Viewing 10 reply threads
  • Author
    • #484

      How well-known are these certs within the Pen-testing community?

      (CPTE) Certified Pen-Testing Expert : Mile2
      (CEPT) Certified Expert Pen-Tester : Infosec Institute
      (LPT) Licensed Penetration Tester : Ec-Council

      The curriculum for the first two follow similar lines, but the LPT seems to be hardly discussed anywhere on the net.  What are the reputations of these certifications?


    • #9523

      I’m not sure about the first 2, but I know that there is no certification exam for LPT. To obtain it however you must first obtain the CEH and ECSA certs. You must also attend a mandatory 3-day course and fill out the regular EC-Council paperwork including signing the code of ethics and also proof of your criminal record.

      The cert is only valid for 2 years and has a $250 renewal fee. Once you have this cert you can join the EC-Councils Tiger Team, which means every now and again you get to join a team of pen testers for a paid pen testing job.

      Check here for more info. Note the list of links at the bottom of the page too.

    • #9524

      Thanks Negrita for your response.  It looks like the Penetration Testing / Vulnerability Assessment circles haven’t really come together in agreement between certain certification tracks.

      The first 2 certifications seem to be proprietary tracks with specialized curriculum for the penetration tester.  The CPTE is the advanced penetration course offered by Mile2 training, while the CEPT is also an advanced penetration course (“replacing” the ECSA) offered by Infosec Institute. 

      Most companies haven’t recognized these certifications yet as pertaining to penetration testing which has me wondering if they’ll be “embraced” at some point. 

    • #9525
      Don Donzal

      For those interested:

      Certified Expert Penetration Tester (CEPT)
      The CEPT certification is designed to certify that individuals have expert level knowledge and skills in relation to penetration testing
      Consists of 9 domains directly relating to penetration testing
      100 Questions – 80% required to pass
      Exam given On-Site during course with immediate computer graded results
      9 Certified Expert Penetration Tester (CEPT) Domains:

      Penetration Testing Methodologies
      Network Attacks
      Network Recon
      Reverse Engineering
      Memory Corruption/Buffer Overflow Vulnerabilities
      Exploit Creation – Windows Architecture
      Exploit Creation – Linux/Unix Architecture
      Web Application Vulnerabilities


      Is this one well known enough to add to our list of ethical hacking certs at:
      http://www.ethicalhacker.net/content/category/1/31/3/ ?


    • #9526

      I believe those three (LPT/ECSA, CEPT, CPTE) are the only advanced penetration certifications out there. 

      Doesn’t look like many know these at all and what’s worse is that HR probably won’t know these either.  🙁

    • #9527

      @charlottebandit wrote:

      Doesn’t look like many know these at all and what’s worse is that HR probably won’t know these either.  🙁

      HR never know anything about certs. It’s always best to try to talk to someone technical first in a job interview. On another forum where I moderate one member (I think he’s a member here too) applied for a job which required MCP or MCSE. He told the HR rep that he had MCSA. The HR rep rejected him because he was overqualified!!!! Go figure.  >:(

    • #9528

      Just attended CEH training from InfoSec Institute.  Tons of labs and daily Capture the flag “Red Team” exercises at night. 

      CEH tools were discussed, but newer & better tools were used for the labs.  They used a pen-testing model of instruction while incorporating CEH materials/tools into the course, rather than teaching a course on tools & slides.

      Thumbs up for InfoSec Institute.

      – charlottebandit

    • #9529
      Don Donzal

      Did Jack Koziol teach your class?


    • #9530

      No, Jack didn’t.  Jack teaches the Adv. class.

      Tim Singletary taught the CEH, and also is one of the instructors for the CHFI.  I believe he also subs in for the Adv. class.  He will be coming out with a book later this year with several “proof of concept” vulnerabilities & more. 

      He is/was a heavy hitter for DoD & other 3-letter agencies, but now consults and teaches.  Another thing I enjoyed was the fact that we ventured into penetration testing as if we had an experienced sysadmin or network security analyst as a foe/opponent rather than an inexperienced, clueless IT geek.  They raised the bar on us causing us to think before we assessed the systems without triggering off the IDS. 


    • #9531
      Don Donzal

      Saweeeet! I’d be interested in hearing more details in a new forum topic. Are you in Chicago?

      I’m taking a CEH class with The Training Camp, and the instructor is Andrew Whitaker. He wrote the Cisco pen testing book.

      I hope it’s that much fun.


    • #9532
      Don Donzal

      OK, they switched on me. Mr. Whitaker is no longer the instructor. A last minute change puts Steve Kalman in the hot seat as instructor. Checking up on him, he wrote the Web Security Field Guide (a Cisco Press book) and has been in IT for over 30 years. He also has experience in forensics.

      Not to hijack this thread any more than I already have, I’ll keep you posted in my area of the study group.


Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?