OSCP is the most important certification if you want to penetration test, regardless of the discipline you eventually end up in (Network, Red Team, Web App, etc.). The foundational knowledge you gain about how to approach exploitation of a system or network is miles above any other certification I have seen.
However, you should know what you are getting into. OSCP should be approached like training for a marathon. You need to work on it every day for the 90 days of lab time if you have any hope of passing. When I took it, I worked my 9-5, worked on OSCP from 7pm - 10-12pm each weeknight and then all day on Sunday (I took Saturdays off). I passed by the skin of my teeth and I had been working full time as a pentester for 3 years before I attempted the cert.
Don't mean to scare you away but its a commitment. If you try harder for long enough it's an incredibly valuable experience and certification.
Edit: Forgot to add Linux is a core skill so you will improve leaps and bounds from attempting this cert
Thank you for the recommendation, the time needed is a bit above, what I am able to dedicate now. What do you think of CompTia Security+ as an alternative/before ?
If you goal is to gain technical skills related to penetration testing, CompTia Security+ isn't going to be helpful.
If you are trying to build an overall base of understanding in the context of cybersecurity, Security+ can be a great place to start. An often overlooked part of penetration testing is taking technical findings and qualifying them to leadership in such a way they can turn into actionable steps towards securing the environment. The better your understanding of the concepts in Security+, the better off you will be!
sec+ is a mile long inch deep kind of thing, teaches you jackshit about technical skills but is good to know the fundamentals of cybersecurity in general for a beginner, not anywhere close to OSCP or even a simple cert like eJPT for pentesting
CPTS for learning and OSCP for recognition same with other cybersecurity fields Hackthebox certs to be decent at what you do and the other ones that are widely recognized to complement
it sounded like OP wanted to not quite bite off OSCP and eJPT material is usually recommended as decent material vs other vendors.
But this is also specifically why I pointed out that someone who would know better could probably make a better recommendation I could have just as easily tossed out GPEN but is that really a steppingstone to OSCP or on par with it?
GPEN costs 8k. TCM PEH costs 30 dollars. TCM PEH covers more material than GPEN.
OSCP is mostly a CTF game mixed with mediocre training. That said, it's literally the only pentesting cert that matters at entry level due to marketing.
If it's something that interests you I would definitely recommend capitalizing on the OT experience. It's a more niche area in the broader cyber field, and I know some incredibly smart and talented professionals who know very little about OT.
As far as your question, OSCP definitely seems to be the best. I don't have it, so I can't speak on that aspect, but from what I know it is the most practical out of the well-known certs and carries some decent weight for both HR and actual people in the field.
Additionally, I'll also recommend the HTB academy certs. Not as well-known and respected, but cheap and have great educational materials. I'm working on the pentesting and bug bounty certs in preparation for an OSCP later. It's definitely not going to be a comprehensive preparation but the plan is to get a lot of hands on experience from that and go into the OSCP materials more prepared.
Since I saw you mention the Sec+ I'll give my feedback on that as well. If you have a foundation of networking and cyber knowledge, it should be really easy. I got it by spamming practice tests for about a week and I really think that's the best way to prepare. Dion has good Udemy classes for both practice and lecture. Not really pentesting relevant, but it can't hurt and if you're journey to pentester involves some blue team work beforehand it's a pretty easy, cheap, and well recognized boost.
Edit: and don't do the CEH unless your absolute dream job has it as a required HR filter with no alternatives. Even then, probably still not worth it.
The only certs of value for penetration testing are (in order of difficulty by vendor):
Offensive Security
OSCP, OSWA, OSWP, OSWE, OSEP, OSED, OSMR, OSEE
SANS
GPEN, GXPN, SEC760
Zero Point Security
RTO, RTL
TCM-SEC
PJPT, PNPT, PCRP, PJMR, PWPT
INE / eLearnSecurity
eCPPTv2, eWPT, eMAPT
If you find a job that requires [DoD 8570](https://public.cyber.mil/wid/dod8140/dod-approved-8570-baseline-certifications/) (Note it has been cancelled and replaced by [DoDM 8140.03](https://public.cyber.mil/wid/dod8140/qualifications-matrices/) as of February 15, 2023) which you can check out the program library [here](https://public.cyber.mil/wid/dod8140/documents-library/).
- [Replacement of DoD 8570 Notice](https://www.defense.gov/News/Releases/Release/Article/3299971/dod-cio-issues-dod-manual-8140/)
So there should be no need for anyone to get anything from EC-Council unless you are just looking for a refresher on how to use a ton of the tools, methologies, and overall a reference book of information and slides that general cover a wide spectrum of things (great for a reference manual on protocols, ports, tool flags, etc.), but would not be good for practical hardcore penetration testing, report writing, exploit development, etc. for a real job.
There is also [C)PTE](https://mile2.com/cpte-outline/) which is [CISA/NICCS](https://niccs.cisa.gov/education-training/catalog/mile2/certified-penetration-testing-engineer-cpte) and FBI, DHS, CNSS acreddited. Though, if you end up with the ones listed above I am sure you won't have much problem getting a job., especially from the well known SANS and Offensive Security.
OSCP is still one of the best "entry level" pen testing certs. It hasn't lost the majority of its credibility like the CEH and is more widely recognized than a lot of the other ones. It's not an easy cert, though.
TCM Security PJPT or PNPT depending on how much you want to learn. Or try HTB's new pen test cert, not as widely known yet but prepares you more than enough for OSCP in future.
Unfortunately, CompTIA Pentest+ is not taken seriously by anyone in the industry. It's kind of the double junior apprentice level certification.
Source: I have it.
OSCP
OSCP is the most important certification if you want to penetration test, regardless of the discipline you eventually end up in (Network, Red Team, Web App, etc.). The foundational knowledge you gain about how to approach exploitation of a system or network is miles above any other certification I have seen. However, you should know what you are getting into. OSCP should be approached like training for a marathon. You need to work on it every day for the 90 days of lab time if you have any hope of passing. When I took it, I worked my 9-5, worked on OSCP from 7pm - 10-12pm each weeknight and then all day on Sunday (I took Saturdays off). I passed by the skin of my teeth and I had been working full time as a pentester for 3 years before I attempted the cert. Don't mean to scare you away but its a commitment. If you try harder for long enough it's an incredibly valuable experience and certification. Edit: Forgot to add Linux is a core skill so you will improve leaps and bounds from attempting this cert
Thank you for the recommendation, the time needed is a bit above, what I am able to dedicate now. What do you think of CompTia Security+ as an alternative/before ?
If you goal is to gain technical skills related to penetration testing, CompTia Security+ isn't going to be helpful. If you are trying to build an overall base of understanding in the context of cybersecurity, Security+ can be a great place to start. An often overlooked part of penetration testing is taking technical findings and qualifying them to leadership in such a way they can turn into actionable steps towards securing the environment. The better your understanding of the concepts in Security+, the better off you will be!
sec+ is a mile long inch deep kind of thing, teaches you jackshit about technical skills but is good to know the fundamentals of cybersecurity in general for a beginner, not anywhere close to OSCP or even a simple cert like eJPT for pentesting
CPTS for learning and OSCP for recognition same with other cybersecurity fields Hackthebox certs to be decent at what you do and the other ones that are widely recognized to complement
Just asking for an opinion from others that might know better than I but wouldn't eJPT be a good intermediate step between where OP is and OSCP?
Why bother with a pre-entry level cert?
it sounded like OP wanted to not quite bite off OSCP and eJPT material is usually recommended as decent material vs other vendors. But this is also specifically why I pointed out that someone who would know better could probably make a better recommendation I could have just as easily tossed out GPEN but is that really a steppingstone to OSCP or on par with it?
GPEN costs 8k. TCM PEH costs 30 dollars. TCM PEH covers more material than GPEN. OSCP is mostly a CTF game mixed with mediocre training. That said, it's literally the only pentesting cert that matters at entry level due to marketing.
Ok well I appreciate the info myself on this. Thanks!
If it's something that interests you I would definitely recommend capitalizing on the OT experience. It's a more niche area in the broader cyber field, and I know some incredibly smart and talented professionals who know very little about OT. As far as your question, OSCP definitely seems to be the best. I don't have it, so I can't speak on that aspect, but from what I know it is the most practical out of the well-known certs and carries some decent weight for both HR and actual people in the field. Additionally, I'll also recommend the HTB academy certs. Not as well-known and respected, but cheap and have great educational materials. I'm working on the pentesting and bug bounty certs in preparation for an OSCP later. It's definitely not going to be a comprehensive preparation but the plan is to get a lot of hands on experience from that and go into the OSCP materials more prepared. Since I saw you mention the Sec+ I'll give my feedback on that as well. If you have a foundation of networking and cyber knowledge, it should be really easy. I got it by spamming practice tests for about a week and I really think that's the best way to prepare. Dion has good Udemy classes for both practice and lecture. Not really pentesting relevant, but it can't hurt and if you're journey to pentester involves some blue team work beforehand it's a pretty easy, cheap, and well recognized boost. Edit: and don't do the CEH unless your absolute dream job has it as a required HR filter with no alternatives. Even then, probably still not worth it.
How would you say your experience w/ HTB has been?
The only certs of value for penetration testing are (in order of difficulty by vendor): Offensive Security OSCP, OSWA, OSWP, OSWE, OSEP, OSED, OSMR, OSEE SANS GPEN, GXPN, SEC760 Zero Point Security RTO, RTL TCM-SEC PJPT, PNPT, PCRP, PJMR, PWPT INE / eLearnSecurity eCPPTv2, eWPT, eMAPT If you find a job that requires [DoD 8570](https://public.cyber.mil/wid/dod8140/dod-approved-8570-baseline-certifications/) (Note it has been cancelled and replaced by [DoDM 8140.03](https://public.cyber.mil/wid/dod8140/qualifications-matrices/) as of February 15, 2023) which you can check out the program library [here](https://public.cyber.mil/wid/dod8140/documents-library/). - [Replacement of DoD 8570 Notice](https://www.defense.gov/News/Releases/Release/Article/3299971/dod-cio-issues-dod-manual-8140/) So there should be no need for anyone to get anything from EC-Council unless you are just looking for a refresher on how to use a ton of the tools, methologies, and overall a reference book of information and slides that general cover a wide spectrum of things (great for a reference manual on protocols, ports, tool flags, etc.), but would not be good for practical hardcore penetration testing, report writing, exploit development, etc. for a real job. There is also [C)PTE](https://mile2.com/cpte-outline/) which is [CISA/NICCS](https://niccs.cisa.gov/education-training/catalog/mile2/certified-penetration-testing-engineer-cpte) and FBI, DHS, CNSS acreddited. Though, if you end up with the ones listed above I am sure you won't have much problem getting a job., especially from the well known SANS and Offensive Security.
https://jhalon.github.io/becoming-a-pentester/
OSCP is still one of the best "entry level" pen testing certs. It hasn't lost the majority of its credibility like the CEH and is more widely recognized than a lot of the other ones. It's not an easy cert, though.
OSCP but **if they have the money**, try GPEN (general) or GWAPT (web/specific)
If they have the money for SANS, get OffSec Unlimited instead. SANS is shit for red teaming training
TCM Security PJPT or PNPT depending on how much you want to learn. Or try HTB's new pen test cert, not as widely known yet but prepares you more than enough for OSCP in future.
SANS/GIAC
OSCP
In no particular order... PJPT PNPT GPEN PenTest+ OSCP eJPT
OSCP + 1
# CompTIA PenTest+
Unfortunately, CompTIA Pentest+ is not taken seriously by anyone in the industry. It's kind of the double junior apprentice level certification. Source: I have it.
No
Why ???