Passed GWAPT
supasecuritybro
Member Posts: 206 ■■■■□□□□□□
in GIAC
To be honest, that was an interesting test. The exam was not straight forward in the sense that it was is this or that, more about knowing how the technologies in web applications work. You really need to focus not getting to know the way web applications work. Knowing the tools and what is the result looks like after you run it is important. The course gets you started but there is a need for some work on your end. Learning the toolset and also how web applications work. Hope that helps anyone going for it.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Comments
-
LonerVamp Member Posts: 518 ■■■■■■■■□□Did you take the SANS 542 course before this, or did you challenge it?
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
JoJoCal19 Mod Posts: 2,835 ModCongrats on the pass and thanks for the tips!!Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Did you take the SANS 542 course before this, or did you challenge it?
I took the course as a work study. It definitely helped the process but I spent some time going over the OnDemand material and some labbing in order to prepare and I still wouldn't say I spent enough time learning the behind the scenes stuff on the technology. Needless to say, I am going to invest time now for a few weeks filling gaps.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
chrisone Member Posts: 2,278 ■■■■■■■■■□Congrats supa! Are the SANS exams just question based? any labs or interactive modules during the test?Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
averageguy72 Member Posts: 323 ■■■■□□□□□□Congrats!CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
-
LonerVamp Member Posts: 518 ■■■■■■■■□□Congrats!
I ask, because I've been feeling weak in web testing attacks and have slated SEC 542 onto my training schedule early next year. Good stuff to know to keep context and scope in mind.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Congrats supa! Are the SANS exams just question based? any labs or interactive modules during the test?Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Congrats!
I ask, because I've been feeling weak in web testing attacks and have slated SEC 542 onto my training schedule early next year. Good stuff to know to keep context and scope in mind.
If I had to choose after getting an intro to web apps, I would do the 642 if you are wanting to learn about attacks more than anything. I think the 542, like 560 is a great starting point (even though advanced) for those topics. They do split up the courses in a good place in order to get the right audiences in each course.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
MalwareMike Member Posts: 147 ■■■□□□□□□□Which course did you like better, sec560 or sec542?Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
Twitter: https://twitter.com/Malware_Mike
Website: https://www.malwaremike.com -
chrisone Member Posts: 2,278 ■■■■■■■■■□MalwareMike wrote: »Which course did you like better, sec560 or sec542?
he mentioned 542Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
MalwareMike Member Posts: 147 ■■■□□□□□□□he mentioned 542
He said "I think the 542, like 560 is a great starting point (even though advanced) for those topics." but didn't specify if he liked one class more than the other...Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
Twitter: https://twitter.com/Malware_Mike
Website: https://www.malwaremike.com -
[Deleted User] Senior Member Posts: 0 ■■□□□□□□□□Congrats on passing! Probably late to the party! Was there an area you wish you would have studied more from your books (SQL Injection, Session management ) etc. Any areas tested heavy (basic, forms authentication) etc.? Anything crazy with HTML injection or python requests library?
-
SaSkiller Member Posts: 337 ■■■□□□□□□□Thanks for the review, interested to see what you mean about understanding how the apps work.OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.