Viewing 8 reply threads
  • Author
    • #8613

      Okay. I’m struggling to decide whether to take the eCPPT course or GPEN after finishing up with GCIH. I know I’m not ready for the OSCP, so I’m not even considering that. 😛 I know that eCPPT is more hands on, but not as well recognized. Or am I wrong about that?

      Any thoughts or advice is greatly appreciated.

    • #53635

      I can’t speak for the eCPPT, but I have taken the GPEN and from the eCPPT trial module I’ve looked at, and the course materials, I’d go with your assessment, eCPPT appears more ‘full pen test’, but GPEN appears more professionally laid out.

      Are you doing this to get another job or for your own interest? If it’s for a job I’d recommend the GPEN – the SANS courses are well known by management and engineers alike, so you’re more likely to get a job with that qualification.

      If it’s for your own interest, I’d struggle to recommend the GPEN because it’s not very ‘hands on’ at all. I went through the entire SANS SEC560 without doing a single hands-on exercise and still passed the GPEN with 95% just by answering the most logical questions and remembering some command-line arguments.

    • #53636

      That is what I thought.

      My company will be paying and it’s as much for my job as it is a professional interest.

    • #53637

      The GPEN has more recognition over eLearnSecurity’s Certifications. Offensive Security’s courses are great and people have respect for OSCPs and OSCEs.

      Having recently taken the eCPPT Gold Examination, eLS has really stepped up their Examination Challenge from their Silver Exam. Not only have they made it more hands-on, but they test you on more than basic web app pentesting knowledge. These guys should get a little bit more recognition with their new challenges. You walk out of the exam tested on topics the OSCP covers.

      If you want more hands-on, I agree with UKSecurityGuy. Go with eCPPT or if your up to the challenge the OSCP. It’s kind of hard to balance PWB after a long day of work and if your not feeling up to the challenge. The GPEN is great because the industry loves GIAC Certs. If you weren’t just looking for another GIAC Cert but a hands-on approach, you’d enjoy the eCPPT.

    • #53638

      The GPEN really isn’t all that bad. In fact it’s a great compliment to the OSCP as in addition to the technical stuff it also covers some of the business aspects of a pentest.

      The material itself is good. What will make the difference is the labs. The OSCP lab environment is second to none. However, if you do a comparison of the material you will see they are pretty similar. In fact there some sections that are better covered in the GPEN….but the labs are what will get yah..

      I have not done the eCPPT, but if your company is paying for the GPEN then go for it. If it’s out of pocket that’s a different ballgame.

    • #53639

      I ended up taking the SEC560 course. Good stuff. Now I just need to get the certification done with. I have to say that I learned a lot, and the SEC504 class that I took last year really compliments it well.

    • #53640

      Interesting – I’m about to take the eCPPT in the new year – so I’ll be able to directly compare them.

    • #53641

      Just passed the eCPPT. Great course. Next up is the OSCP. Not sure I will get to it this year though.

    • #53642

      GPEN is better, definitely.

Viewing 8 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?