Offensive Security finally added an accompanying certification to their Advanced Windows Exploitation (AWE) course, called Offensive Security Exploitation Expert (OSEE).

More info is available here and here.

As much as I love their courses (about to sign up for OSCE,) I can't swing that price (the web app one.)  Will wait until that one eventually (hopefully) comes out self-study, as well...

Hmmmm, one year too late for the web one.
I did GWAPT last year and  I cannot justify two courses for the same subject.

Maybe I'll do the online version, when it will become available.

But... I still have a lot to fight with OSCP and the others.

I love offensive security certs!!

The reason that and the windows exploitation course are so expensive is because they are live/in-person courses. As Hayabusa mentioned, hopefully they come up with self-study versions that have prices that are in line with the other self-study courses.

Interesting from Offensive course, I remember Securitytube would also be launching Webapp security certification sometime this year... Got to wait and see...

Well, as the quote said (where you quoted me,) I know GIAC is more 'recognized'  

So I think we agree.  It depends on your reasoning.  If you want it for a resume or need to bypass HR, then yeah, I see GWAPT.  But if it's personal, and you're in it for the experience factor, I lean to OffSec.

And I'm not even going to discuss CISSP...  I don't have it, mostly because I don't need it, but a LOT of CISSP's (that I know personally) can 'talk the talk' based on book knowledge, so they passed the cert. But put them in real-world and they can't cut it.  I respect the cert, for it's knowledge and info, but again, it's always based on the end-person.  I've considered going after it a few times, but it's a lot of time and study that I don't have, for something that isn't going to buy me, personally, anything, at this juncture.  So who knows, maybe someday, when I'm bored and have some time... who knows.


<Edit- Again, don't take my post as condemning CISSP.  Just saying, there's proper need for it, but that it's like any other cert in paper...  You can learn it, but application is another thing, and results of THAT are based on the student(s) in question.>

Question for the seasoned pentesters:

Do you really need the advanced windows exploitations skills on your day to day job? Some of the managers I know will just say "Well this is too advanced,... this in the internal network.... "

 

Just an FYI, for those wondering what a live class with the OffSec guys is like, heres a review (PWB) I believe by Johny Long. Its a 5 part review, so u can change the url as needed.

http://www.offensive-security.com/offsec/pwb-in-the-caribbean-part-1/