OSCE is a certification focused on advanced penetration testing skills,
In an intense 48-hour exam,
the professionals prove they can develop exploits,
execute attacks, and obtain administrative access.
OSCEs can think outside the box
and perform with persistence, even under pressure.
OSED is an exploit development certification,
Offensive Security (
It is one of three certifications that make up the new
along with the
OSWE for web application security
OSEP for penetration testing.
In an intense 48-hour exam, professionals prove they can find bugs in a binary application and build an exploit from scratch, craft exploits for common security mitigations and use the technique to bypass data execution.
OSWE is a certification designed to demonstrate
the ability to exploit web apps,
which is recommended to be obtained after
In a 48-hour exam within an isolated VPN,
professionals assess and attack different web apps and operating systems.
They must prove their skills
by identifying vulnerabilities and then exploiting them.
OSWP is the only professional certification
in practical wireless attacks in the security field today.
In a hands-on exam, an
OSWP must prove they have the skills
to do 802.11 wireless audits using open source tools.
OSCP is a professional certification in ethical hacking developed by
Offensive Security. It is the first fully hands-on offensive information
security certification in the world. It requires the professionals to prove
that they have a clear understanding of the penetration testing process and
lifecycle through an arduous 24-hour exam.
The Certified Red Teaming Expert (
CRTE) is a fully hands-on certification given
Pentester Academy. This certification guarantees a person with the
expertise to assess the security of an unknown
Windows infrastructure and
recognize misconfigurations and abuses.
The Certified Red Team Professional (
is a fully hands-on certification given
Pentester Academy. This certification guarantees that the person
has the expertise to assess the security of an
Active Directory environment.
by abusing features and functionalities
without relying on patchable exploits.
eWPTv2 is a certification created by
This is the most advanced web application pentesting certification.
It evaluates the candidate’s skills
to perform an expert-level penetration test.
eWPTv2 assesses a person’s expertise in two main aspects:
Advanced reporting skills and remediation
Ability to create custom exploits when modern tools fail
eMAPT is a certification created by
This certification is intended to be achieved by
cybersecurity experts with advanced mobile application
It evaluates the candidate’s skills
to perform an expert-level analysis and penetration test.
To do so, candidates must perform manual exploitation,
and decryption in two Android applications.
eWPTv1 is a certification
Is the only certification for
Web Application Penetration testers
that evaluates the ability to attack a target.
It assesses a cyber security professional’s web
application penetration testing skills.
eWPTv1 certification assesses the expertise
of a person in two main aspects.
Penetration testing processes and methodologies.
Web application analysis and inspection.
CEH is a professional certification
by the International Electronic Commerce Council (
This council certifies professionals
in the security discipline of ethical hacking.
It is unaffiliated with any commercial entity
and is considered independent and impartial.
CompTIA is an international certification.
It was created by
Computing Technology Industry Association.
It certifies that the candidate has the knowledge
to install systems to protect applications.
The candidate can assess the security posture
of an enterprise environment.
She can recommend
and implement appropriate security solutions.
And she can monitor and secure hybrid environments,
including cloud, mobile, and IoT.
CDP credential validates the practical
expertise to understand, implement and manage
DevSecOps program in an organization.
CDP can assess the current state of
embed security as part of
DevOps, manage vulnerabilities and
improve the overall Maturity Level.
ISO27001 is an international certification.
It evaluates the candidate’s expertise to perform an
Information Security Management System audit.
To do so, it applies audit principles,
procedures and techniques.