A comparison between OSCP and eLearnSecurity’s eCPPTv2 certification. Is either of these certifications recognizable and accredited? It largely depends on the country you’re in and the companies that you apply to and the roles that you’re looking at.
The eCPPTv2 more focused on web pen-testing which is a real-life practical scenario-based examination.
- Exam Cost: $400 (Excluding Practice Labs, Only Exam)
- Voucher Validity: 6 Months From Purchase
- Exam Duration: 7 Days For Exam + 7 Days For Report Writing. (If you submit during the deadline and do not pass, you’ll get another attempt to give after 7 days)
- Support: Available & Fast
The OSCP more focused on infrastructure/exploitation testing, which isn’t important as web pentesting, if that suits the role that you’re looking for then it’s good to have.
- Exam Cost: $999 (PEN-200 course + 30 days lab access + OSCP exam certification fee)
- Voucher Validity: 12 Months From Purchase
- Exam Duration: 23 hours and 45 minutes
- Support: Available & Fast
eLearnSecurity Certified Professional Penetration Tester (eCPPTv2)
According to eLearnSecurity, an eCPPTv2 holder is knowledgeable in the following domains:
- Penetration testing processes and methodologies, against Windows and Linux targets
- Vulnerability Assessment of Networks
- Vulnerability Assessment of Web Applications
- Advanced Exploitation with Metasploit
- Performing Attacks in Pivoting
- Web application Manual exploitation
- Information Gathering and Reconnaissance
- Scanning and Profiling the target
- Privilege escalation and Persistence
- Exploit Development
- Advanced Reporting skills and Remediation
Should You Consider The eCPPTv2?
It is rated as advanced level. eCPPTv2 exam emulates a realistic network requiring you to pivot and figure out how to bypass firewalls both on ingress and egress. Its labs are more advanced and based on a real-world scenario, you have to break all defenses from the external networks and penetrate until you get admin level.
PEN-200 – Penetration Testing With Kali Linux (OSCP)
According to Offensive Security, an OSCP holder will gain knowledge on this certain skillsets:
- Using information gathering techniques to identify and enumerate targets running various operating systems and services
- Writing basic scripts and tools to aid in the penetration testing process
- Analyzing, correcting, modifying, cross-compiling, and porting public exploit code
- Conducting remote, local privilege escalation, and client-side attacks
- Identifying and exploiting XSS, SQL injection, and file inclusion vulnerabilities in web applications
- Leveraging tunneling techniques to pivot between networks
- Creative problem solving and lateral thinking skills
Should You Consider The OSCP?
The OSCP certificate considered as beginning certification within the Offensive Security circle, however the experience you gain would be considered as an advanced cert exam.
Cyber Security professionals consider OSCP only if they’re entering the realm of Penetration Testing or SysAdmins experience, for those who do not intend to work in pentesting, the CEH or CompTIA PenTest+ would be better alternatives that require less commitment.