How useful is this for a real world penetration tester?

Viewing 6 reply threads
  • Author
    • #1907

      I am a an security professional in the financial institution space and am interested in the CPTS. In my work I am involved in risk assessments and also alot of penetration testing including web app vulnerability scanning. I looking to take the course by Mile2 to get more structured exposer to alot of the tools especially the main ones like NMAP,Nesses, password crackers etc. . I have heard some differnt things such as the CPTS focus a lot on the manual exploit techniques such as creating your own scripts  inPERL or soemthing like that. In my position most of our projects don’t allow a ton of time to work on these more time consuming manual procedures and we have to rely mostly on scanning tools and analysis the output. Does the CPTS fit this type of purpose well? Does the course even go into analysis of the otput at all? Or is it primarily jsut show you how to install ,configure and run multiple tools?
      I have also looked at the SANS GIAC couses like the Certified networkand system auditor course or the GCIH. GCIH has alot of info but I haven’t heard too much on the GSNA.

    • #15127

      did you look at the objectives?

    • #15128

      Yes, and to be honest it is marketing material from Miles2 I am trying to get actual insight from people who have taken these courses.

    • #15129

      the OBJECTIVES shouldnt be marketing hype they are the objectives.  the rest, well maybe.

      if you have the budget, you’re better off with a SANS course over CEH or CPTS especially since it looks like you are doing more compliance scanning than real penetration testing the GCIH is a good place to start.

      ‘The world does not need any more “ethical hackers”. What is needed is more people who know the six steps for properly handling an incident’ – Ed Skoudis


    • #15130

      Thnaks for the info Chris and I not sure where the scanning that we do falls as far as being compliance scanning or real pen testing. All I know is my firm sells this service as pen testing though it is generally related to a larger project scope such as annual compliance etc. Also, a good protion of it is application vulnerability testing but in any case I am going to take the GCIH course. I forgot to mention that for me taking the exam and getting the actual certification is secondary to the course and the knowledge learned from the course and it’s material. So for example I doubt I would ever really care to take the CPTS exam though I would probably take SANS CERT test just ecause they are well respected.

    • #15131

      hi to all,
      Am interesting on penetration test specialist,
      but I cant afford the training costs.and its real my desire to know this interesting course i ever seen.
      I did cisco CCNA,CCDA,CCNP and pix firewall advanced four year back
      and i didnt practice to my office becouse they dont have much complex networking.
      but they focus to pen tester.And i feel like I can fit to this rather than finding someone else from outside the company.

      so anybody who will be able to support me with all tools,technics and related materials,I will appriciate.

      Am waiting for any body.

      with best regards

    • #15132


      I would strongly recommend the GCIH exam and class structure over the CEH.  With limited study you can complete the CEH after the GCIH class you couldn’t pass the GCIH after a CEH. At least not with limited effort.


Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?