Cleared GWAPT

myself_hydmyself_hyd Member Posts: 6 ■□□□□□□□□□

I have cleared GWAPT a few days back. I majorly used the SEC542 training material and audio I got as a part of SEC542 course that I took. I believe the SEC542 course audio helped me a lot. I come from Infrastructure Security background and have little experience in VAPT.

My methodology: Listened a couple of hours of audio while I'm outdoor driving/walking/etc. Followed it with reading the corresponding course slides and practising the corresponding exercises within next couple of days. It took me 2 months ON and OFF study to complete the preparation.

I would say the Exam content is 99% from the SEC542 course. The fact that I heard/read/practised the entire course twice made the exam look a bit easier than it actually was. I scored the highest in my first Practice test, the lowest in 2nd practice test (maybe because I got relaxed after seeing my first practice test score), and the real exam result was an approximate average of the two.

Overall I'd rate the entire SANS course and GIAC exam really good. I now feel my PenTest fundamentals are strong enough to kickstart some Web App pentesting. Ofcourse I plan to take the advanced PenTesting class after some experience.



  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats on the pass!!! I've got SEC542 on my radar for next year.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
  • cavijayancavijayan Member Posts: 14 ■□□□□□□□□□
    Congrats !

    How did you do your index ? How many pages was it ?
  • quogue66quogue66 Member Posts: 193 ■■■■□□□□□□
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    I agree that those coming from traditional infrastructure engineering work experience would need some adjustment to see things from the perspective of web applications. 542 was especially more difficult to me than say 503 or 504. In today's world, security engineers need to start covering both grounds and for me it's really starting to stretch my brain thin. I think I managed to eek out a 90% on the exam (I can't recall for sure anymore), but I had to really fight for it.
    Hopefully-useful stuff I've written:
  • Astona917Astona917 Registered Users Posts: 2 ■□□□□□□□□□
    I am taking my GWAPT next week, I have studied and went thru the on line study, books and maybe my index? Any advice?
Sign In or Register to comment.