Penetration Tester Path
From security foundations to professional red team
The credential path for offensive security and red team careers. OSCP is the industry gold standard for penetration testing roles — but it requires a solid foundation first. This path builds methodically toward it.
- Total Cost
- $2,100–$3,200
- all materials included
- Timeline
- 18–36 months
- at 1–2 hrs/day
- Exam Fees Only
- $1,891
- required certs
- Steps
- 3 certifications
- 2 required, 1 optional
The Path
Security+
CompTIA Security+
The most popular baseline cybersecurity certification
$392
exam fee
Why at this step: You must understand what you're attacking before you can attack it effectively. Security+ builds the foundational defensive knowledge that all offensive security work builds on — and it satisfies baseline requirements for many security employer contracts.
PenTest+
CompTIA PenTest+
Vendor-neutral penetration testing and vulnerability management
$392
exam fee
Why at this step: Structured penetration testing methodology — scoping, reconnaissance, exploitation, post-exploitation, and reporting. Strongly recommended before OSCP as a structured bridge. Less technically demanding than OSCP but good process discipline.
OSCP
Offensive Security Certified Professional
The most respected hands-on penetration testing credential
$1499
exam fee
Why at this step: The definitive hands-on penetration testing credential. 24-hour lab exam, no multiple choice, respected by every serious security team. The gap between PenTest+ and OSCP is significant — plan 6–12 months of lab practice before attempting.
Where to Specialize Next
After completing this path, these are the most popular specializations.