+ Reply to Thread
Results 1 to 8 of 8
  1. Junior Member
    Join Date
    Jul 2017
    Posts
    10
    #1

    Default Web pen test certificate after Security+

    Hello all,

    I am in the process of studing for the security+ certification.

    When i pass it i am planning to learn more on web application security. So i want suggestions on certificates in that area.

    From what i have searched OSCP and eJPT seem to be good options but i want a begginer cert on web app security.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2013
    Posts
    1,893
    #2
    Since you already looked at elearnsecurity, maybe head back there and check for their web app pentesting courses. I haven't done those specifically but I've heard they're good. Not very recognized but I don't know that many people expect a web app specific pen testing cert either.
    Reply With Quote Quote  

  4. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    965

    Certifications
    Sec+, MTA, MCP
    #3
    Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

  5. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    965

    Certifications
    Sec+, MTA, MCP
    #4
    Check Elearnsecurity, cybrary.it, pluralsight for courses on web pentesting....
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Jul 2017
    Posts
    10
    #5
    My aim is to get a very practical experience from the certificate i will choose.

    Ideally i would want something focusing on the OWASP top 10 as i have already downloaded webgoat andtry to play around but i need structrured learning.

    I don't care much about how recognisable will be the certificate.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Nov 2012
    Location
    Montreal
    Posts
    589

    Certifications
    OSCP, CEH, SSCP, EJPT, CCNA:Security, CCNA:R&S, MCSA:W2K8, Linux+, LPIC-1, SCLA
    #6
    As others have said, eLearnSecurity has a web application course https://www.elearnsecurity.com/cours...ation_testing/. I've never done it but apparently it's not too bad. Or you could go the more expensive route and do the SANS course https://www.sans.org/course/web-app-...thical-hacking.

    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Nov 2012
    Location
    Montreal
    Posts
    589

    Certifications
    OSCP, CEH, SSCP, EJPT, CCNA:Security, CCNA:R&S, MCSA:W2K8, Linux+, LPIC-1, SCLA
    #7
    Quote Originally Posted by ITSpectre View Post
    Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.
    Why avoid a web pen test cert?

    Reply With Quote Quote  

  9. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    965

    Certifications
    Sec+, MTA, MCP
    #8
    Quote Originally Posted by JasminLandry View Post
    Why avoid a web pen test cert?
    That is just me.... If your trying to get into web Pentesting a web pen cert is only going to cover that... Its better to get the eJPT or OSCP because the skills you gain will greatly help you more then a web pen test cert.
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks