Passed GWAPT

supasecuritybrosupasecuritybro Posts: 206Member ■■■■□□□□□□
To be honest, that was an interesting test. The exam was not straight forward in the sense that it was is this or that, more about knowing how the technologies in web applications work. You really need to focus not getting to know the way web applications work. Knowing the tools and what is the result looks like after you run it is important. The course gets you started but there is a need for some work on your end. Learning the toolset and also how web applications work. Hope that helps anyone going for it.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan:​ eCTHP (paused), CISM, OSCP, AWS
Book/CBT/Study Material:​ Max Power

Comments

  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS CCP, CCSK Posts: 330Member ■■■■□□□□□□
    Did you take the SANS 542 course before this, or did you challenge it?

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS CCP, CCSK
    2019 goals: GWAPT, Linux+, (possible: SLAE, CCSK, AWS SA-A)
  • JoJoCal19JoJoCal19 California Kid Posts: 2,780Mod Mod
    Congrats on the pass and thanks for the tips!!
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • supasecuritybrosupasecuritybro Posts: 206Member ■■■■□□□□□□
    LonerVamp wrote: »
    Did you take the SANS 542 course before this, or did you challenge it?

    I took the course as a work study. It definitely helped the process but I spent some time going over the OnDemand material and some labbing in order to prepare and I still wouldn't say I spent enough time learning the behind the scenes stuff on the technology. Needless to say, I am going to invest time now for a few weeks filling gaps.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ eCTHP (paused), CISM, OSCP, AWS
    Book/CBT/Study Material:​ Max Power
  • chrisonechrisone CISSP, CRTP, eCPPT, LFCS, CEH, Retired Cisco NPs Posts: 1,847Member ■■■■■■■■□□
    Congrats supa! Are the SANS exams just question based? any labs or interactive modules during the test?
    2019 Goals:
    Courses: Real World Red Team Attacks- AppSec Cali 2019 (complete), Active Directory Attacks for Red and Blue Teams Advanced Edition - BlackHat (completed),
    Certs: Certified Red Team Professional - Pentester Academy (passed!), Azure Fundamentals AZ-900 (in progress), Azure Security Engineer Associate AZ-500
  • averageguy72averageguy72 Senior Member Posts: 298Member ■■■■□□□□□□
    Congrats!
    CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS CCP, CCSK Posts: 330Member ■■■■□□□□□□
    Congrats!

    I ask, because I've been feeling weak in web testing attacks and have slated SEC 542 onto my training schedule early next year. Good stuff to know to keep context and scope in mind. :)

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, CCNA Cyber Ops, Sec+, Linux+, AWS CCP, CCSK
    2019 goals: GWAPT, Linux+, (possible: SLAE, CCSK, AWS SA-A)
  • supasecuritybrosupasecuritybro Posts: 206Member ■■■■□□□□□□
    chrisone wrote: »
    Congrats supa! Are the SANS exams just question based? any labs or interactive modules during the test?
    Multiple choice, but it was well done. I liked it.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ eCTHP (paused), CISM, OSCP, AWS
    Book/CBT/Study Material:​ Max Power
  • supasecuritybrosupasecuritybro Posts: 206Member ■■■■□□□□□□
    LonerVamp wrote: »
    Congrats!

    I ask, because I've been feeling weak in web testing attacks and have slated SEC 542 onto my training schedule early next year. Good stuff to know to keep context and scope in mind. :)

    If I had to choose after getting an intro to web apps, I would do the 642 if you are wanting to learn about attacks more than anything. I think the 542, like 560 is a great starting point (even though advanced) for those topics. They do split up the courses in a good place in order to get the right audiences in each course.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ eCTHP (paused), CISM, OSCP, AWS
    Book/CBT/Study Material:​ Max Power
  • josephandrejosephandre Posts: 315Member ■■■■□□□□□□
    congratulations
  • MalwareMikeMalwareMike GSEC, GCIH, GCIA, GWAPT, RHCSA, WCNA Posts: 147Member ■■■□□□□□□□
    Which course did you like better, sec560 or sec542?
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • chrisonechrisone CISSP, CRTP, eCPPT, LFCS, CEH, Retired Cisco NPs Posts: 1,847Member ■■■■■■■■□□
    Which course did you like better, sec560 or sec542?

    he mentioned 542
    2019 Goals:
    Courses: Real World Red Team Attacks- AppSec Cali 2019 (complete), Active Directory Attacks for Red and Blue Teams Advanced Edition - BlackHat (completed),
    Certs: Certified Red Team Professional - Pentester Academy (passed!), Azure Fundamentals AZ-900 (in progress), Azure Security Engineer Associate AZ-500
  • MalwareMikeMalwareMike GSEC, GCIH, GCIA, GWAPT, RHCSA, WCNA Posts: 147Member ■■■□□□□□□□
    chrisone wrote: »
    he mentioned 542

    He said "I think the 542, like 560 is a great starting point (even though advanced) for those topics." but didn't specify if he liked one class more than the other...
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • kMastaFlashkMastaFlash Posts: 1,012Member ■■■■□□□□□□
    Congrats on passing! Probably late to the party! Was there an area you wish you would have studied more from your books (SQL Injection, Session management ) etc. Any areas tested heavy (basic, forms authentication) etc.? Anything crazy with HTML injection or python requests library?
    2018: CCSK
    2019: CWSP,Cloud+,Project+,CASP,PenTest+,CWNA,CCNA Security,GXPN,GREM
    2021: LPIC-2,JNCIS-ENT,eLearnSecurity Courses
  • iotaiota Posts: 21Member ■□□□□□□□□□
    Congrats
  • danGosdanGos Posts: 3Registered Users ■□□□□□□□□□
    Congratulations!
  • SaSkillerSaSkiller OSWP, GPEN, GWAPT, GCIH Posts: 332Member ■■■□□□□□□□
    Thanks for the review, interested to see what you mean about understanding how the apps work.
    OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.
Sign In or Register to comment.