The OSCP has been the suggested “go to” certification for penetration testers since I have been in the infosec field; almost been six years as of this writing. At one time, it was the only pen tester certification around. We used to call it the “hacker high school diploma.”
To this day, I still suggest this to budding practitioners. But the question is, with so many other fish in the pen tester certification pond, is the OSCP still worth the effort or are there better options?
This post will examine the OSCP to determine if it is still the most viable entry-level certification for breaking into the ethical hacking field.
*Fun fact, the certification was release in 2006 under the name “Offensive Security 101.”
Over the last few years, more penetration testing and ethical hacking courses have been popping up across various platforms. Sourcing from both popular and relatively unknown authors. As a budding hacker, how do you choose where to spend your precious time and monetary resources?
This article will discuss a handful of available options and leave you with two that I can highly recommend for your first hacking course.
My audience for this post is particular and aligns with my pen test training path. You should be looking for a training program if you:
These recommendations are a bridge between the first infosec certification and the OSCP
Penetration Testing is one of the most sought-after careers for new cyber security college graduates. I don’t know how many times I have had an intern or mentee who has said that their goal was to be a pen tester. By no means is it an easy road. It takes passion and dedication to put in the hours to gain the required knowledge to just pass an interview. I think just as often, when I discuss the journey, people decide to take a different path.
This blog will discuss my recommendations to go from an infosec college student with no industry experience to a junior pentester. In another blog, we will dive into the career itself and the day to day life.
By no means is this the only method of achieving your dream. But this is my recommended approach based on my experiences completing the journey and mentoring others in the ethical hacker track.
This past week I dove in to take the new beta version of CompTIA’s Pentest+ version PT0-002. Since I did a terrible job of reading the contract and remembering what I can disclose, I will try to be careful. But CompTIA, feel free to message me if I reveal anything I shouldn’t. I will discuss how the exam went for me, my thought on the material covered, and my recommendations for how to study.