Certifications play a crucial role in the world of cybersecurity, fulfilling two main functions. First, they help you acquire knowledge and skills in various areas of cybersecurity, and second, they provide a way to demonstrate that you have that knowledge and skills. The problem is that, due to the large number of certifications available today, choosing the right one can be complicated.
In this article, we will explore different certifications that we consider to be solid options for those who want to specialize in the area of offensive security. All of them are totally practical and their exam simulates a real scenario in which various assets must be committed, since this is the best way to demonstrate that you have technical skills.
eJPT (Junior Penetration Tester)
Description
The first certification on the list is the eJPT (Junior Penetration Tester), from the INE Security entity. This is a basic certification that validates that you have the knowledge, skills and abilities necessary to perform the role of a junior pentester.
Objective audience
The eJPT is a simple certification designed for those who are entering the world of pentesting. It is important to note that, although this is a low difficulty certification, it is assumed that candidates have prior knowledge of networks and operating systems.
Content
- Evaluation Methodologies: Find systems on a network, identify open ports, services and extract information about a company from public sources.
- Pentesting of Hosts and Networks: Identify vulnerabilities in systems, identify and modify exploit code, use of different tools such as metasploit, perform pivoting through port forwarding, perform brute force attacks and hash cracking.
- Web Application Pentesting: Identify vulnerabilities in web applications, enumerate hidden files and directories and exploit web vulnerabilities such as Cross-Site Scripting (XSS) or SQL injection.
- Host and Network Audit: List network and service information based on files found on target systems. Additionally, collect user account information on target systems and dump hashes.
Exam format
The exam lasts 48 hours and consists of 35 multiple choice questions, each with 4 possible answers, along with a practical laboratory component. The lab provides access to a Kali Linux machine connected to the target network. The purpose of the exam is to perform a Black Box type pentest on the target network and all internal networks that are accessed during the laboratory. During the exam, the use of all the resources you want as support is allowed. The exam score is measured on a 100-point scale, and it is necessary to achieve a score equal to or greater than 70 to pass.
Price
The option to take the exam is available on the INE Security website for $249. This option includes two opportunities to pass the exam up to 180 days apart.
INE Security also offers an exam preparation course called PTS (Penetration Tester Student). This course is included in the Fundamental Pass, which is part of your standard online academy subscription. The monthly subscription fee is $39, while the annual subscription fee is $299.
eWPT (Web Penetration Tester)
Description
The INE Security eWPT is a certification of medium difficulty that validates that a person has the knowledge, skills and abilities necessary to be able to perform the work of a pentester more specifically in web applications.
Objective audience
The certification is aimed at those with basic fundamentals in networks, systems and pentesting who are looking to hone their Web pentesting skills. It is suitable, for example, for people who have obtained a basic pentesting certification such as the eJPT and want to increase their knowledge in the Web part.
Content
- Accurately evaluate web applications according to methodological practices and industry standards, identifying vulnerabilities according to the OWASP web security testing guide.
- Extract information from websites using passive reconnaissance and OSINT techniques, as well as from the domains, subdomains, and IP addresses of a target organization.
- Examine web server metadata files for information exposure and determine the type, version, technologies or frameworks used in a web application.
- Analyze the structure of web applications to identify potential attack vectors and discover hidden files and directories not accessible through normal browsing.
- Identify and exploit vulnerabilities derived from the incorrect implementation of HTTP methods, as well as misconfigurations on web servers.
- Test web applications for default credentials and weak passwords, and bypass weak or broken authentication mechanisms.
- Identify and exploit session management vulnerabilities, as well as exploit vulnerable and outdated web application components.
- Perform brute force attacks against login forms and exploit command injection vulnerabilities for remote code execution.
- Identify and exploit reflected, stored XSS, and SQL injection vulnerabilities, as well as vulnerabilities in content managers such as WordPress.
Exam format
The exam is structured in two parts: a practical part and a report writing part, each lasting 7 days. In the practical part, a "letter of commitment" is provided, which is a document with all the details necessary to carry out the exam. During this stage, different web applications need to be committed.
Price
The option to take the eWPT certification exam along with three months of training is available on the INE Security website for $599. It is not possible to take the exam without also acquiring the training.
Stay tuned because soon we will tell you more about offensive security certifications.
Javier Martín , cybersecurity analyst at Zerolynx .
