Not really worth it if you are paying for it yourself. 6. The GPEN is a written test where OSCP is a practical CTF. GPEN is fantastic but super expensive. The GXPN is newerand considered for advaced pent testers. SysAdmin, Networking, and Security (SANS) is an institute which offers multiple course and certifications with GIAC Penetration Tester (GPEN) being the most popular one. If you want a more theory based certificate, then you go for CEH or GPEN. GCIH is targeted at incident handlers. The candidate must then submit a comprehensive penetration test report at the conclusion of their exam. GIAC also has a cert for app pent testers called GWAPT which is focused on web apps. Becoming a penetration tester or a certified ethical hacker is an excellent career goal. If it were my own dollar and cert prestige didn't matter, I could have learned a lot using the eLearnSecurity path and a Georgia Weidman book. As far as certification and training goes, the OSCP is very affordable. The OSCP certification is awarded on being able to successfully crack five machines in 24 hours. Organizations often task security personnel with the responsibility of finding security loopholes on target networks and systems. Offensive Security Certified Professional (OSCP) is an ethical hacking certification offered by Offensive Security that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution (successor of BackTrack). One machine (‘box’) will be the most difficult and will hold the maximum points, while the others will address your skills in being able to hack boxes using enumeration, exploitation, and post-exploitation techniques. 4. 4 days ago. An introduction to the Offensive Security Certified Professional (OCSP) Certification. I'm hoping the PWK/OSCP journey helps challenge me in new ways (not using metasploit or Nessus, etc. September 21, 2009 at 3:01 pm #27136 Reply. These cert are are meant for infrastructure pet testers. In-Depth Scanning and Exploitation, Post-Exploitation, and Pivoting Comprehensive Pen Test Planning, Scoping, and Recon. Time just seems to have flown by. Much more affordable than just about any other training program or certification. level 2. I started with OSCP, that certification really shows potential employers that you know how hacking works. Anyhow, today I wanted to compare and contrast the CEH, OSCP and GPEN certifications. Absolutely NO regrets with the GPEN, highly recommended if work is paying. share. The OSCP certification exam itself is the famous (or perhaps infamous) 24-hour marathon exam where you have to bag as many machines as you can in a massive virtual environment. Professionals with the GIAC Penetration Tester certification (GPEN) are the best bet for this role in any organization. 6. The GPEN cert also has more merit at the moment and includes a CTF day excersize. GPEN certification holders have the knowledge and skills to conduct exploits and engage in detailed reconnaissance, as well as utilize a process-oriented approach to penetration testing projects. GIAC's pent testing eqivalent of OSCP is GPEN and GXPN. SANS GPEN is another type of certification provided under ethical hacking. Where the OSCP is very expensive is in terms of time. It's been an interesting few months for me, I moved to Manila, attended BlackHat 2012 in Vegas and I've completed my CEH, OSCP and GPEN certs. ), expanding my skillset. Report Save. The GPEN certification confirms your expertise in assessing target networks and systems to find security vulnerabilities. The GCIH certification focuses on detecting, … GPEN Certification. It takes most people hundreds of hours of time, but the good news is the labs are actually quite fun (well, at least most of the time.) Reply. Offensive Security Certified Professional.