.

Pen Testing Certifications Help

<<

millwalll

Post Tue Feb 15, 2011 1:57 pm

Pen Testing Certifications Help

Hi EH Members,

I need some help. I am really interested in Pen testing and would love to get a job as Junior pen tester. At the moment not many companies are willing to take on juniors and train them up so I am trying my best to make my self a better investment for a company and paying for my own training.

So far I am working on my OSWP and also a student with the Hackingdojo I really want to know what else I can do to make myself a better investment for a company. I don't mind paying and getting certificates however as I only work part time I cant always afford to pay for course outright.

What certificates do you think would help me stand out? Are there any that are relative cheap like $500

Thanks a lot
Jamie
P.S if anyone want to give me a full time job(UK) so i can afford to pay for more expensive course let me know: P
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Tue Feb 15, 2011 2:31 pm

Re: Pen Testing Certifications Help

hi millwall,

What certificates do you think would help me stand out? Are there any that are relative cheap like $500


You may want to check this thread to see certificates that would help you stand out:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6630.msg35589/topicseen,1/

As far as affordable training with certificate options, hackingdojo is affordable! There's also eLearnSecurity's Penetration Tester Pro course. You can click here to redeem a 5% discount code for ethicalhacker.net members. Offensive-Security's Penetration Testing with Backtrack is also an affordable and terrific course. I do not know your background but if you were going to attempt this course, be sure to get the 60 day package as oppose to the 30. The labs have grown simply too large to make the 30 day package enough fun.

Other companies offering affordable training  (courses under the $500 price range) would be LearnSecurityOnline. Their online-training courses don't currently offer any certifications, but it's another great resource.

What ever route you choose, I hope you excel!

Goodluck!

-Kris
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

millwalll

Post Tue Feb 15, 2011 3:55 pm

Re: Pen Testing Certifications Help

Thanks for that information I was thinking about Pen testing with backtrack. Do you know if it taught by video or is it mainly text based?
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Tue Feb 15, 2011 4:23 pm

Re: Pen Testing Certifications Help

The course comes with over 8 hours of video along with an accompanying PDF file which is well over 300 pages. The pdf contains the content of the videos, lab exercises, extra-links for resources, as well as extra-mile exercises.

I wouldn't recommend it for the beginner though - I know I like to beef up the course and I'm quick to tell people, "take every course from offsec that you can", but I don't want to set you up for failure! If your new to the pentesting scene I wouldn't recommend going for it. Again, I don't know your background - you did ask for affordable courses; You can't beat the knowledge you learn in this course for the price.

If you have more questions about it feel free to ask, there's many OSCP's on this board. Glad I could help!

-Kris
Last edited by KrisTeason on Tue Feb 15, 2011 4:25 pm, edited 1 time in total.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Feb 15, 2011 5:38 pm

Re: Pen Testing Certifications Help

I agree -- if you're just starting, the OSCP might scare the living crap out of you. Start a little lower and then hit the OSCP.
<<

millwalll

Post Tue Feb 15, 2011 6:53 pm

Re: Pen Testing Certifications Help

Thanks well bit about me. I have a degree in Information Technology most of my Hacking comes from reading books and watching online content. I would say I know what most of the tools are and what they are used for. I have played with nmap, netcat, hydra, JTR , and Aircrack-ng I have also tried some SQL injections and some cross site scripting. I have also read Professional pen testing so I would say my experience is a bit mixed.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Feb 15, 2011 8:23 pm

Re: Pen Testing Certifications Help

<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Wed Feb 16, 2011 4:57 am

Re: Pen Testing Certifications Help

Are you currently working in IT on Helpdesk, Sys Admin, Developer?
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Feb 16, 2011 8:13 am

Re: Pen Testing Certifications Help

@millwalll: Based on your last post, I would go for OSCP.

If you can do basic SQLi on your own (but really if you DARE trying these things on your own), you can take the course.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

millwalll

Post Wed Feb 16, 2011 4:23 pm

Re: Pen Testing Certifications Help

Hi

Thanks for all the reply's I am really considering it.
I am not currently working in IT I am trying to find a job as we speak. I have worked as PC Technician for around 3 years mainly fixing computers, Virus removals etc.
I also have gone through many Video including the Network +and ECH what I really lacks is hands on experience. What is very frustrating as I know given the chance I would learn loads as I tent to pick things up quicker when doing them.

Thanks Jamie
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Feb 16, 2011 4:34 pm

Re: Pen Testing Certifications Help

Do the OSCP and buy lots of lab time if you can. That's a great way to get hands on experience. They've got a pretty interesting lab and you can be exposed to a wide range of vulnerabilities. AND, all the boxes on the lab can be popped.

After you go through the course you can build your own lab of VMs to keep practicing. Good luck!
<<

millwalll

Post Thu Feb 17, 2011 9:12 am

Re: Pen Testing Certifications Help

Thanks for all this information it been really helpful in making me decide my next move :)
<<

anoninde

Post Thu Feb 17, 2011 1:41 pm

Re: Pen Testing Certifications Help

I'm not sure how much this helps, but I actually had no certificates coming into this industry. I have experience initially coding during HS then programming through college. Most of the Pentesters i work with, including myself, have customized attack frameworks, with highly customized tool sets. When you can code your own backdoor, it cuts the need for you to rely on a third party to support your need as a tester.

I would look into C or C++ programing, it certainly cannot hurt. We use Core Impact, Canvas and often times Metasploit for shell management, but our backdoors simply tie into these COTs frameworks. I would also say to go through Metasploit Unleashed, it's free, comprehensive, and will help you greatly with the fundamentals....

My two cents for what they are worth.

Return to Career Central

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software