Underrated Ethical Hacking Certs (Better than OSCP)

UnixGuy | Cyber Security

1 Oct 202417:11

Summary

TLDRThe video discusses alternatives to the OSCP (Offensive Security Certified Professional) certification for those starting out in ethical hacking or cybersecurity. It critiques the high cost and difficulty of OSCP for beginners and highlights better options like TryHackMe, Hack The Box CPTS, and others. These alternatives offer affordable, hands-on training to build practical skills in penetration testing and cybersecurity. The speaker emphasizes the importance of choosing beginner-friendly certifications, focusing on practical skills for job interviews, and exploring red teaming for advanced learners.

Takeaways

💡 The OSP (Offensive Security Certified Professional) is considered the gold standard for ethical hacking certifications, but it's expensive and difficult, especially for beginners.
🛑 OSP costs about $1,649 for one exam attempt and 90 days of lab access, and many people need more time and attempts, leading to higher costs.
🙅 C (Certified Ethical Hacker) is not recommended either, as it’s multiple-choice based and lacks practical, hands-on training.
💪 Try Hack Me is a highly recommended, beginner-friendly, and affordable platform for learning ethical hacking, offering courses with hands-on experience.
🎯 Beginners should start with Try Hack Me’s 'Pre-Security' and 'Introduction to Cyber Security' courses to build a solid foundation in networking, Linux, and basic security.
🚀 For those ready to advance, Try Hack Me’s 'Junior Penetration Testing' course offers intermediate-level learning on web applications, network security, and privilege escalation.
🏋️ Hack The Box's CPTS (Certified Penetration Testing Specialist) is another recommended course for those seeking deeper knowledge and challenges in penetration testing.
🧠 INE’s EJPT (eLearnSecurity Junior Penetration Tester) and ECPPT (eLearnSecurity Certified Professional Penetration Tester) are praised for their hands-on, structured learning.
🏁 Red Team training, like Zero Point Security's Red Team Ops 1 & 2, is for advanced learners looking to emulate real-world hacking scenarios.
🔀 For those unsure about penetration testing, focusing on general cybersecurity skills and defensive technologies before diving into penetration testing is a good approach.

Q & A

What is the OSP certification, and why is it considered the gold standard?
-The OSP (Offensive Security Professional) certification is known for being the gold standard in ethical hacking and penetration testing because it focuses on hands-on, practical knowledge. Passing the OSP exam demonstrates a practical level of skill necessary for penetration testing jobs.
Why is the OSP certification not recommended for beginners?
-The OSP certification is costly, challenging, and time-consuming for beginners. It costs around $1,649 for one exam attempt and 90 days of lab access. Most beginners require more than 90 days and often need multiple attempts, leading to frustration and higher costs.
What are some alternative certifications or courses recommended for beginners?
-Alternatives like TryHackMe and Hack The Box are recommended for beginners. They offer practical, hands-on training at a lower cost. Courses like TryHackMe's Pre-Security and Introduction to Cyber Security are beginner-friendly and build foundational knowledge.
Why is focusing only on free challenges and Capture the Flag (CTF) exercises not enough to land a cybersecurity job?
-Free challenges and CTF exercises provide limited practical skills. Employers seek candidates with comprehensive training and certifications, which demonstrate the ability to handle real-world cybersecurity tasks beyond just completing challenges.
What makes TryHackMe's junior penetration testing learning path valuable for beginners?
-TryHackMe's junior penetration testing learning path is rated intermediate but provides a structured, step-by-step approach to learning offensive security. It covers important topics like web application security, network security, and privilege escalation, essential for ethical hacking.
How does Hack The Box's CPTS course differ from OSP?
-Hack The Box's CPTS (Certified Penetration Testing Specialist) course is more challenging than OSP, with a 10-day exam compared to OSP's 24-hour exam. CPTS is highly respected in the hacking community and provides deeper, hands-on knowledge, making it ideal for experienced learners.
What is the role of Red Teaming in penetration testing?
-Red Teaming is an advanced form of penetration testing where testers simulate real-world attacks to assess an organization's security. Red Teaming requires advanced skills in reconnaissance, active directory exploits, and access without detection, making it more challenging than regular penetration testing.
What is the eJPT certification, and who is it for?
-The eJPT (eLearnSecurity Junior Penetration Tester) certification is ideal for beginners who want an introduction to penetration testing. It provides hands-on knowledge and covers essential cybersecurity topics, even for those not interested in becoming full-time penetration testers.
What are the key differences between the OSP exam and its training program?
-While the OSP exam is highly regarded, the training provided by Offensive Security is often criticized for being inadequate. The training lacks structure and requires learners to figure out much on their own, whereas other programs like Hack The Box or INE offer more comprehensive and practical training.
What should someone who doesn't want to be a penetration tester focus on instead?
-If someone isn't aiming to become a penetration tester, they should focus on broader cybersecurity training. Courses in defensive technologies, general cybersecurity knowledge, and GRC (Governance, Risk, and Compliance) are good starting points for those wanting a more generalist role in cybersecurity.