I have been working as a Tier 1 SOC Analyst for about two years now, but I really want to move into ethical hacking. My concern is the steep learning curve and the legalities of practicing. What are the best labs or certifications that actually hold weight in the industry right now for someone looking to break into the red teaming side of security?
3 answers
Focus on networking fundamentals first. You can't hack what you don't understand. Mastery of TCP/IP and Linux is the foundation of all successful penetration tests.
Making the jump from defensive to offensive security is a brilliant career move. I recommend starting with the OSCP because it forces you to think outside the box during the 24-hour exam. You should also spend significant time on platforms like Hack The Box or TryHackMe to build your methodology. Don't just learn the tools like Metasploit; learn how the underlying vulnerabilities work. Employers today are looking for people who can write custom scripts and explain the business risk of a vulnerability, not just run a scanner. It takes patience but the rewards are worth it.
Have you considered starting with the eJPT to build your confidence before tackling the more difficult certifications? It is much more beginner-friendly for those coming from a SOC background. Do you have a specific home lab setup you are using for practice?
Setting up a home lab is essential. I personally used Proxmox to virtualize a range of vulnerable machines from VulnHub. This allows you to practice networking and pivoting, which are crucial skills for real-world engagements. Starting with eJPT is a solid suggestion because it covers the basics of the engagement lifecycle and reporting, which most people often overlook.
I totally agree with Robert. Without a deep understanding of Linux and networking, you will hit a ceiling very quickly in this field. It is the core of everything.