Best cert for practical experience in pen testing

Viewing 21 reply threads
  • Author
    Posts
    • #3685
      worryfree
      Participant

      Hi,
      I’ll be looking for work in the next few weeks (Agilent Tech, major workforce restructuring!) in the UK. I have approx 10 years sys admin and 4 years as System/Security Test, mostly using Nessus, I have recently passed the Security+ (2008) and now looking for a cert which will give me additional practical experience as well as being recognised by an employer,  as I’ll be concentrating my job search on Pen Testing oppurtunities. I was looking at either the OffSec or the CEH. Any advice on which would eb the best as well as timescales to study/take. I’m on ‘leave’ as of now so have my days available for study.
      Any help appreciated.
      Cheers
      Worryfree

    • #23713
      timmedin
      Participant

      I’ve taken the GPEN from SANS and I highly recommend their training. The provide a lot of technical aspects but also cover the business side which I hear is lacking in some of the other Pen Testing training.

    • #23714
      worryfree
      Participant

      I’ll be funding myself and solely based on this I’m inclined to go with OffSec not unless there are any other options, even the material only with cert exam seem expensive for the GPEN.

    • #23715
      Ketchup
      Participant

      I haven’t taken the OffSec courses, but I have heard nothing but the best about them.  I’ve been told that they are challenging and prove your skill.  There are a few people here with that cert, perhaps they can speak from personal experience.

      I did take the CEH course.  It was a good introduction into ethical hacking.  It feels like the next step from Security+.  It will not teach you how to “hack.”  You should be able to pass this from just studying the literature.

      The CEH cert has more name recognition from my experience.  It will probably open a door or two for you, although not anything like CISSP.  OSCP will actually help you do your job when it comes to pentesting.  This is only my opinion.

    • #23716
      jason
      Participant

      I used to work for Agilent. It’s a good place to be from.  😛

    • #23717
      timmedin
      Participant

      @worryfree wrote:

      I’ll be funding myself and solely based on this I’m inclined to go with OffSec not unless there are any other options, even the material only with cert exam seem expensive for the GPEN.

      You can get it at a discounted rate if you do some volunteer work. Only $700 for the class, cert attempt, and OnDemand training.
      http://www.sans.org/training/volunteer.php

    • #23718
      worryfree
      Participant

      Thanks timmedin, much appreciated, I’ve signed up to volunteer for the London SANS in November, I think it will be a great experience as well as making the GPEN affordable.
      In the meantime I think I’ll sign up for the OffSec course.

    • #23719
      eternal_security
      Participant

      You won’t regret taking classes from Offensive Security.  timmedin is right about not covering business aspects, but if you want practical, hands-on experience at a very reasonable price, OffSec101 (now called Pentesting with Backtrack) is an amazing class.

    • #23720
      ficti0n
      Participant

      Dont even bother with the CEH its worthless… Useless for getting a job, Useless for learning anything practical… and all around a complete waste of time…

      Take the offensive Security 101 training instead.. You will learn much more then the CEH and it will be practical experience not memorizing slides and useless information about trogen passwords from 1995….. man the ceh is useless, note I took that exam back in 2003 and it hasn’t improved much from what i have seen…

      Also if you do get a bit of money.. The training from infosec institutes advanced class is very good if you are interested in another certification that will prove that you actually learned something.. CEPT Warning with that cert though… Make sure you go into that class knowing how to use linux… basics of how overflows work.. and at least read up on Assembly and know the basics……

      Hmmm GPEN I dont know much about… I know that ed scoudos guy seems to be pretty knowledgeable and he wrote the course and teaches it.. his web casts are great so try for the discounted 700 dollar volunteer work… I dont think you could go wrong with that….. Plus I think with that you get access to the online material for a bit too….

      Another great place to learn stuff is on the forums…. This forum.. Learn Security Online’s forum… The backtrack forum… Blogs like carnol0wnage.. etc etc….

    • #23721
      KrisTeason
      Participant

      I’m 100% behind what ficti0n said. Don’t waste your time with the CEH program. It’s best you get what you pay for & in these economical times , the Off Sec course hands down is some of the best training you could pay for , for a damn good price. I hate to rag on the CEH here but I think it’s way over priced and they throw a bunch of worthless tools together to make it look like your picking up on a bunch of knowledge (Come on Neo Trace? Who uses this tool during a penetration test). At least the Off Sec course walks through a hands on demo of exploit development and you walk away having hands on experience of some common attack vectors used by attackers today. I personally think it’s good paying a good price for a course that can teach you a more hands on approach then paying 2 or 3 times as much as walking away having to take a written test to get your certification as oppose to actually proving the skills you learned in a practical lab environment. This to me hands down is the difference between these two courses and I again say , go for the OSCP Cert instead of the CEH!

    • #23722
      BillV
      Participant

      Ok, well, I can’t say that I entirely agree with the two above. But I don’t disagree with everything stated either. Having taken all three of the mentioned courses (CEH, OSCP and GPEN) I can certainly offer comparisons between them.

      That being said, the CEH was the first certification I obtained. It did give me some recognition with my employer at the time (quite possibly from just the name), and it definitely came into play shortly after once I started getting security-related tasks. Now, I had prior hobby experience before earning the CEH, and I did further research/testing/etc. on my own during and after the course. What I’m getting at (and I’ve said this in the forums here before – as well as others) is that the CEH can be what you make of it. It’s an introductory certification, not meant to make you an expert. If you take the concepts learned, the tools used and the resourcefulness you should have as an ethical hacker, you can quite easily turn the CEH into a lot more. And this isn’t just for CEH, but for any security certification in general you’re going to need to constantly stay updated.

      For the cheapest route, you could do OffSec or CEH courseware. Then of course if you do the volunteer thing for SANS, you can get the GPEN for a great price. Knowing what each includes and that you’re trying to get the most bang for your buck, my suggestion would be this: Do the OffSec course and buy one or two of the CEH prep books (not the official review guide, but the ExamPrep or the Prep Guide. If you decide to take the exam, then purchase the Official Review Guide for studying prior. Since you mentioned doing the volunteer thing with SANS, that’s when you can do the GPEN. They will all certainly complement each other and you’ll learn quite a lot.

      BillV

    • #23723
      T_Bone
      Participant

      Hi Worryfree

      I am in a similar situation as yourself as in i have been in sysadmin for a while but not quite as long as you and want to get into the Security industry as a Pen Tester.  I have also completed the Security+ exam but have a very low budget to go towards courses and have been looking at the OSCP.  I have noticed that in the UK the required certifications are either CHECK or CREST but you have to be very competent before you can even think about taking on these qualifications and are still a couple of grand to do.  I have mentioned on the site a few times about the Tigerscheme but no one seems to really know of it and are therefore hesistant to go into that direction, as they provide courses followed by an exam but are unfortunately still very expensive  :'(

    • #23724
      impelse
      Participant

      I always had the same question, which to do first OSCP or CEH, I understand that CEH is an entry level and the OSCP is a practical leve, but normally what do you take first?

    • #23725
      Anonymous
      Participant

      they answer to that question is very dependent on a person’s background.

      if you already know some things then Off Sec course is probably good for you.  if you dont know anything you’ll be totally lost if you take the off sec course and CEH may be better for you.

    • #23726
      Dark_Knight
      Participant

      The path I took waz
      CEH -> OSCP101 -> GPEN560

      Introduction -> Hands On -> Hands On/Business Stuff respectively

    • #23727
      alucian
      Participant

      Hello,
      I have a question related to the same subject.
      I want to take a certification to help me doing vulnerability assessment, not necessary penetration testing. I still can’t decide between CEH and OSCP. I already am CISSP and CISM, but I want something more hands-on.
      What do you suggest??
      Thanks!

    • #23728
      Orhan
      Participant

      For ‘hands on’, I would say offsec, then GPEN.  I am not a CEH so I can not comment on the hand on element (there are plenty of CEH members that can).  However, the exam for the OSCP is 100% pure, unadulterated, mind blowing hands on!!

      However, this is a pent testing course, with little ‘pure’ vulnerability scanning, so with this in mind, you might be better off with GPEN which includes pen testing and vulnerability scanning.

      Hope that helps.

    • #23729
      Otter
      Participant

      @Orhan wrote:

      For ‘hands on’, I would say offsec, then GPEN.  I am not a CEH so I can not comment on the hand on element (there are plenty of CEH members that can).  However, the exam for the OSCP is 100% pure, unadulterated, mind blowing hands on!!

      However, this is a pent testing course, with little ‘pure’ vulnerability scanning, so with this in mind, you might be better off with GPEN which includes pen testing and vulnerability scanning.

      Hope that helps.

      From all I’ve heard, OSCP is the way to go for more hands on.  I know the class I had with Infosec Institute that happened to include CEH testing was also very hands on, but I’m not confident you’ll find that across the board.  There were some folks in my class who passed the test who weren’t… um.. so good.  There were also some bad ones who did fail too, which gave a person some faith as well.  But, by all accounts, OSCP is the cert associated with more hand-on stuff than a CEH.

      On the other hand, I actually have gotten recruiter emails simply because their hiring client mentioned CEH specifically in requirements, and I bubbled up on top of others for that reason.  CEH definitely has the more accessible and better known name of the two to the broader public. 

      I never even saw a study guide or knew of the official coursewhere for the CEH by the way, and rocked the hell out of that test, but this also wasn’t my first security course ever, I came in quite comfy with linux and windows, and had been doing vulnerability assessment as a  job for a year or so when I took it. 

    • #23730
      KamiCrazy
      Participant

      I’ve always been interested in computer security. My daily job is an IT administrator for SMB clients running SBS 2003/2008 boxes + terminal server environments and small vmware deployments.

      Last year I decided to take a dive into some serious infosec study.

      I initially had my eyes set on the CEH but I decided to do OSCP after two things. Firstly I looked at the back track distro and thought it was very well done. Secondly I found out that the exam was completely practical based and I have very fond memories of doing my RHCT exam. (To this day I think that practical based exams are not only challenging and rewarding but FUN!)

      So I signed up to OffSec101. I fully enjoyed the course even though I have not sat the exam yet for personal reasons. I firmly believe that if you have a solid understanding of linux, networking and basic scripting skills OffSec101 is the best starting course.

      The format is good, the videos are clear and the labs are interesting.

      I’m currently finishing up ethical hacking online from InfoSec Institute (the training is for CPT and CEH exams). A lot of the stuff being covered I have learnt already from OffSec101. However gained a lot more value because i did OffSec101 first. I chose to do this course because the CPT exam was part practical and it included CEH training as a bonus.

      My recommendation for anyone who is getting into this is to.

      Doing a basic networking course first to ground yourself in the OSI model and understand networking principles. It is very important.

      Train up on linux use and administration.

      Once these foundation items are set sign up for OSPWB.

      Do a InfoSec Institute ethical hacking course. I can’t recommend the online one though because I have found it to be of poor quality, if I hadn’t done OS101 first I don’t think I would have learnt anything. I have only heard of great things about the instructor led courses.

      From there branch out into the InfoSec Insitute advanced ethical hacking class or OSCTP or why not do both?

      From that you should have seriously solid base of building a future in security. These classes don’t make you a pentester they prepare you to be one.

      In terms of certs you should be able to walk away with OSCP, CPT, CEH, CEPT, OSCE, ESCA, LPT.

      In that mix there is clearly a mix of “business recognised certs” (EC-Council ones) and proven hands on training (OffSec, IACRB certs).

    • #23731
      UNIX
      Participant

      @alucian wrote:

      I still can’t decide between CEH and OSCP. I already am CISSP and CISM, but I want something more hands-on.
      What do you suggest??
      Thanks!

      When your options are CEH or OSCP I would go for the OSCP. I am not certified for either (yet) but depending on all the posts and reviews I have read so far, OSCP should be more hands on and cover the things better. CEH may teach more different things but only on the surface and not really deep enough as I have often read. As you are already CISSP and CISM certified I assume that you have a good knowledge and a good base to go for OSCP.

    • #23732
      plan2000
      Participant

      @awesec wrote:

      As you are already CISSP and CISM certified I assume that you have a good knowledge and a good base to go for OSCP.

      and you’ll qualify for 40 ISC2 CPE Credits for OSCP certification, which is a good addition i think 🙂

    • #23733
      alucian
      Participant

      Thanks awesec for your advice.
      In fact, I want to do OSWP during the summer and in September I’ll do OSCP. I am sure I’ll enjoy them, I just hope I’ll have the time to do it (job, kids, moving…  ??? )
      I’ll inform you guys what I’ll do about them.
      Happy summer to you all!

Viewing 21 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?