TEAM CERTIFICATIONS

Credentials our team holds

Offensive security is a craft. The certifications below are held collectively by members of the KAOS practitioner team. We list them at the team level so individuals retain control over their personal disclosure.

Certifications we hold

Recognised offensive-security and assured-testing credentials, held collectively across the KAOS practitioner team.

OSCP

Offensive Security Certified Professional

Hands-on penetration testing certification from OffSec. 24-hour practical exam against a live network. The industry baseline for ethical offensive testing.

OSCE3

Offensive Security Certified Expert 3

Composite credential covering advanced web exploitation (OSWE), evasion techniques (OSEP), and exploit development (OSED). Recognises end-to-end advanced offensive capability.

OSWE

Offensive Security Web Expert

Advanced web application exploitation, including white-box code review, authentication bypasses, and chained vulnerability research.

OSEP

Offensive Security Experienced Penetration Tester

Advanced evasion, AV/EDR bypass, lateral movement, and red team tradecraft against hardened enterprise environments.

CRTO

Certified Red Team Operator

Zero Point Security adversary simulation certification covering Cobalt Strike tradecraft, OPSEC-aware C2, and Active Directory abuse.

CRTL

Certified Red Team Lead

Advanced red team leadership focused on multi-operator engagements, custom tooling, evasion at scale, and engagement management.

CREST CRT / CCT

CREST Registered / Certified Tester

CREST-accredited credentials widely required by UK, EU, and government procurement for assured penetration testing services.

eWPTX

eLearnSecurity Web Application Penetration Tester eXtreme

Advanced web application security assessment with a fully practical examination against modern application stacks.

Burp Suite Practitioner

PortSwigger Burp Suite Certified Practitioner

PortSwigger’s practitioner credential covering modern web vulnerability classes, advanced Burp tooling, and academy-grade lab exam.

Beyond the certificates

Our team has authored CVEs across enterprise software vendors, contributed to open-source offensive tooling, and ranks in the top percentiles on Hack The Box and PortSwigger’s Web Security Academy. We publish research and detection content, and we encourage our practitioners to give back to the community through conference talks and write-ups.

Read more about our published research and tooling on the resource library.