your best friend. The exam is also another thing. You have 24hrs to pwn a set of boxes that you are seeing for the first time. No multiple choice exam. So the OSCP will take your skills to the next level.

So now that you have all this 'raw' skill it now needs to be refined. Enter the Sans GPEN. This course covers the business side of things. So it takes you through setting everything up on the business side. Things like rules of engagement, various laws, establishing scope etc are covered. Really important stuff. And it also further explains some of the concepts learned in the OSCP. Rainbow tables comes to mind.

So having said ALL that you could run with the CEH and then make your way up to the OSCP.

My .02

I can't really answer if OSCP is a beginner course or not. There are a couple of reviews on the site to look at. Ryan Lynn (apollo I think) and J0rDy.

However, if you have no experience with it yet, I'd recommend a little reading. Professional Penetration Testing (I'm liking it so far, even if the book is falling a part on me), and Hacking for Dummies. Maybe Hacking Exposed.

I wouldn't recommend OSCP for a beginner even if it was the first certification I opted for. What made me feel comfortable with taking the course is I've been using BackTrack For 3 years. This may be the first time anyone's seen me suggest this but since the CEH is something you plan on going for, I'd say consider that first. It has more popularity and the negative if any is that it's very tool / theory based. People taking the course can walk out of the class with the certification and not prove that they know how to hack.

If your looking to go a cheaper route and want to get your hands dirty for a cheap price, Learn Security Online has a beginners course called  "So You Wanna Be A Pentester" (http://www.learnsecurityonline.com/offerings/courses/204-so-you-wanna-be-a-pentester). For $300 and access to the LSO lab environment to test your skills, this one's a steal.

Heorot.NET's Shodan Certified Penetration Tester (1DCPT (http://heorot.net/1dcpt/)) course is currently discounted (and I think it's only going to be discounted for another 2 or 3 days) could be another option. The course is affordable and comes with the book chrisj recommended, "Professional Penetration Testing (http://www.amazon.com/Professional-Penetration-Testing-Creating-Operating/dp/1597494259?&camp=212361&linkCode=wey&tag=hackerdemiaco-20&creative=380737)".

I'm currently going through eLearnSecurity Online's Training Course (http://www.elearnsecurity.com/) thanks to Don and I definitely see it as an option for a beginner too. Jason has reviewed the course here (http://www.ethicalhacker.net/content/view/307/1/) and has coined it, 'The CEH Killer'.

Goodluck and welcome to the forums.

Kris

Thank you all for your welcomes, and your input. This is obviously something I am going to think long and hard on.

thank you.

I'll keep it short and sweet,,,  xxxKrisxxx and Dark_Knight echoed my sentiments, and experiences, almost exactly.  Start with the CEH, or even the Professional Penetration Testing book, by Wilhelm, then see how you're feeling, from there.

Good luck, and keep us informed as you move forward.  We're here to discuss and help!

Thanks, Well, I already have the Pro Pentesting book, and I was working with it, but two things are standing in my way, One, lack of dedicated time. I just finished a six month job training course that had me covering everything from vista, server 08, to UNIX, and security+. Two: too many books! That book is one of about five or six I have been trying to read while studying for other certs. I am hoping that over the next month I can focus on one area at a time. In fact, i'm starting right now!

Good, just focus in one area.

Based on that, SephStorm, you definitely wouldn't want to start with OSCP.  You'd quickly run yourself ragged, and I think you'd likely give up way too quickly (it's a LOT of dedicated time, especially if you're new to much of it.

Yeah do the book, and consider CEH, before trying to focus on a challenge like OSCP.

Good luck, and keep us posted on how you're coming along.

I will, thanks.