Offensive Security

Take the cert-match quiz 7 questions · top-5 matches across 74 certs

Certifications for penetration testers, ethical hackers, and red team professionals. These focus on attack techniques, vulnerability assessment, and authorized security testing.

Find your match in 2 minutes Take the in-game quiz to see which certifications fit your experience, goals, and budget.

Take the quiz →

Offensive Security at a glance

This category covers 8 cybersecurity certifications, with top reported salaries reaching $220,000. Each certification below maps to a specific role and skill profile — pick the one whose target audience and career paths match where you are or where you want to be.

The certifications

CEH (Certified Ethical Hacker) EC-Council · Intermediate
- Cost$1,100 exam fee
- Study time6-10 weeks study time
- Salary$110,000 - $160,000
- DemandVery High - penetration testing
- ValidityNo expiration
Penetration testers, security professionals, ethical hackers

Career paths: Penetration Tester · Security Analyst · Red Team Member
OSCP (OffSec Certified Professional) OffSec · Intermediate
- Cost$999 course + $165 exam
- Study time2-3 months intensive study
- Salary$120,000 - $180,000
- DemandVery High - advanced penetration testing
- ValidityNo expiration
Penetration testers, security engineers

Career paths: Penetration Tester · Security Engineer · Red Team Member
GPEN (GIAC Penetration Tester) GIAC · Intermediate
- Cost$2,995 course + $499 exam
- Study time5 days intensive + 2-3 weeks prep
- Salary$125,000 - $185,000
- DemandHigh - penetration testing
- Validity4 years
Penetration testers, security professionals

Career paths: Penetration Tester · Security Consultant · Red Team Member
CRTP (Certified Red Team Professional) Altered Security · Advanced
- Cost$399 course + $399 exam
- Study time3-4 weeks study time
- Salary$130,000 - $190,000
- DemandHigh - red team roles
- Validity3 years
Red team professionals, advanced penetration testers

Career paths: Red Team Member · Penetration Tester · Security Consultant
GWAPT (GIAC Web Application Penetration Tester) GIAC · Intermediate
- Cost$2,995 course + $499 exam
- Study time5 days intensive + 2-3 weeks prep
- Salary$115,000 - $170,000
- DemandVery High - web security
- Validity4 years
Web application security testers, penetration testers

Career paths: Web App Security Tester · Penetration Tester · Security Consultant
OSEP (OffSec Experienced Penetration Tester) OffSec · Advanced
- Cost$1,299 course + $165 exam
- Study time3-4 months intensive study
- Salary$140,000 - $200,000
- DemandHigh - advanced roles
- ValidityNo expiration
Advanced penetration testers, red team members

Career paths: Advanced Penetration Tester · Red Team Lead · Security Architect
OSEE (OffSec Exploitation Expert) OffSec · Advanced
- Cost$1,499 course + $165 exam
- Study time4-5 months intensive study
- Salary$150,000 - $220,000
- DemandHigh - specialized roles
- ValidityNo expiration
Exploit developers, advanced red team members

Career paths: Exploit Developer · Red Team Member · Research Engineer
ECSA (EC-Council Certified Security Analyst) EC-Council · Intermediate
- Cost$1,100 exam fee
- Study time6-10 weeks study time
- Salary$115,000 - $165,000
- DemandHigh - security analysis
- Validity3 years
Security analysts, penetration testers

Career paths: Security Analyst · Penetration Tester · Security Consultant

How to choose

Start with the cert whose target audience matches your current role and the level matches your experience. Among those, the practical filter is usually cost and study time — pick what you can realistically commit to over the next 6 months. The career paths section tells you which roles each cert opens up; the salary range is a rough industry signal but varies heavily by region and employer.

See the full roadmap

All 14 categories and 74 certifications →

Take the cert-match quiz →