This question is for the admins and otherwise legit experts and pros. I'm studying to become a professional ethical hacker and wanted your perspective on what certifications are most desirable to obtain. I've been prepping for the CEH and was planning to take it the beginning of Sept. I've passed the last few simulated exams and am comfortable in my preparedness, however am rethinking whether obtaining that credential or seeking another certification such as certified pentester, ect. I've goggled and found mixed reviews about the worthiness of CEH and wanted your expertise on which cert you all believe is most worthwhile in terms of a career in the industry. Thank you in advance for any info or advice you can provide. Greatly appreciated!
Forum Thread: Question to the Admins/Experts on Certifications
- Hot
- Active
-
Forum Thread:
Any Scripts/Programs Available for the Krack Vulnerability
0
Replies
12 hrs ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
122
Replies
18 hrs ago -
Forum Thread:
Can Someone Here Help Me Crack Tgis Site and Be Able to Change My Transcript/Exam Results
0
Replies
19 hrs ago -
Forum Thread:
How Can I Hack in Our Students Portal and Be Able to Fix My Results and Edit Some
0
Replies
19 hrs ago -
Forum Thread:
How to log in tor
1
Replies
20 hrs ago -
Forum Thread:
Any Idea About Piping Crunch with Medusa
0
Replies
20 hrs ago -
Forum Thread:
Cannot Connect to Fake Ap in Airgeddon. I tried with evil twin attack and can't key in password. Please help me.
0
Replies
21 hrs ago -
Forum Thread:
Commercial Mattress Cleaning Services
1
Replies
22 hrs ago -
Forum Thread:
How to Download Videos with Terminal
7
Replies
1 day ago -
Forum Thread:
I Need Help in Hacking a Gmail Account.
23
Replies
1 day ago -
Forum Thread:
Exploit Completed but No Session Was Created .
5
Replies
1 day ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
28
Replies
1 day ago -
Forum Thread:
Mikrotik - Part Four [UnderTaker - QoS]by : Mohamed Ahmed.
1
Replies
1 day ago -
Forum Thread:
Eml to PST Conversion
5
Replies
1 day ago -
Forum Thread:
How to Get Proxychains to Work?
6
Replies
1 day ago -
Forum Thread:
I Want to Hack a Facebook Account.
6
Replies
1 day ago -
Forum Thread:
Pros and Cons of Parrot
14
Replies
2 days ago -
Forum Thread:
How to Hack into a Passkey Protected and Hidden "Ghost" USB Device That Doesn't Mount and Isn't Detected by the PC?
0
Replies
2 days ago -
Forum Thread:
On Which Does Kali Linux Run Best: Mac or Microsoft Computers?
0
Replies
2 days ago -
WIFI Hacking :
Crack WEP/WPA/WPA2 Password Without Dictionary/Bruteforce NEW METHODE : Fluxion
8
Replies
2 days ago
-
How To:
Use MDK3 for Advanced Wi-Fi Jamming
-
Hacking macOS:
How to Sniff Passwords on a Mac in Real Time, Part 1 (Packet Exfiltration)
-
Hacking macOS:
How to Sniff Passwords on a Mac in Real Time, Part 2 (Packet Analysis)
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
-
How To:
Securely Sync Files Between Two Machines Using Syncthing
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Hack Wi-Fi & Networks More Easily with Lazy Script
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Use Maltego to Monitor Twitter for Disinformation Campaigns
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2018
-
How To:
Find Anyone's Private Phone Number Using Facebook
-
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Hack Android Using Kali (Remotely)
-
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
-
How To:
Beginner's Guide to OWASP Juice Shop, Your Practice Hacking Grounds for the 10 Most Common Web App Vulnerabilities
-
How To:
Hack a Windows 7/8/10 Admin Account Password with Windows Magnifier
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
22 Responses
You will definitely need the comptia A+ course certification. However, all in all, just get as many certifications as you can. The more certs you have, the better your chances are of being hired. To put this in a real world from, If you and some other person apply for an IT/Hacking job, and you have one more certification than said person, odds are, you will get the job.
In all honesty, an awful lot of people in this industry have no certifications. If you want to pursue the certification route in IT security, I suggest;
A+
Net+
Sec+
Linux+
Then.
CASP
CEH
CISSP.
OTW: I was wondering which one of these I should take. Thanks for a good list :)
Jeremiah:
It depends upon your background and aspirations.
I am hoping to get into the security or pen tester field. I already have A+ and Net+
Then get the security + next.
Will do! Thank you again.
Thanks for this list
thanks so much for your insight OTW! I appreciate the advice!!
to OTW: i just finished CCNA certification can you tell me what certification should i take? thanks
The whole certification thing is a slippery slope. Some expect them, some don't. Some respect them, and others don't. Best advice I can offer is learn the craft. Hone your skills. All a certification will do is possibly get you through the door. I can share this tip that I was not able to take advantage of myself, but could possibly be a fit for you. I got in touch with a guy via this site (http://h.foofus.net/?p=821) who had a posting looking for n00b hackers for paid internships. That's right paid. They basically train you as a Penetration Tester and then offer you a job with their company (a sub-division of CDW).
Good luck.
I do have a question: is there an age requirement? I'm 14, and I am very serious about going into IT. And also, OTW, what certifications do uou have?
I'm pretty sure you have to be 18 years of age. You can check out OTW's profile page to see his certs.
My two cents: Offensive Security and eLearnSecurity certifications are great. I'm an OSCP certified and I loved its "hands on" approach... the 24-hour exam was cruel :D These are certifications you earn applying what you study during the course, not by just memorizing some notions :)
Super jealous......I would love to go through those but they're so damn expensive, unfortunately. If money weren't an issue, I'd be doing everything through offsec.
I really can understand you :)
Consider however that given the cost of other certifications, OffSec ones are also a little cheapier!
As a 15+ year experienced hiring manager, it can give you an advantage, but not always. Some certs are baseline just to be considered. For example, to be a security contractor for the US Government, you need at least a Security+ just to be considered for an average position (DoD 8570).
If I'm hiring for a mid-level Network Engineer in a Cisco shop (for example), I'll most likely only look at CCNPs. Depending on the composition of my current team, I may go with a CCNA or an expired CCNP and look at how well your personality integrates with the team, skill set, experience, and how hungry you are to learn. I will, however, look very closely at your reason for not having a CCNP. If you let it expire, what life events got in the way? If you only have a CCNA, are you working on a CCNP? I wouldn't hire the worse of two candidates if it came down to having a cert/degree or not.
I am granular enough with my interviewing process that of the 100 or 200 employees I've hired directly or been involved with hiring, it has never came down to certifications between two candidates being the deciding factor. It's super cliche to say that it happens, but generally you have to have the cert just to be considered. There's always many other factors to decide on.
Certs and degrees will generally get you eliminated at the first or second gate in the hiring process, especially at larger organizations, because the hiring manager doesn't have a lot of time and will say "They must have a CCNP" (as an example). Someone that's not technical looks at your resume, sees you don't have a CCNP, and discards your application.
So, just like most things in life, "it depends". Of course, every hiring manager is different so YMMV (Your mileage may vary).
thank you so much for your insight!
I'm currently employed as a security consultant/pen-tester. I studied for the CEH, but like yourself I read mixed reviews.
Instead I took the knowledge from the CEH book plus a years worth of home study and then took week intensive course called Cyber Security Team Member which is CHECK equivalent.
I have been to a few interviews in London because of my CSTM qualification and they told me that they didn't even bother with people with CEH as it focuses too much on tools and not much skill/free thinking.
I hope that shows how much the CEH is worth as an actual qualification, its more of a stepping stone into the industry.
Thanks so much for your insight. I'm like you. Everything I know is self study. I come from a completely different background. I have my master's degree in healthcare administration and management. My problem is it took me sooooooooooooooooooooo longggggggggggggggg to find what I wanted to do with my life. I went into healthcare because my dad is a doctor. I never had that one career I was like "I want to do this" until I stumbled into hacking about 2 years ago. I hate working in healthcare...HATE it. It's just not at all interesting and it doesn't hold my attention. I went to work everyday frickin miserable. Now I'm much, much more happy. I landed a pentesting job with a local sec company but it's contract work only and I need something more stable. I also applied to some other local sec companies who told me to come back once I had a solid foundation of knowledge. With that advice I began studying and using skillset.org to track my progress towards the CEH. I think for me, a cert is important because I don't have an IT background. I'd love to go through one of the programs offered at offsec, ect but they're so expensive and money is not exactly growing off my trees right now. Thanks so much for the feedback. It's appreciated!
Guys i need some advice, im thinking about getting into IT.
I would love to hear your opinions/point of view
Keep the things you do on your computer separate. At work I use my laptop for studying, researching and practising. When I get home from work I use it for entertainment and gaming :) .
Share Your Thoughts