+ Reply to Thread
Results 1 to 8 of 8
  1. Junior Member
    Join Date
    Jul 2017
    Posts
    14
    #1

    Default Web pen test certificate after Security+

    Hello all,

    I am in the process of studing for the security+ certification.

    When i pass it i am planning to learn more on web application security. So i want suggestions on certificates in that area.

    From what i have searched OSCP and eJPT seem to be good options but i want a begginer cert on web app security.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2013
    Posts
    1,944
    #2
    Since you already looked at elearnsecurity, maybe head back there and check for their web app pentesting courses. I haven't done those specifically but I've heard they're good. Not very recognized but I don't know that many people expect a web app specific pen testing cert either.
    Reply With Quote Quote  

  4. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    997

    Certifications
    Sec+, MTA, MCP
    #3
    Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

  5. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    997

    Certifications
    Sec+, MTA, MCP
    #4
    Check Elearnsecurity, cybrary.it, pluralsight for courses on web pentesting....
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Jul 2017
    Posts
    14
    #5
    My aim is to get a very practical experience from the certificate i will choose.

    Ideally i would want something focusing on the OWASP top 10 as i have already downloaded webgoat andtry to play around but i need structrured learning.

    I don't care much about how recognisable will be the certificate.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Nov 2012
    Location
    Montreal
    Posts
    589

    Certifications
    OSCP, GWAPT, CEH, SSCP, EJPT, CCNA:Security, CCNA:R&S, MCSA:W2K8, Linux+, LPIC-1, SCLA
    #6
    As others have said, eLearnSecurity has a web application course https://www.elearnsecurity.com/cours...ation_testing/. I've never done it but apparently it's not too bad. Or you could go the more expensive route and do the SANS course https://www.sans.org/course/web-app-...thical-hacking.

    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Nov 2012
    Location
    Montreal
    Posts
    589

    Certifications
    OSCP, GWAPT, CEH, SSCP, EJPT, CCNA:Security, CCNA:R&S, MCSA:W2K8, Linux+, LPIC-1, SCLA
    #7
    Quote Originally Posted by ITSpectre View Post
    Honestly I would get the eJPT then OSCP then OSCE.... I would avoid a web pen test certificate.
    Why avoid a web pen test cert?

    Reply With Quote Quote  

  9. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    997

    Certifications
    Sec+, MTA, MCP
    #8
    Quote Originally Posted by JasminLandry View Post
    Why avoid a web pen test cert?
    That is just me.... If your trying to get into web Pentesting a web pen cert is only going to cover that... Its better to get the eJPT or OSCP because the skills you gain will greatly help you more then a web pen test cert.
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks