That is precisely my point! I've met more than one pro that confused the two.Originally Posted by haqking
Ubuntu Member
That is precisely my point! I've met more than one pro that confused the two.
Way Too Much Ubuntu
To obtain OSCP, you need to attend PWB course and passed the exam it provided.
Before you taking PWB, you can read some reviews of the course before taking it. I have two, here and here for your reference. By the way, there are many Pentesting courses out there, such as SANS and etc.
To obtain C|EH, you can attend it's course or self-study and passed the exam.
PWB is an hands-on course while C|EH is most of concept of Pentesting.
Samiux
Last edited by samiux; March 4th, 2013 at 08:08 AM. Reason: fix typo
Systems Samurai
C|EH relates very little to Penetration testing IMO, it is more of a entry level security cert similar to CompTIA Security +, as far as knowledge goes it is all about overall security concepts and rote memorisation of point and shoot (script kiddie) tools many of which are really never used
@OP It is worth having though as alot of employers look for it, but you wont get a Penetration testing job with it.
OSCP however is a much better cert to have as it demonstrates real hands on skills along with OSCE, the PWB course is very good and you can do it in your own time, then take the exam, it is certainly the cheapest course/exam combination out there that is then also worth alot in terms of respect.
SANS GIAC and similar are also worth it, if in the States then GPEN and Tiger and great certs to have to demonstrate hands on, in Europe then CREST and CHECK Team Lead are the beasts to have, CREST CRT maps almost to the PWB (OSCP) course so you could take it without too much extra study.
Regardless of certs though, pen testers and the community dont care what you have on your wall, its all about what you can do, learn to code and learn to write your own and find your exploits as that is all that is worth anything really in the security community.
Peace
Backtrack - Giving machine guns to monkeys since 2006
Kali-Linux - Adding a grenade launcher to the machine guns since 2013
5 Cups of Ubuntu
So you think i shouldnt just install the pentesting OS and just work with ubuntu? That sounds good, but i thought of maybe piecing together my own pentesting "Ubuntu pentesting package". That way I can research the programs I decide to use and get a better idea of how they work. (Instead of copy and paste commands from a tutorial to a program that i dont know anything about, like i would do with backtrack)
I just like knowing all the programs i have installed. I don't really like packages of a bunch of programs created by someone else.
I have time, but not enough time to go though a course. So if you have any recommendations for programs or research articles to check out, please post them.
P.S. Didnt mean to "highjack" the thread, but its about pentesting and you guys seem to know what your doing.
Cookies and cream
I did not realize there were all these replies to this thread. To answer your previous question my home distro is Arch Linux. There are a bunch of do it yourself style distros though if you want to know everything that is on your system (gentoo/funtoo is a good place to learn about the base of the system without going all the way to lfs).
5 Cups of Ubuntu
I would say Backtrack, simply because I have not heard of Blackbuntu. Both sound like they are for script-kiddies though...
Posting Permissions
Adv Reply
Bookmarks