Underrated Ethical Hacking Certs (Better than OSCP)

00:00

so you're looking to do some ethical

00:01

hacking training and you consider doing

00:04

the OSP because it's the gold standard

00:07

for ethical hacking jobs or perhaps

00:09

you're trying to land your first cyber

00:10

security job but you don't necessarily

00:13

want to be a full-time penetration

00:15

tester instead you just want to feel

00:17

more confident in your ability to apply

00:19

for cyber security jobs and do well in

00:22

interviews therefore you looked into

00:24

doing some ethical hacking

00:26

certifications and you came across

00:28

something like C or or OSP we'll talk

00:31

about C later in this video but for

00:34

those of you who don't know OSP is

00:36

considered the gold standed for hacking

00:39

certifications because the exam is fully

00:41

Hands-On and practical therefore passing

00:44

the OSP exam proves that you have the

00:47

minimum level of practical knowledge

00:49

required to do the job nearly every

00:51

full-time penetration testing role is

00:54

asking for the OSP but the question is

00:57

if you're a beginner should you do the

00:58

OSP or should you do something more

01:01

beginner friendly like C will spoiler

01:04

alert but the answer to both is no

01:07

that's because the ocp has so many

01:10

problems with the biggest one being the

01:12

price as of the time of recording this

01:14

video it costs about

01:16

$1,649 us for one exam attempt and 90

01:20

days access to their lab but the real

01:22

problem is most people especially

01:24

beginners end up needing a lot more than

01:27

90 days to just finish the training and

01:29

do the labs not only that but most

01:32

people usually need more than one exam

01:34

attempt therefore it ends up costing you

01:37

thousands of dollars and hours upon

01:39

hours of frustration and some people

01:41

even lose their confidence as they study

01:43

for the ocp which is not what you want

01:46

if you're embarking on a journey to land

01:48

your first cyber security job now the C

01:51

is even worse it's a multiple choice

01:53

exam that doesn't give you any practical

01:55

skills that you can Showcase in the

01:57

interview and therefore it will not give

02:00

you the confidence to answer anything in

02:02

the interview so what should you do well

02:04

what if I told you that things have

02:06

changed there are newer and far better

02:09

options out there that are suitable for

02:11

someone who's starting from zero and

02:13

wants to gain Hands-On practical ethical

02:16

hacking knowledge that are not only

02:18

cheaper than the ocp but the quality of

02:21

the training is a lot higher you'll gain

02:24

the confidence to do well in the

02:25

interview and truly Excel on the job I'm

02:28

going to take you through five training

02:30

courses and certifications that are not

02:32

only cheaper and better than the OSP but

02:35

doing them will make passing the OSP a

02:38

lot easier starting with the first and

02:40

possibly the most underrated one in the

02:42

list which is number one try hack me if

02:45

you've been watching my videos for a

02:46

while you know I love try hackme they

02:49

are one of my absolute favorite

02:51

platforms to learn because of two

02:53

reasons first they are extremely

02:55

beginner friendly they have courses that

02:57

will give you the background necessary

02:59

for someone someone who's never done any

03:01

technical work before but second and

03:03

more importantly is they are extremely

03:05

affordable they have a ton of free stuff

03:08

and their subscription cost something

03:10

like $10 per month and on top of that

03:12

they have a generous discount for

03:14

students which is absolutely crazy but

03:17

the biggest mistake that I see beginners

03:19

make with tryck me is that they go and

03:22

only do the free stuff that try hack me

03:24

offer and they spend so much time on

03:26

these challenges and capture the flags

03:28

now listen of been in this industry for

03:31

a very long time and I've helped

03:32

hundreds of individuals just like you

03:34

learn their first cyber security job by

03:36

following advice that I post on my

03:39

videos in fact I post success stories

03:41

every week from individuals from all

03:44

around the world who manag to land a

03:46

cyber security job following my advice

03:48

so trust me when I tell you this doing

03:51

capture the flags and free courses alone

03:53

is not enough to L you a cyber security

03:56

job for the most cases you need to focus

03:59

on proper training and certification

04:01

programs with try hackme the real value

04:04

is in the courses that I'm about to show

04:06

you if you're brand new and you've never

04:08

done any technical work before then you

04:10

need to start with two courses that they

04:12

have which are the pre-security this

04:15

will give you an introduction to the

04:17

world of offensive security it will go

04:19

over the basics of networking of Windows

04:22

of Linux which is a necessary background

04:24

for someone who wants to learn

04:26

penetration testing the next course that

04:28

you need to do if you start starting

04:30

from zero is called introduction to

04:32

cyber security this will give you more

04:34

knowledge in the world of cyber security

04:36

and penetration testing it will go over

04:39

web application security operating

04:41

system security and network security it

04:44

will even introduce you to digital

04:46

forensics and security operations whilst

04:48

these are not exclusive to penetration

04:50

testing however this knowledge is

04:52

important for anyone who's embarking on

04:55

a journey to learn cyber security and

04:57

ethical hacking but the real value is in

04:59

their harder and more challenging

05:01

training certification programs so the

05:04

first penetration testing course from

05:06

trackme is the junior penetration

05:08

testing learning path the difficulty for

05:10

this course is rated intermediate so it

05:13

is more challenging than the

05:14

pre-security and the introduction to

05:16

cyber security this one will introduce

05:18

you to the world of offensive security

05:20

and penetration testing and on section

05:23

three it will take you through web

05:25

application penetration testing which is

05:27

a really important topic for ethical

05:29

hacking

05:30

and then section four goes over bird

05:32

Suite with Section Five focusing on

05:34

network security section six goes

05:36

through vulnerability research and

05:38

section seven goes over Metasploit and

05:41

ending with Section 8 which is a

05:43

slightly more advanced topic that is

05:45

privilege escalation offensive security

05:48

learning path yes this will have room

05:50

and exploitations and Capture the Flag

05:52

style but it's structured in a way to

05:54

teach you a subject so they have an

05:56

advanced exploitation section with so

05:59

many challeng Alles that will build out

06:01

your skills in a stepbystep manner but

06:03

then we have section three which is

06:05

dedicated to an advanced topic we call

06:07

Buffer overflow exploitation and then on

06:10

section four it goes over active

06:12

directory which is absolutely crucial

06:14

for penetration testing and in section

06:16

five it goes over more challenges now

06:19

this learning path is a fairly Advanced

06:21

learning path it is not easy and in

06:24

terms of difficulty it's rated as

06:26

intermediate but the next one is a

06:28

really challenging one this one is

06:30

called the red teaming learning path red

06:32

teaming is a more advanced form of

06:34

penetration testing where you emulate a

06:36

real group of hackers so you need to

06:38

know a lot about reconnaissance and

06:40

gaining access without any assistance

06:43

but you also need to be really well

06:44

versed in active directory exploits

06:47

amongst other Advanced Techniques as

06:49

well as you can see the course consists

06:52

of six sections starting with the

06:54

fundamentals of red teaming and ending

06:56

with a fairly Advanced topic which is

06:58

compromising active directory this is

07:01

the bread and butter of red teams now

07:03

this course is rated hard which means

07:06

it's meant to be Advanced and

07:08

challenging now for those who don't want

07:10

to be ethical hackers perhaps you want

07:12

to work in a security Operation Center

07:14

or you want to work in GRC then you

07:17

don't need to do all of these courses

07:19

the junior penetration testing course is

07:21

enough for your purposes but if you want

07:24

to challenge yourself more and do the

07:26

ocp then the next course that I'm about

07:28

to recommend will will not only make

07:30

passing the OSP a lot easier but in fact

07:33

the training course itself is so much

07:36

better than the OSP and it's cheaper

07:39

which is the second CA on the list

07:40

number two hack the box cpts now I have

07:43

recommended hack the Box before in my

07:46

videos but I also noticed that beginners

07:48

tend to make the same mistake with hack

07:50

the box that they do with try hack me

07:52

they only focus on the free stuff and

07:54

the challenges and the capture the flags

07:57

whilst they neglect the one thing that

07:59

will actually get them hired which is

08:01

the important training and certification

08:03

programs this is where the real value is

08:06

at now the cpts is like every other

08:09

course that I've ever recommended in my

08:11

life it's practical and handson now the

08:14

course itself includes all the knowledge

08:16

that you need to learn and pass the exam

08:19

however I did find that the course can

08:21

be challenging for absolute beginners

08:24

especially if you're someone who don't

08:25

have a lot of technical knowledge I

08:28

recommend you start with try hack me

08:30

first it will make your life a lot

08:31

easier than if you started right away

08:33

with hack the box and just like try hack

08:36

me hack the Box have a generous discount

08:38

for students I'll leave a link to the

08:40

course in the description box under the

08:42

video and trust me when I tell you this

08:44

the cpts exam is a lot harder than the

08:48

OSP the cpts exam is 10 days long what's

08:52

the OSP is 24 hours but not only that

08:56

the nature of the exam itself and the

08:58

way it's structure make makes it a lot

09:00

more challenging than the ocp therefore

09:03

if you pass the cpts then you definitely

09:06

know your way around penetration testing

09:08

and you'll be able to demonstrate that

09:10

in an interview setting and on the job

09:12

not only that but passing the OSP so

09:16

much easier in fact just doing the cpts

09:19

alone might land you a penetration

09:21

testing job because hack the box cpts is

09:25

really well respected in the hacking

09:27

Community now the next training that I'm

09:29

about to to recommend for you is one

09:31

that I don't see so many people talk

09:33

about online which is really

09:35

disappointing because they remain one of

09:37

my absolute favorite training providers

09:40

but before we get to that a word from

09:41

our sponsor not pass business not pass

09:44

business is an intuitive password

09:46

manager ideal for businesses and

09:48

individuals because it's proven to

09:50

improve productivity not only that but

09:53

not pass ensures the highest privacy and

09:56

security standards for customers through

09:58

end toin encryption and zero knowledge

10:01

architecture in fact a great use for

10:03

northp business is using it to adhere to

10:06

cyber security compliance standards

10:08

because North pass serves as a secure

10:11

access solution that can help your

10:13

organization meet security standards

10:15

such as ISO 2701 sock 2 and even heppa

10:19

now did you know that it help this

10:21

Staffing alone can cost around $1

10:24

million per year for some large

10:26

organizations and guess what consumes a

10:28

lot of their resources it's resting

10:31

passwords but not pass is proven to

10:33

improve efficiency in that regard now

10:36

another big problem that organization

10:37

struggle with is convenient especially

10:40

when you have a large number of

10:41

passwords to manage but with not pass

10:44

business you cannot only have your

10:46

passwords managed but you can also use

10:48

the auto login feature to make login

10:50

seamless and convenient nor pass

10:53

business can also create strong

10:55

passwords by default with easy to

10:57

configure password policy now resarch

10:59

shown that on average it takes an

11:01

organization 121 days to find out that

11:04

they have a data breach which is

11:06

absolutely crazy but with not pass data

11:08

breach notification option you can

11:10

change any compromised password before

11:13

any damage is done but best of all you

11:15

can try n pass for 3 months for free and

11:18

they've given us an exclusive deal over

11:20

a 20% discount check it out at NP

11:23

pass.com Unix guy and use the activation

11:26

code Unix guy it's a limited time offer

11:29

so please check it out and back to the

11:31

video the next training provider which

11:33

is number three

11:34

in formerly known as e-n Security in my

11:38

experience all the courses are topnotch

11:42

if you just want an introduction to

11:44

penetration testing then I highly

11:46

recommend the beginner training course

11:48

which is ejpt it will give you the

11:50

Hands-On knowledge that you need to be a

11:52

well-rounded cyber security professional

11:55

this is ideal for those who don't want

11:57

to be penetration testers but they still

11:59

want to gain that knowledge I remember

12:01

doing this course when it was first

12:03

introduced years ago and it was

12:05

absolutely fantastic whereas if you want

12:07

to do a deep dive into penetration

12:09

testing then ecpp is the course that

12:12

you're looking for it's an absolutely

12:14

brilliant training and it covers similar

12:16

topics to OSP except the training itself

12:19

in my opinion is so much better than OSP

12:22

I leave a link to both these courses in

12:24

the description box under the video now

12:26

between you and me I think the OSP exam

12:29

is really good because it can prove that

12:32

you have the practical skills that we

12:34

need in penetration testing jobs but

12:36

what I really don't like is the ocp

12:39

training that's provided by offensive

12:41

security I think it can definitely be

12:43

improved and I don't necessarily agree

12:44

with their Mantra of trada the training

12:47

itself in my opinion is a little bit

12:49

lacking and saying things like trada is

12:52

just not good enough in my opinion I

12:54

think that training itself can

12:55

definitely improve whereas in training

12:57

courses like ecpp or hack the box or any

13:00

of the other courses that I mentioned

13:02

the training itself is fairly

13:03

comprehensive and it will give you

13:05

everything that you need to pass the

13:07

exam the whole point of a training

13:09

course is that it give you a structure

13:10

and it saves you time the point of a

13:12

training course is not to spend all your

13:14

time spinning your wheels and going to

13:16

Google every single thing I'm curious to

13:18

see what everyone thinks about that now

13:20

INE as a platform they have cyber

13:22

security training courses that cover

13:24

literally every aspect of cyber security

13:26

they have web app penetration testing

13:28

courses mobile phone penetration testing

13:30

courses even digital forensics and

13:32

threat hunting they literally cover

13:34

everything in cyber security so if you

13:36

want to be an expert in your field then

13:39

you have no excuse you can simply go

13:41

through the training course and gain the

13:42

practical skills that you need for the

13:44

job now the next training provider have

13:46

a very similar approach to in they have

13:49

practical courses that cover a wide

13:51

range of cyber security topics but their

13:54

prices are extremely competitive which

13:56

is number four on the list tcmc I'm a

13:59

big fan of their Flagship course pntp I

14:03

think it's a phenomenal penetration

14:05

testing course it covers topics similar

14:07

to ecpp and ocp it gives you practical

14:11

knowledge and it gives you the skills

14:12

that we need on the job so now you have

14:15

so many options to learn the important

14:17

topics and to gain the skills of a

14:19

hacker you honestly can't go wrong with

14:21

any of the courses that are recommended

14:23

so far you've got options this is a good

14:26

thing and trust me I only wish I had

14:29

access to these courses that you have

14:30

when I first started my career we

14:32

literally had nothing now for those

14:34

freaks out there who want to take things

14:36

a step further and you still want to

14:38

challenge yourself even more then the

14:41

next step for you will be red teaming

14:43

skills which as we touched on brief when

14:45

we talked about try hackme red teaming

14:47

is essentially emulating what real

14:49

hackers do so usually you're expected to

14:52

have a lot more skills and it's a lot

14:53

more advanced than your regular

14:55

penetration test so if this is what

14:57

you're after then the next training

14:59

provider is one that most of you haven't

15:02

even heard of in fact I've personally

15:05

discovered them recently which is number

15:07

five on the list Zero Point Security

15:10

they have two fantastic red teaming

15:12

courses but they are absolutely not for

15:15

the faint of heart these are fairly

15:17

Advanced courses you so you need to come

15:19

prepared this is something that you do

15:22

after passing your ocp or after you do

15:25

your pntp or ecpt or hack the Box this

15:28

is not something that you start with the

15:30

courses are red team Ops one and Red

15:34

Team Ops 2 the exam for red team Ops one

15:37

is 4 days long and the exam for red team

15:40

Ops 2 is 8 days long as I said those are

15:43

extremely challenging courses but the

15:45

quality is absolutely topnotch I'll

15:48

leave a link to both these courses in

15:49

the description box under the video now

15:51

the important question that you need to

15:53

ask yourself is what if I don't want to

15:55

be a penetration tester should I still

15:58

do some of these Advanced courses like

16:00

pntp or cpts or ecppt what if I'm not

16:04

sure that I want to be a penetration

16:06

tester at all well that's an excellent

16:08

question and it's something that you

16:09

need a lot of clarity on because I'll be

16:12

honest with you here whilst penetration

16:14

testing and ethical hacking jobs they

16:16

pay a lot of money but they also have

16:18

their own set of challenges they are

16:20

definitely not for everyone so should

16:22

you still do penetration testing

16:24

training the honest answer is yes but

16:27

they shouldn't be what you start your

16:28

Learning Journey with instead I will aim

16:30

to take more of a generalist approach to

16:33

cyber security so I would aim to learn

16:35

first something like defensive

16:37

Technologies generalist cyber security

16:39

knowledge and even GRC penetration

16:42

testing is something that I would

16:43

personally do later once you learn that

16:46

first cyber security job then you can

16:48

spend the rest of your life doing

16:50

penetration testing training if so you

16:52

desire now if you want a stepbystep

16:55

guide on how to start your journey of

16:57

becoming a generalist cyber security

16:59

professional starting from zero then I

17:02

created this video with detailed

17:04

instructions on exactly how to do it in

17:07

the fastest and cheapest way possible so

17:09

check it out and I'll see you there