My review of eLearnSecurity junior Penetration Tester certification and course
hal9k2
Member Posts: 77 ■■■□□□□□□□
Hi everyone
I would like to share information and my impressions regarding eLearnSecurity junior Penetration Tester (ver. 3) course and exam.
Just a note: This post also participate in review contest. More info under this link: https://community.elearnsecurity.com/topic/4362-the-elearnsecurity-review-contest/?spMailingID=30073417&spUserID=NTgyNDgwNzMxNTQwS0&spJobID=1100772283&spReportId=MTEwMDc3MjI4MwS2
After I acquired CompTia Security+ I wanted to get some "hands on" practice course and certification as I was tired of tests like CompTia is serving where you have to pick A,B,C etc... and you can prepare just from reading books.
Searching through forums and google decided to give it a try for this one, as my ultimate goal is to prepare to get OSCP certification where you also have live practice exam. However for OSCP my current knowledge level is to low but I knew I could give a try for junior Penetration Tester and I wasn't wrong.
Some info about course.
This course teaches you on a fundamental level tools that penetration testers use and various attacks that you can perform using them. You will learn about gathering information, scanning, vulnerability assessment, web attacks, system and network attacks. Few fun tools you will learn are: metasploit with meterpreter, nmap, Nessus, Wireshark, Hydra, John the ripper and many other... Best is that you can practice that by yourself in the lab.
During course you learn from three methods:
1. Slides - where you reading about various topics. They are well prepared, easy to read and topics are very nicely explained.
2. Videos - Where lecturer showing and explains what you just read from slides, by using tools and techniques covered in topic.
3. Live exercises – This is the best part. What you learned from Slides and Videos you now have to do it by yourself. You connecting through VPN to Hera Lab where you have access to vulnerable machines where you can use penetration tester tools to pass the exercise.
Good stuff you will have lifetime access to the slides and videos. Access to Hera lab is limited by hours you decided to buy. But you can always extend.
It is worth mention that if you lack some basic knowledge about networks and programming there are preliminary short introduction courses with exercises about computer networks and programming (C, and Python).
Regarding exam
Exam is only hands on, no tests with multiple answers. You have 3 full days to hack computers in connected network and get required information while keeping notes. After that you need to answer questions like what was the content of file secret.txt or how many XSS/SQL Injection vulnerabilities had that web page. I was little stressed before I started but in overall it took me 8 hours only to get all required information to pass exam. Important fact is that you will not get tasks that were not covered in the course material. So if you followed course carefully with all exercises with understanding then there is no chance you will get stuck.
To sum up PROS and Cons:
PROS:
I would like to share information and my impressions regarding eLearnSecurity junior Penetration Tester (ver. 3) course and exam.
Just a note: This post also participate in review contest. More info under this link: https://community.elearnsecurity.com/topic/4362-the-elearnsecurity-review-contest/?spMailingID=30073417&spUserID=NTgyNDgwNzMxNTQwS0&spJobID=1100772283&spReportId=MTEwMDc3MjI4MwS2
After I acquired CompTia Security+ I wanted to get some "hands on" practice course and certification as I was tired of tests like CompTia is serving where you have to pick A,B,C etc... and you can prepare just from reading books.
Searching through forums and google decided to give it a try for this one, as my ultimate goal is to prepare to get OSCP certification where you also have live practice exam. However for OSCP my current knowledge level is to low but I knew I could give a try for junior Penetration Tester and I wasn't wrong.
Some info about course.
This course teaches you on a fundamental level tools that penetration testers use and various attacks that you can perform using them. You will learn about gathering information, scanning, vulnerability assessment, web attacks, system and network attacks. Few fun tools you will learn are: metasploit with meterpreter, nmap, Nessus, Wireshark, Hydra, John the ripper and many other... Best is that you can practice that by yourself in the lab.
During course you learn from three methods:
1. Slides - where you reading about various topics. They are well prepared, easy to read and topics are very nicely explained.
2. Videos - Where lecturer showing and explains what you just read from slides, by using tools and techniques covered in topic.
3. Live exercises – This is the best part. What you learned from Slides and Videos you now have to do it by yourself. You connecting through VPN to Hera Lab where you have access to vulnerable machines where you can use penetration tester tools to pass the exercise.
Good stuff you will have lifetime access to the slides and videos. Access to Hera lab is limited by hours you decided to buy. But you can always extend.
It is worth mention that if you lack some basic knowledge about networks and programming there are preliminary short introduction courses with exercises about computer networks and programming (C, and Python).
Regarding exam
Exam is only hands on, no tests with multiple answers. You have 3 full days to hack computers in connected network and get required information while keeping notes. After that you need to answer questions like what was the content of file secret.txt or how many XSS/SQL Injection vulnerabilities had that web page. I was little stressed before I started but in overall it took me 8 hours only to get all required information to pass exam. Important fact is that you will not get tasks that were not covered in the course material. So if you followed course carefully with all exercises with understanding then there is no chance you will get stuck.
To sum up PROS and Cons:
PROS:
-
Good course material with superb explanation of the topics. Very easy to read and understand.
-
Good quality videos showing you step by step.
-
Hera lab - access to live network with vulnerable hosts. I really enjoyed this part of learning.
-
Possibility to get printed version of certificate.
Cons:
-
Some material was not updated to the current state, like about scripts in nmap, you had to google by yourself.
-
Flash in slides, while there is button for html5 it wasn't working for me.
-
Sadly this certification is not so well known as other security certs.
I was very surprised how good value you get for the price. I learned in very short time a lot of tools, that before I was just reading about, but most importantly I could use them on other computers without worrying that you can do harm to anyone. If you are like me newbie in IT Security I highly recommend you to buy this course and get real hands on exam. Now I am considering getting more advances courses and certs from eLearnSecurity before I will reach my goal.
Thanks for reading.
Thanks for reading.
Comments
-
Privacy Banned Posts: 9 ■□□□□□□□□□The fact that the review is part of a review contest makes me feel it is biased and written to provide a positive review in the hopes of winning one of the prizes, if you left a negative review I doubt they would love that and award you a prize and highlight the review so everyone will go and read.
Everyone please read with a pinch of salt. -
hal9k2 Member Posts: 77 ■■■□□□□□□□The fact that the review is part of a review contest makes me feel it is biased and written to provide a positive review in the hopes of winning one of the prizes, if you left a negative review I doubt they would love that and award you a prize and highlight the review so everyone will go and read.
Everyone please read with a pinch of salt.
I am sorry if you get such impression, but I can say to you that is a honest review and I am highly recommend this course for all the newbies in IT security willing to learn basics of penetration tools and methodologies.
If it would be a trash then I wouldn't probably bother to make any review after I end the course expecting more advance would be a garbage too. But I really liked it and enjoyed it every part of it. Seriously. Now I thinking hard to buy their more advanced courses but the prices is much higher that the eJPT one.
BTW you can try free version where you have access to slides material, so you can check how clean and clear information they give to you. -
ITSec14 Member Posts: 398 ■■■□□□□□□□I've actually heard that the eJPT course is great from many people, so I don't think there's any bias at all. It may not be a highly recognized cert, but I'd say the knowledge obtained means more anyway.
-
hal9k2 Member Posts: 77 ■■■□□□□□□□I've actually heard that the eJPT course is great from many people, so I don't think there's any bias at all. It may not be a highly recognized cert, but I'd say the knowledge obtained means more anyway.
I fully agree with you. -
JensBada Member Posts: 14 ■□□□□□□□□□The fact that the review is part of a review contest makes me feel it is biased and written to provide a positive review in the hopes of winning one of the prizes, if you left a negative review I doubt they would love that and award you a prize and highlight the review so everyone will go and read.
We are looking for REAL reviews in this, we want to find out where and how we can improve. Any review simply praising our courses without any technical details or without things that could be better has the least chance of winning. We do know that there is always something that can be made better -
VagrantChord Registered Users Posts: 2 ■□□□□□□□□□I know I'm late to this, but any "review" of the course shouldn't be a rehashing of eLearnSecurity's own promotional materials. For instance, these courses are over $1,000 each!
And they have the gall to offer a discounted price of only $7,999 for their all access pass! That's down from already low low price of $14,189, so you know you're getting a deal!
For a relatively unknown training and certification program, that is unbelievable. I would be curious to know who their market is. -
josephandre Member Posts: 315 ■■■■□□□□□□The course reviewed is like 300 bucks.
Obviously they’ve introduced some expensive stuff beyond that, but it’s all relative. They bundle the course/training/lab access/cert together and comparatively it’s pretty in line or even cheaper than other options.
Ceh is now 950 for just the exam.
SANS courses are 6k a pop.
OSCP is about the same but doesn’t offer a beginner level option.
Rastalabs is 200 a month, no cert no training.
Gotta view everything in context -
PC509 Member Posts: 804 ■■■■■■□□□□VagrantChord wrote: »I know I'm late to this, but any "review" of the course shouldn't be a rehashing of eLearnSecurity's own promotional materials. For instance, these courses are over $1,000 each!
And they have the gall to offer a discounted price of only $7,999 for their all access pass! That's down from already low low price of $14,189, so you know you're getting a deal!
For a relatively unknown training and certification program, that is unbelievable. I would be curious to know who their market is.
How much is the CEH plus training? If it didn't come with my school work, I wouldn't have done it. I found little value in it. Definitely not the 1K+ in costs. The eJPT is $399 for the Elite, IIRC, and I am going to take that. It's not the cert I'm after, it's the knowledge that comes with it. It will give me an insight to where I am currently at, teach me some more things, and get me prepared to start the OSCP in the future.
Depending on how that goes, some of those other courses may be great. Also, have you compared other training courses lately? Global Knowledge, Stormwinds, etc. are pretty expensive for a 1 week course without the certification. With that perspective, eLearnSecurity is a pretty good deal. However, they are still lesser known for sure. I haven't taken a class or cert yet (not putting any value on the cert itself yet...).That's a crutch if you're looking for an HR filter on your resume. For actual knowledge, it might be pretty good.