Continuous learning has always been a big part of my journey in security. These certifications reflect both breadth and depth — from web and mobile application security to red team operations, Active Directory exploitation, and cloud security.
Each badge is linked to its official verification page and comes with a short note on what it represents.
Red Teaming & Network Security
OffSec Experienced Penetration Testers (OSEPs) have the skills and expertise necessary to conduct penetration tests against hardened systems. They’ve proven their ability to identify more impactful intrusion opportunities and execute advanced, organized attacks in a controlled and focused manner.
Hands-on penetration testing exam under strict time limits. Proves capability in target discovery, scripting tooling, exploit adaptation, privilege escalation, web exploitation, and multi-network pivoting.
Assesses the ability to find and validate known weaknesses across networks, infrastructure, applications, and databases. Includes effective use of scanning tools and clear interpretation of results.
Proves expertise in attacking complex Windows/AD enterprises. Covers enumeration, code execution, lateral movement, bypassing controls, domain and forest escalation, persistence, and inter-forest trust abuse.
Core Active Directory offensive skill set: enumeration, local and domain escalation, persistence mechanisms, and cross-forest attack paths in an enterprise-style lab.
Intermediate, scenario-based assessment that mirrors a full engagement. Requires thorough exploitation and a professional report, demonstrating readiness to lead pentest projects.
End-to-end adversary simulation skills—from foothold to domain dominance and data exfiltration, delivered with strong OPSEC and defense evasion in realistic engagements.
Advanced focus on Active Directory Certificate Services. Includes enumeration, certificate theft, misconfiguration abuse for escalation, long-term persistence with forged certs, and on-prem to cloud pivots.
The exam simulates a realistic enterprise scenario where the candidate begins with low-privileged domain user credentials and is required to perform both vertical and lateral movement to escalate access and compromise critical systems within the environment.
This expert-level exam designed to test a candidate’s expertise in identifying and exploiting vulnerabilities within Microsoft Active Directory (AD) environments. Candidates must demonstrate a deep understanding of AD concepts (both on-prem and Azure AD), attacks, and defenses to pass this challenging exam.
Application Security
Hands-on exam that mirrors a full web penetration test in a controlled lab. Focus on crafting custom exploits, attacking database layers, and evading hardened XSS/SQLi defenses.
Practical assessment of real API attack workflows. Covers OWASP API Top 10, common misconfigurations, and end-to-end exploitation of authentication, endpoints, and business logic.
Demonstrates expert use of Burp Suite to uncover and prove high-impact web flaws. Includes adapting techniques to bypass brittle defenses and using OAST for out-of-band findings.
Expert-level scenario exam focused on complex web exploitation. Requires chaining vulnerabilities, deep OWASP knowledge, and producing working compromises under time pressure.
Hands-on exam targeting AI/ML and LLM-integrated apps. Covers prompt-injection, model-adjacent misconfigurations, and securing LLM pipelines against real-world abuse.
Mobile pentesting for Android and iOS, including reversing, crypto weaknesses, and building working PoCs. Exam scenarios mirror realistic apps and vulnerable implementations.
Cloud Security
Proves offensive depth across Azure: service discovery, initial access to cloud apps and storage, authenticated enumeration of core services, RBAC and AAD privilege escalation, cross-tenant and hybrid pivots, and long-term persistence techniques.
Demonstrates deep knowledge of AWS security services and the shared responsibility model. Covers designing, implementing, and troubleshooting robust security architectures across diverse AWS workloads.
This is an expert-level exam that evaluates a candidate’s practical expertise in the field of AWS cloud security through real world scenario-based challenges in AWS cloud environments.
Core Security
Covers the core phases of offensive security, reconnaissance, scanning, enumeration, exploitation, and basic post-exploitation, using common tools and techniques. Demonstrates the ability to think like an attacker while documenting risk and practical countermeasures.
Validates core security analysis across networks, systems, and web applications. Emphasizes sound methodology, evidence gathering, and clear communication while working with standard industry tooling, an ideal foundation for higher-level CREST pathways.