Over the last few years, more penetration testing and ethical hacking courses have been popping up across various platforms. Sourcing from both popular and relatively unknown authors. As a budding hacker, how do you choose where to spend your precious time and monetary resources?
This article will discuss a handful of available options and leave you with two that I can highly recommend for your first hacking course.
My audience for this post is particular and aligns with my pen test training path. You should be looking for a training program if you:
These recommendations are a bridge between the first infosec certification and the OSCP
Find Quality Programs
One of the things I struggled with starting out is deciding on what to spend time on. As a beginner, we realize that there is so much we must know, and we don’t have all the time in the world. I think this is why certification programs allure us. They condense material down and create a training plan.
The hard part is figuring out which training program is right for us with quality material that will efficiently use our time.
Money is also an issue at this stage. Many of you reading this have student loans, live on your own for the first time, and are being paid under $50k per year. You either have to foot the training bill yourself, or those who are lucky have employers willing to pay a couple of grand a year towards training.
Because of these constraints, we must focus on quality, low-cost options.
So, what makes a quality course? First off, the material should be presented in multiple ways, preferably in videos, written material, labs, and additional references. All of us learn in different ways, and the more of our senses hit with the knowledge, the more likely it will stick.
Secondly, the training program should be a survey-level course, hitting all the major topics we need to know as ethical hackers, pen testers.
Suppose you don’t have access to the course outline. In that case, one of the best signs of quality is a vendor with a good reputation among the pen tester types. SANS, eLearnSecurity, TCM, and EC-Council all have a strong reputation in the cyber security community. They are also standalone providers of training.
Some people may argue that I should include Udemy. While affordable and with some good content, they are more like a collection of training content. I hope to curate the best training courses in the future, but we will leave that for another day.
If you know of any other providers, please let me know, and I will be happy to update my suggestions. They must have an outstanding reputation to be included.
As a quick disclosure, no one has paid me for this blog.
Without further ado, let’s get started with the no’s.
I would say SANS falls in the no category for my target audience. Primarily because of the price point. Typically, the courses run about $7,000. But their labs leave something to be desired. They lack a focus on the methodology and focus only on one technique at a time, with only a handful being covered. On top of that, there really isn’t a capstone unless you do the NetWars, which is additional money.
To me, they just didn’t really hammer at the methodology enough for pen testers. After 3 of their penetration testing courses, I would have been better off doing eLearn and Offensive Security and still saved almost $20k. Thankfully this didn’t come out of my pocket. But even if you could have your employer pay, I would recommend a different provider. This is from a guy who has had 6 GIAC certifications (GSEC, GCIH, GCIA, GPEN, GWAPT, GXPN).
Don’t get me wrong. SANS is a great certification body; they have one of the best reputations, are a morally sound organization, continuously give back, and have quality course materials. However, as a beginner, you need a program that will keep you in the lab, provide plenty of time to practice, and teach you a methodology to lean on. SANS will not do this for you. They are a great place to go for advanced classes but save them for later when an employer can pay the cost.
Next on the chopping block is the EC-Council. They have a good reputation among recruiters and human resources. However, they are not looked at highly in the infosec community, even less so by hackers. Contrary to the name of their most popular certification, “Certified Ethical Hacker,” you will not learn what you need to perform as a pen tester.
I personally have not taken the course. Although, I know people who have. In fact, at one time, I encouraged my mentees to get the certification to increase their chances of landing an interview; Only if they were leaning heavily towards the option already. Recruiters would just drool when they see CEH on a resume. As more alternatives have become available and the tastes of recruiters have changed. So has my opinion.
My mentees have told me that this certification came nowhere near preparing them for the OSCP, which should be your goal. Now I am not saying the CEH is useless. If you have it, good for you. I am just saying that if your goal is to be a pen tester, other programs will prepare you better. You don’t just need another cert right now.
If this is your only “hacking cert,” you will not get an interview for a legit junior pen-testing role. I can almost guarantee this.
To summarize the Certified Ethical Hacker Certification, mark this off your list because of the cost and because you won’t learn what you need to.
Now to move on to organizations, I would recommend.
The Cyber Mentor has become pretty well known over the last couple of years. He has been a presenter at conferences, publishes content on YouTube, has a significant presence on Twitter, and frequently gives away his courses for free or at a minimal cost. Sounds like he is just really good at marketing. He is that. But his content is pretty solid too.
I had the chance to take a peek at his content for the course Practical Ethical Hacking – The Complete Course when he gave it away for free one day. After looking at a few of the videos, and his long content list, it seems like a solid shoe-in here. He also touches on pretty much every topic needed for a baby hacker, including writing reports and career advice. Not to mention, the feedback on social media has also been overwhelmingly positive.
Although TCM, doesn’t host the labs for his courses like many other training providers, he does point you at another resource and provides walkthroughs. For practice, the course uses a very popular and highly recommend site called HackTheBox. You should be spending plenty of time there on your hacker journey whether you go this route or not.
Suppose you want to use him for a certification path. In that case, TCM also offers a pen testing certification called the Practical network Penetration Tester (PNPT). Heath recommends taking two other courses in preparation for the exam. To pass requires you to hack some systems over 5 days, write a report, and present your findings to a panel. The last part is surprising. I haven’t heard of presenting findings for an exam, but that is very real life-oriented. Every pen test project I do requires me to brief someone.
There is a dark side to this certification that plagues every new program. The PNPT is just not well recognized yet. There are zero results on Glassdoor and only 5 on LinkedIn for jobs with the acronym listed.
As an entry-level pen testing course provider, I recommend TCM because it is low cost, contains tons of material, explains topics well, and integrates an external lab.
The final recommendation for training providers is eLearnSecurity/INE. I say both because, at one time, eLearnSecurity was a combined trainer and certification body. Now they have moved training to the INE platform and remain as a certification body only.
The good thing about their model is that you get all the training and labs if you buy the yearly subscription to the cyber security content. For $749, this is 100% worth the money and includes a discount on certification. If you are patient, usually every couple of months, INE provides a discount on their subscriptions. Keep an eye out if you are interested and want to save money.
My suggestion would be to work your way through the Penetration Testing Student and Penetration Testing Professional paths in that order. If you want additional practice, dig into the Web Application and Exploit Development courses as well.
So why do I think they are good. Well, I have experience taking 3 eLearnSecurity exams and working through almost 5 courses. The entry-level material is perfect for beginners. They give you plenty of guidance to keep you moving forward in growing your skillset.
I will tell you that I wouldn’t waste my time on the Advanced Penetration Testing course at this time because it is way out of date. Still, the other classes are great (including the blue team ones 😊).
If you are interested in eLearnSecurity’s certifications, like TCM, they aren’t well recognized yet either. Zero results in Glassdoor and 25 in LinkedIn.
For me, eLearnSecurity/INE is in that sweet spot of quality material, at an affordable price, with integrated labs.
Your goal at this stage is to just learn. Yes, I advise having at least one other pen test certification whether or not it is well known. Accomplishments on your resume just scream, "I am a hard worker." At all times, focus on internalizing the content, getting hands-on with the techniques, and working your way towards the OSCP.
Out the two recommendations, I would go different routes depending on the funds available. Go with eLearnSecurity if you have the money, and go with TCM and an HTB subscription if you are limited on funds. Either way, you should have enough knowledge by then to start in the OSCP lab without the experience being an overwhelming struggle.
Career Advice: Top 5 Tips on How to Become a Pen Tester After College
Tips On Finding a Job in the Infosec World
Silverbits is an infosec practitioner who has spent time in the crazy SOC life, at a help desk, as a penetration tester, doing digital forensics and malware analysis. All together, he has over 7 years of experience in Information Technology.