@H1t Absolutely not offended. I reacted in a sarcastic way but let me elaborate more on this because I think it's an interesting point that goes beyond our product or our certification.
In order to explain my point I'd use a question:
"What is your client expecting from you when he pays for your pentesting services?"
That you simply get root?
OR maybe...that you find ALL of the vulns, exploit them, give an impact, hand out a professional report?
This is my difference between Hacking and Pentesting.
Pentesting is much much more difficult because it involves getting root and much more.
Don't get me wrong. Last time in a webinar I was the one saying hacking is beautiful and can tell you there were some people in the audience sneezing or getting irritated. *I love hacking*
BUT with our certification we are attempting to bring our students from *just* Hacking to Professional penetration tester.
1) You have to find all vulns
2) You have to build your own exploit *to get root*
3) You have to report it professionally
In our ECPPT exam you do ALL of the above 3 steps :
1) Against a real world scenario of a corporate network (with routed workstations, servers, firewalls...)
2) in VPN
So as you can see getting root is part of the game but not just that.
Having that said, Hera is the place where we will conduct the exam and it's an environment where you get entirely routed complex networks ONLY for you spawned in seconds. It's real unique stuff.
Now I think I clarified my point and, at some extent, you will probably agree with me.
I apologize if I sounded too sarcastic.
I'm a nice guy usually
P.S. This in no way intends to be a comparison between what others do and what we do. It's simply what we do. Kudos to any company bringing quality on the table.