Advice/View for course in CEH - Certified Ethical Hacker

[shingo1]

I would not say that it's really hard at all, you either need luck or skills.
But if one does not have luck, try skills. Usually luck is through referrals or sudden opening when an employee left.

But skills wise, try for Syscan or HiTB CTF. If you managed to perform well, i am sure the local authorities, Banks and IT Security related companies will take note of your performance and hire you. These are opportunities presented to you, if you miss the boat, you will have to wait another year.

No skill yet. knowledge also fundamental it security. chance.. saw plenty of posting on security post but no news at all. read up also not much use when there is no relevant experience to fill into cv.

 

[hitmen]

Where can people go to gain real life experience of breaking into servers?
Like you test their network then they credit money into your account
Like that is better than 9 to 5 job.

 

[bakasa2002]

Consider doing a broad-based specialist dip in IT sec with NYP, TP or one of the poly that has this offering. This might give you a better idea of which area you want to branch into for IT Sec.

CEH is basically a touch and go course, where they actually kind of rush thru the tools and methodolgy, or right approach to do ethical hacking. It's basically just an aspect of how to gain access, privilege escalation, so I wld agree it's only a part of IT sec.

To be frank, the exam is not easy, but the certification is as bros say, only helpful if you intend to start out as a hired pen test analyst etc. Hope this helps.

 

[ExtremeWays]

I can't tell you which path to take but i can tell you what are the jobs available locally.
The IT security market in overseas is different.

I'm not even sure what they teach you in Poly or Uni nowadays but my stand is still the same for anyone that i teach.
"Get Your Fundamentals Right"

Learn Safe Coding if you are into development or source code auditing like i do.
These are specialised jobs but you won't regret it cos these jobs pays higher but if something cocks up...you're the first person the fingers will point to.

Penetration Testing, as more and more companies put the information up in the internet and intranet...etc... there is a need to hire pentesters to do all the dirty work in case the system administrators missed out something that could lead to loopholes in the entire systems. It's not an easy job, you could make a lot of enemies if you are not friendly or tactful. Banks hire these people too and Banks pay quite well.

The rest are classified as niche market imho, jobs which require you to be either lucky and chance upon it or referred by friends. As these positions are very few.

Last advice, look through your past notes and ask yourself these questions:
"Do i really understand them thoroughly enough?"
"Are my self developed applications so good that they are free from bugs?"
if you answered "NO" to any of these 2, Post your questions here again if i'm available.

What they teach in schools are just touching the surface of everything.
If you ever got ideas for anything, write it down.
Remember this, "Ideas Are Premium"

Any more to add??????

 

[Egamespltd]

Hello all,

Can i ask is there any other courses that one should take before CEH? mainly for beginners who are interested in this line?

many thanks =)

Can I hire you? Urgent

 

[keithrocks22]

Freelance IT Security Cosultant

Hi, just curious does freelance IT security consultant pays well? Is it true that is high demand for freelance?

 

[newfreshie]

I took CEH years back, tbh, not really a useful course as it just throws you the tools and teach you how to use it, basically, script kiddie.

 

[riclcw]

Self-help or engage expert?

Hi

I'm a little frustrated here after my iphone7 (probably trustjacked), apple id, google accounts and social apps were hacked recently (targeted by some people).

I sanitised all my devices, installed Nord VPN, McAfee Security Suite and changed passwords. No idea if hacker is passively collecting data. But I do still get stalked by fake profiles in social apps (likely MitM - coffee meets bagel, tinder, instagram). Using Huawei Mate 20.

Any advice? Should I self-help (any useful resource?) or engage experts (who to find)?

 

[galapogos]

If you're serious about doing PT, skip CEH and do OSCP instead. Some hiring managers reject people based on their CEH certification. It's that bad.

 

[Xiaosa1]

If you're serious about doing PT, skip CEH and do OSCP instead. Some hiring managers reject people based on their CEH certification. It's that bad.

if hiring managers are rejecting people based on what certs they have, they are not worth the trouble

 

[thetomson]

Yup. OSCP is better than CEH if you want to go in Pentest job.

 

[lazyboyzz]

CEH > Goes into the general overview into what "Pentest" can be like and throws a ton of tools at you to use
OSCP > Goes deeper into the scripting languages and practical hands on exploitation

Choose your pick i guess?

 

[Trader11]

CEH > Goes into the general overview into what "Pentest" can be like and throws a ton of tools at you to use
OSCP > Goes deeper into the scripting languages and practical hands on exploitation

Choose your pick i guess?

Learn both. It is better to learn as much as possible

 

[lazyboyzz]

Learn both. It is better to learn as much as possible

Money is the issue though, for self sponsored candidates. Especially for EC-council Certifications

 

[koicafex]

If you can get past a interview and get into IT security industry,
most company are willing to pay for your OSCP + Crest cert (mandatory for pen testing in sg)
depends on the policy, some will give you the fee after u passed, some will pay for you to enroll

 

[Xcert]

Anyone here is OSCP certified?

Need some guidance....