Penetration Testing mailing list archives
Re: GCIA, GSEC, GCIH, CISSP, CEH ???
From: "Cristian Serban" <scrissti () gmail com>
Date: Thu, 20 Dec 2007 19:27:15 +0200
Sans has a new course Advanced Web Application Penetration Testing : http://www.sans.org/training/description.php?tid=1722&portal=de3d570830816b8b870310d573d332c0 On Dec 20, 2007 7:20 AM, Walter Cuestas <wcuestas () gmail com> wrote:
Just to say that every comment about CEH seems to be based on versiones previous to 5 (some comments seems based on books from EC Council and 2 others that are so far from current EC Council material). Today, CEH is the start point and next steps for people who wants to demonstrate their knowledge and expertise, thtrough certifications, are ECSA and finally get LPT (if you need this one). Since the first mail of this thread, I have reviewed every syllabus, exam topics, exam and labs demos, training videos and so on. IMHO, there are just three sources for pen test related certifications : EC Council, ISECOM and Mile2 (based on CEH). SANS has a lot of certifications that are good complement for CEH, OPST, OPSA, CPTS and CPTE, but, I can't find an specific pen test certification from SANS. Also, as all of you know, there is no certification neither a set of exams that really demonstrate the actual knowledge of people. These certifications are just a complement for a professional career. BTW, I have reviewed some of the recommended training based on videos and they seem to be just BackTrack courses.Regards,On Dec 19, 2007 11:49 AM, mgk.mailing < mgk.mailing () googlemail com> wrote:wow, Have been playing with back track for a while but i didnt realise they did certificated courses as well. Thanks for the info mgk Danux wrote:If you really wanna start understanding how to PenTest you should forget CEH its for script kiddies, you MUST try - From BackTrack Creators!!! Offensive-Security Courses. CEH teach you how to use tools but Offensive Security 101 course teach you how to think like a hacker developing your own scripts or exploits, and isc2 gives 40 CPE's for that course. Is excellent, and the certification is called OCSP - Offensive Security Certified Professional (you can get it after passing a 24 hour real hacking test). Check it out: http://www.offensive-security.com/offsec101.php Cheers!!!!! On Dec 17, 2007 12:44 PM, <infolookup () gmail com> wrote:Good day all, I know this is not really a tech-pentest question however I wanted to get some feed back as to what certs/skill set one need to acquire in order to break into the pentest/information assurance/computer forensics job market. I am a about to graduate with my BA in computer system next semester, and I am tring to get into a security related field, I did very little vul-testing/pentesting for friends, or on a few work servers and wifi network. And that was very interesting, but with so many certs and paths out there I wanted to know which ones you guys took so I can get an idea. Thanks in advance.Sent via BlackBerry from T-Mobile ------------------------------------------------------------------------This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads -------------------------------------------------------------------------- Walter Cuestas-- Walter Cuestas Agramonte, CEH Gerente General Phone : 511-97926168 ASEGURAR, SIMPLIFICAR, ACELERAR http://www.open-sec.com http://www.voip-sec.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- Cristian ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- RE: GCIA, GSEC, GCIH, CISSP, CEH ???, (continued)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Bryan Pitts (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Cristian Serban (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Jamie Riden (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Robin Wood (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Pete Herzog (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Danux (Dec 18)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Ardian Silvano (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? mgk.mailing (Dec 19)
- Message not available
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Walter Cuestas (Dec 19)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Ferris, Joe (Dec 20)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Cristian Serban (Dec 20)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Jim Clausing (Dec 20)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Chadha, Sachin (Dec 23)
- RE: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Erin Carroll (Dec 18)
- Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? infolookup (Dec 19)
- Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? xelerated (Dec 19)
- RE: RE: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Erin Carroll (Dec 19)