I get asked this from people in IT I know. One guy recently told me all the CEH program does is teach you script kiddie stuff.  This is my answer  to that and helps me sell the idea of a pen test. Yes, the CEH involves a lot of ready made programs that a lot of script kiddies use. BUT, thats what 90% of the daily attacks to your network involves. If someone hacked into your network and owned you using stuff like that, well thats what you should be embarrased about and hopefully will not be a resume generator.  If some uber, leet, one of kind hacker gets in, well thats bad also, but will  not hurt your rep as badly. So please dont let your network be exposed by script kiddie stuff! Once we know that aspect is secure, we can move on to even more complex hacks.

True. Part of me doesnt like the term "script kiddie" because even the most advanced will use other peoples scripts,etc..  Although its amazing to talk to a teenage hacker that really doesnt understand the function of a port. Sometimes all they know is "its something thats supposed to be open."  Perhaps one activity I notice that most "script kiddies" engage in is the hunt for low hanging fruit. They just scan looking for easy prey and then exploit whatever comes under their scope. A profesional doesnt have it nearly so easy, because he is given the target and cant always rely on exploits that are 2 years old to do the job, lol.