CEH vs OSCP where CEH wins???
People will call me crazy but today I am going to write a Very Detailed Answer so that this big question gets settled
Before Getting Started, A Legal Disclaimer – “Whatever I am going to post is my personal experience and I am not commenting on anyone professionally. All Trademarks used are only for Educational Purpose used under Fair Use of Copyright Law and are a Registered Property of their owners.”
Why Am I Even Doing This Comparison???
She asked me this question so here you go
If you see clearly, Every month 260 People Like You search for this exact term and hence it’s a big question, if you consider other similar keywords also like CEH vs OSCP vs GPEN then this total number of searches goes around 720
For those of you who don’t know me, My name is Sagar Bansal and I help businesses to stay up and running at minimum infosec costs, I have worked with multiple Celebrity Experts in InfoSec and… I am Banned From Offensive Security. Why? READ IT HERE AND KNOW WHAT AM I DOING NOW AFTER GETTING BANNED FROM OSCP
Ok, let’s get back on track!
You will often hear people saying
- CEH has no value
- It’s a theory based exam
- We don’t even consider people with CEH
- OSCP is a try harder exam
- OSCP is a Professional Exam
- CEH is for Beginners
- OSCP is intermediate or advance
I’ll try to add these points in this post and give reasonable explainations
There are 3 ways we can compare these certifications
- Learning Curve
- Career Opportunity
- Job Opportunity
however, people choose the first way which leads to a MYTH that OSCP is better than CEH which is absolutely WRONG!
I completely Agree to this comment by Dr. Mohamed AbdelFattah who is a really great expert and I will add ECSA and Even LPT comparison in this post later but why do people undermine CEH so much?
Let’s talk about the Exam first which makes most people believe CEH a joke…
CEH i.e. Certified Ethical Hacker is a 4-hour exam which is based on 125 Multiple Choice Questions whereas OSCP – Offensive Security Certified Professional is a 24 Hours exam which needs you to do a Full Penetration Test on 5 Challenge Machines and Submit a decent report file.
Problem is that People only compare CEH ANSI with OSCP and say that it has no value, anyone can read 1500 Practice Questions from internet and Pass it whereas for OSCP you need to have real skills…
In Reality, CEH has 3 Levels
CEH ANSI is Theory Exam with 125 Questions, CEH Practical has 20 Challenges which needs to be completed in 6 Hours and CEH Master is a Certification which you get when you pass BOTH exams!
So Ideally, You should compare CEH Master with OSCP.
Lol.. he never read what i mentioned above…
The Learning Curve.
If you ask on Learning Curve. OSCP is only limited to PENETRATION TESTING and tell me one thing, are you willing to have a carrer in Penetration Testing and keep it limited or Ever want to be in Management also?
There is nothing wrong in being a pentester and there are so many experts whom I respect most but for me, Getting a simplified career as a Management Level Executive like a CISO or CSO matters more… I can not see myself in 3 years working at the floor work pentesting things and waiting for my paycheck every month. I want to be on top and that’s why learning curve matters for me.
If you are not like me, you should close the browser and leave as this website is not for you 🙂
In OSCP training course which is PWK, you learn this ( Click To Enlarge )
It’s quite extensive but It’s NO REAL Syllabus, I think it teaches more on how to google things!
OH you don’t believe me huh? Let’s try to elaborate…
It teaches you how to penetrate machines in this way
- You scan
- you google
- you download exploit
- you modify it
- you run it
That’s what you do in OSCP, there is no Methodology or Standard that you learn in OSCP which can be used to work in a Professional Environment.
By methodology I mean METHODOLOGY FOR EVERYTHING
You are scanning a web server… how do you do that
You are testing a web application… how do you do that
You are testing an EMAIL Server… how do you do that
She doesn’t know that you can not just download any exploit and use it without getting accrediation from management in written. What if the exploit breaks the system? what if your one minute revenue is $10K+ and your exploits leads to a down time of 10 minute leaving to a $100K+ Loss…
What if the company works with Government and needs to follow NIST Guidelines (SP 800-115) while doing a Penetration Test, An OSCP doesn’t understand that… What if you work in a group where PTES (Penetration Testing Execution Standard) is followed, An OSCP is blank at that time. What if a project requires you to test using OWASP Testing Methodology, OSCP can not do that.
This lady i was talking about earlier also said that “In corporate Environment we work in teams and sole purpose of OSCP certified people is to test and other team members can take care of compliance… I am not talking about Regulatory Compliance like PCI-DSS, HIPPA, etc. I am talking about Specific Penetration Testing Compliance which you need to know as a pentester if you want to work in some specific industries.”
I am not saying OSCP is useless but wait! we are talking about Learning Curve…
OSCP has a very limited knowledge as they only know how to test specific machines.
I was doing a pentest for a Big Client and every system was behind Advance Firewalls and IPS/IDS. further they had SOAR which was making it very difficult to even SCAN the network. You don’t learn all this in OSCP, you have the PWK lab and a VPN which is basically a Grey Box Testing as you are already in that network… The challange is to first get in the network and deal with Advance AI based Security Controls. One of them is CISCO AMP which is an Advance Malware Protection suite working on AI and ML algorithms. Systems today have ability to block IP’s Close Ports, Ban Users, Suspend Services, Even Take the whole system in a falesafe state where it get’s locked and pentester can not do anything
It’s nothing more than a 60 Machine network as there is no instructor who can actually train you, they just have a support chat which is not that helpful.
- no help
- no guidance
- Student Fourm have good hints but still you will struggle for days.
LOL, hack a bank as a black hat? I will assume he is talking about Black Box Testing
So Here is the deal, You need to follow PCI-DSS Requirements while testing a Bank.
Further There are many other acts which you need to take care of, like for a Bank in Europe, GDPR Guidelines will be necessary to be followed by the PenTester and ensure he doen’t get’s access to any customer data.
On the other hand, CEH is a hands-on training exam where you get a REAL INSTRUCTOR who teaches you things,
But Wait! CEH sucks when your instructor sucks.
CEH also teaches you BufferoverFlow the same way OSCP teaches. It also teaches you finding exploits and applying them. Its syllabus is 10x more than OSCP teaching everything not only just Pentesting. It’s better than OSCP if your Instructor is a rockstar but in most cases, you won’t get that. So it’s on you to decide whether you are ready to put hard work and learn CEH curriculum yourself to greatest depths or not.
I have never seen even ONE PERSON who completed whole CEH Master Syllabus.. I personally never did all 140+ Labs
Also understand that CEH is not a Penetration Testing Certification, it talks about many other concepts like Cryptography, Cloud Security, Mobile Testing, IOT Testing, etc etc.
Finally, this is the most interesting part which surprises a lot of people…
Career Opportunity with CEH vs OSCP…
I am talking about CAREER NOT JOB!
If you are concerned about a Penetration Testing Career, OSCP is a fabulas certification to take as it will give you a good grip to learn advanced penetration testing later, however if you want to have a diverse career then OSCP is a Big NO!
with CEH you can go in Security Management, Conpliance Auditing, Penetration Testing, Cloud Security, IOT Testing, Risk Management, Business Continuity, Incidient Handling, Disaster Recovery, and many others as it touches all concepts.
You will need a Specialization Certification along with CEH or industry may not value you, but that’s completely fine until you are limiting yourself to one specific career. For me, Security Mnagement is the Field to specialize in and After CEH, I suggest CISSO, CCISP, CISSP and CISM to be done and get that Top Position in the company.
I was surprised to see so much variety of concepts in the CEH course. Just for an Example – Module 18 is related to Cloud Security and I teach CCSP Certification which is the Legendary Cloud Security Certification in today’s world provided by ISC2. I was impressed by EC-Council to see how detailed CEH was in that module. It was giving a Good Complement to CCSP Common Body of Knowledge.
- I learned how to create a LAMP Server
- Secure it
- Deploy a Cloud Application
- Configure Users, Policies, Groups, Permissions
- Attack it using Metasploit
and all this was PRACTICAL LAB which I completed in CEH ANSI…
Think about it yourself, CEH gives you so much diverse experiences in every field that tomorrow you can get any certification you want and do any job.
Job Opportunity with CEH vs OSCP…
OSCP is offered by Offensive Security which is a Private Company and famous only because they developed some amazing products like Kali Linux, Nethunter, Exploit-DB, etc. OSCP certification is not recognized by the US Department of Defence and this means no chance in a Government Job. Further, it is not accredited by ANSI nor by any National Defence Agency like NSA, Interpol, etc
But it is very impressive to see that OSCP is respected by majority of Coorporate Companies and you can get a job very easily as a junior Penetration Tester.
Even with CEH Master, you will have to struggle to get a job first but once you get it, Your career oportunity will scale very rapidly as you can join any team in the company and do your specialization in whatever you want.
On the other hand, Getting a job with CEH knowledge is easy if you can demonstrate it so make sure you do all the labs and think about spending atleast 1 year in completing your education in this cert.
I hope you enjoyed this post, I need to do a lot of work on it but I’ll finish it very soon…