eLearnSecurity - Web Application Penetration Testing Course

the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
So I was inspired by N2IT's thread about choosing your specialization and brought the course. It actually helps that they sent me a code for 40% off of the course since I would be a returning student. I start graduate school in about two months so I'd like to have it completed by then. Going to put forth the same effort I did for my CISSP and know that if I do I will have no issues obtaining this cert. I'll post here and on my blog about the progress I make.
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Tagging as I also got the course. I'll be starting it in 20-25 days as I should be done with the MSISA then.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Good luck Grinch and CyberGuy. I want in on this so bad, but I'm already committed to other stuff for the rest of the year (finishing GSEC, SEC503/GCIA in August, CISM) so I can't do it.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Excellent! Nice to have someone else to bounce things off of as I go through the course.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • snowchick7669snowchick7669 Member Posts: 69 ■■■□□□□□□□
    Just received my 40% coupon as well. Super tempted! (I'm actually sitting on the eLearnSecurity checkout page at the moment) Now I just need to work out how to create more hours in the day to do everything I want to do...
  • wd40wd40 Member Posts: 1,017 ■■■■□□□□□□
    I will try to finish my eJPT within a month, so that I can start eWAPT with you guys.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Can't beat that 40% :)
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    ummm, I did received one today and can be used untill 10-Jul-2015. Out of curiosity checked the webinar on release of this new course...Looks interesting and also read Hayabusa's review on ethicalhacker.net, sounds, interesting. But not sure as I'm planning to do OSCP and this shouldn't go waste on buying and leaving aside for sometime.....
    Any idea if we buy now and how long is it valid for ? I will try pinging Elearnsecurity guys......If anyone has already subscribed please do let me know...
    Cheers
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    The training does NOT expire. Buy now, use whenever you want. The lab hours count as you use them. If you do the Full version you have 180 days to take the exam. Elite gets to take the exam whenever, with no expiration for the voucher.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Yeah, $720 for the elite package. I think it's worth it since OSCP doesn't cover web applications so it is definitely a nice compliment.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Went through the first module which consisted of all slides (no videos). It covered what a penetration test consists of, methodologies, and what deliverables would be expect. This section was very well thought out and explained. They point out that the report is an evolving document and is something you should work on as you go. Also, they discuss speaking to your audience and what would be expected at each level (C-Level, IT, Developer). So far so good, I'll keep posting as I go.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    I can attest to the quality. I did it back when it was version 1 and it was good. And I'm sure its only gotten better. Have fun guys.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Nova how was the Mobile App course?
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    Hi Nova,

    Good to see you got eMAPT (eLearnSecurity). I did registered for the course last year and due to my work pressure and travel, couldn't do it. I do still have the material with me....Just need to check with you how was the final exam in it....? Is it similar like eCPPT to test application or Is it different? Please do let me know, I might attempt after my OSCP.

    Cheers
  • unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    cyberguypr wrote: »
    The training does NOT expire. Buy now, use whenever you want. The lab hours count as you use them. If you do the Full version you have 180 days to take the exam. Elite gets to take the exam whenever, with no expiration for the voucher.
    Thanks Cyberguypr, Looks like I have already too much in plate ...will think about it;)
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    The eMAPT course was great. The only shortcoming was that the lab preparation module hasn't been updated from Eclipse to Android Developments Studio. But that's easy enough to adapt to.

    As far as the exam...it was interesting. They give you the .apk file to load an app onto your android testing device. Then you have to write a malicious app that will dynamically exploit flaws in the test app. Unlike OSCP or eWPT (or presumably eCPPT...though I haven't taken it), your final deliverable is not a report. Instead, the final deliverable for the exam is the source code and compiled .apk file for your malicious app.

    To complete the exam...you have to have a decent grasp of both live testing and reverse engineering of the APK.

    Overall, I would definitely recommend the course.
  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    Good luck!
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Thanks! I reviewed a few items in module 2 and it was pretty interesting. Delving deep into the HTTP codes and how the entire process of a web request works.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    NovaHax wrote: »
    The eMAPT course was great. The only shortcoming was that the lab preparation module hasn't been updated from Eclipse to Android Developments Studio. But that's easy enough to adapt to.

    As far as the exam...it was interesting. They give you the .apk file to load an app onto your android testing device. Then you have to write a malicious app that will dynamically exploit flaws in the test app. Unlike OSCP or eWPT (or presumably eCPPT...though I haven't taken it), your final deliverable is not a report. Instead, the final deliverable for the exam is the source code and compiled .apk file for your malicious app.

    To complete the exam...you have to have a decent grasp of both live testing and reverse engineering of the APK.

    Overall, I would definitely recommend the course.

    Thanks Nova, Now it makes sense, I have to learn on reverse engineering, may be after OSCP probably I will think about it....from your reply, I understand it will be only Andriod based though the course covers both iOS and Andrios.... Am I right? Or its just during the exam they may provide any random choice on two OS ?
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    Yeah, the course covers both, but the exam is only Android.
  • unkn0wnsh3llunkn0wnsh3ll Member Posts: 68 ■■□□□□□□□□
    HI Nova, Looks like though the course says iOS/Android, main exam is on Android, probably iOS Pentesting from Securitytube will add value to the career. (sorry, dont want to divert the topic)....icon_cheers.gif
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Went through some more of the material tonight and I definitely need to brush up on my HTML and Javascript before proceeding any further.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    the_Grinch wrote: »
    Went through some more of the material tonight and I definitely need to brush up on my HTML and Javascript before proceeding any further.

    Vivek's Javascript for Pentesters course is pretty good.

    Javascript for Pentesters « SecurityTube Trainings
Sign In or Register to comment.