eLearnSecurity - Web Application Penetration Testing Course
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
So I was inspired by N2IT's thread about choosing your specialization and brought the course. It actually helps that they sent me a code for 40% off of the course since I would be a returning student. I start graduate school in about two months so I'd like to have it completed by then. Going to put forth the same effort I did for my CISSP and know that if I do I will have no issues obtaining this cert. I'll post here and on my blog about the progress I make.
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
Comments
-
cyberguypr
Mod Posts: 6,928 Mod
Tagging as I also got the course. I'll be starting it in 20-25 days as I should be done with the MSISA then. -
JoJoCal19
Mod Posts: 2,835 Mod
Good luck Grinch and CyberGuy. I want in on this so bad, but I'm already committed to other stuff for the rest of the year (finishing GSEC, SEC503/GCIA in August, CISM) so I can't do it.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Excellent! Nice to have someone else to bounce things off of as I go through the course.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
snowchick7669
Member Posts: 69 ■■■□□□□□□□
Just received my 40% coupon as well. Super tempted! (I'm actually sitting on the eLearnSecurity checkout page at the moment) Now I just need to work out how to create more hours in the day to do everything I want to do... -
wd40
Member Posts: 1,017 ■■■■□□□□□□
I will try to finish my eJPT within a month, so that I can start eWAPT with you guys. -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Can't beat that 40%
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
unkn0wnsh3ll
Member Posts: 68 ■■□□□□□□□□
ummm, I did received one today and can be used untill 10-Jul-2015. Out of curiosity checked the webinar on release of this new course...Looks interesting and also read Hayabusa's review on ethicalhacker.net, sounds, interesting. But not sure as I'm planning to do OSCP and this shouldn't go waste on buying and leaving aside for sometime.....
Any idea if we buy now and how long is it valid for ? I will try pinging Elearnsecurity guys......If anyone has already subscribed please do let me know...
Cheers -
cyberguypr
Mod Posts: 6,928 Mod
The training does NOT expire. Buy now, use whenever you want. The lab hours count as you use them. If you do the Full version you have 180 days to take the exam. Elite gets to take the exam whenever, with no expiration for the voucher.
-
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Yeah, $720 for the elite package. I think it's worth it since OSCP doesn't cover web applications so it is definitely a nice compliment.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Went through the first module which consisted of all slides (no videos). It covered what a penetration test consists of, methodologies, and what deliverables would be expect. This section was very well thought out and explained. They point out that the report is an evolving document and is something you should work on as you go. Also, they discuss speaking to your audience and what would be expected at each level (C-Level, IT, Developer). So far so good, I'll keep posting as I go.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
NovaHax
Member Posts: 502 ■■■■□□□□□□
I can attest to the quality. I did it back when it was version 1 and it was good. And I'm sure its only gotten better. Have fun guys.
-
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Nova how was the Mobile App course?WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
unkn0wnsh3ll
Member Posts: 68 ■■□□□□□□□□
Hi Nova,
Good to see you got eMAPT (eLearnSecurity). I did registered for the course last year and due to my work pressure and travel, couldn't do it. I do still have the material with me....Just need to check with you how was the final exam in it....? Is it similar like eCPPT to test application or Is it different? Please do let me know, I might attempt after my OSCP.
Cheers -
unkn0wnsh3ll
Member Posts: 68 ■■□□□□□□□□
Thanks Cyberguypr, Looks like I have already too much in plate ...will think about it;)cyberguypr wrote: »The training does NOT expire. Buy now, use whenever you want. The lab hours count as you use them. If you do the Full version you have 180 days to take the exam. Elite gets to take the exam whenever, with no expiration for the voucher. -
NovaHax
Member Posts: 502 ■■■■□□□□□□
The eMAPT course was great. The only shortcoming was that the lab preparation module hasn't been updated from Eclipse to Android Developments Studio. But that's easy enough to adapt to.
As far as the exam...it was interesting. They give you the .apk file to load an app onto your android testing device. Then you have to write a malicious app that will dynamically exploit flaws in the test app. Unlike OSCP or eWPT (or presumably eCPPT...though I haven't taken it), your final deliverable is not a report. Instead, the final deliverable for the exam is the source code and compiled .apk file for your malicious app.
To complete the exam...you have to have a decent grasp of both live testing and reverse engineering of the APK.
Overall, I would definitely recommend the course. -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Thanks! I reviewed a few items in module 2 and it was pretty interesting. Delving deep into the HTTP codes and how the entire process of a web request works.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
unkn0wnsh3ll
Member Posts: 68 ■■□□□□□□□□
The eMAPT course was great. The only shortcoming was that the lab preparation module hasn't been updated from Eclipse to Android Developments Studio. But that's easy enough to adapt to.
As far as the exam...it was interesting. They give you the .apk file to load an app onto your android testing device. Then you have to write a malicious app that will dynamically exploit flaws in the test app. Unlike OSCP or eWPT (or presumably eCPPT...though I haven't taken it), your final deliverable is not a report. Instead, the final deliverable for the exam is the source code and compiled .apk file for your malicious app.
To complete the exam...you have to have a decent grasp of both live testing and reverse engineering of the APK.
Overall, I would definitely recommend the course.
Thanks Nova, Now it makes sense, I have to learn on reverse engineering, may be after OSCP probably I will think about it....from your reply, I understand it will be only Andriod based though the course covers both iOS and Andrios.... Am I right? Or its just during the exam they may provide any random choice on two OS ? -
unkn0wnsh3ll
Member Posts: 68 ■■□□□□□□□□
HI Nova, Looks like though the course says iOS/Android, main exam is on Android, probably iOS Pentesting from Securitytube will add value to the career. (sorry, dont want to divert the topic)....
-
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Went through some more of the material tonight and I definitely need to brush up on my HTML and Javascript before proceeding any further.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
NovaHax
Member Posts: 502 ■■■■□□□□□□
the_Grinch wrote: »Went through some more of the material tonight and I definitely need to brush up on my HTML and Javascript before proceeding any further.
Vivek's Javascript for Pentesters course is pretty good.
Javascript for Pentesters « SecurityTube Trainings
