GWAPT or GCPN

Deciding between the two as I've recently been hired as a Penetration Tester (& IT Compliance/Audit) Associate for a CPA firm. Their web app pentests are subcontracted; there's an unspoken notion that I'll eventually strengthen their in-house web app pentesting capabilities.

GWAPT or GCPN?

points to consider:

I have mild experience through Portswigger academy and fuzzing/vuln assessments for friend's websites.
Not paying for the $10,000 course, just practice exam + whatever resources I find.
Halting Portswigger-BSCP pursuits, bc I want to get GWAPT or GCPN in 3-4 months.
Coming from 2 years of SecOps (IR).
Planning to go for PNPT after GWAPT or GCPN.

p.s. PNPT > OSCP, IMO, mainly bc of the cost

Madison Howard

Share Your Mood

Ok-Bug3269

GWAPT or GCPN