Passed SecurityTube Linux Assembly Expert (SLAE)
securitychops
Member Posts: 52 ■■■□□□□□□□
After passing the OSCP, much like many others here, I started eyeing the OSCE. Unfortunately, it was pretty clear to me that I was not ready to just immediately jump in as I paused at the second half of the sign up challenge as I had not ever done what they were asking me to do. However, researching other peoples experiences through blogs and thread posts (here on this very forum) I was quickly pointed in the direction of the SecurityTube Linux Assembly Expert (SLAE).
It had been quite a while since I was actively writing any kind of assembly code, however this course really did a great job of bringing me back up to speed quickly and focusing on x86 shellcode. The self paced format was a welcomed change of pace after spending three months heads down on the OSCP, and the final exam format requiring blogging/github really forced me to dig deep into concepts in order to be able to properly explain them.
I learned an absolute ton in this course and would recommend it to anyone who has any interest in learning more about shellcode! After completing it I went back to the OSCE signup page again and this time it took about five minutes to produce the value needed to proceed forward with registration, so this course provided me with exactly the outcome that I was hoping for! As soon as DefCon is over this year I am planning on signing up for the OSCE, but in the meantime I just wanted to give my two cents on why I thought the SLAE was such a good course!
It had been quite a while since I was actively writing any kind of assembly code, however this course really did a great job of bringing me back up to speed quickly and focusing on x86 shellcode. The self paced format was a welcomed change of pace after spending three months heads down on the OSCP, and the final exam format requiring blogging/github really forced me to dig deep into concepts in order to be able to properly explain them.
I learned an absolute ton in this course and would recommend it to anyone who has any interest in learning more about shellcode! After completing it I went back to the OSCE signup page again and this time it took about five minutes to produce the value needed to proceed forward with registration, so this course provided me with exactly the outcome that I was hoping for! As soon as DefCon is over this year I am planning on signing up for the OSCE, but in the meantime I just wanted to give my two cents on why I thought the SLAE was such a good course!
Current Certs : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
Goals for 2019 : OSEE
Goals for 2020 : OSWE
Goals for 2019 : OSEE
Goals for 2020 : OSWE
Comments
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Very cool write up! how long did it take you to study and pass the SLAE? Did you use any other resources during your studies?Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
JoJoCal19 Mod Posts: 2,835 ModCongrats on the pass! Glad to hear it gave you exactly the skills and knowledge needed to do the challenge for OSCE signup. Like chrisone, I'd like to get some more background on your study plan and time for SLAE, as well as any other resources used.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
securitychops Member Posts: 52 ■■■□□□□□□□Thanks y'all, I have been lurking these forums for quite some time now so it is nice to be able to contribute back!
For me the timeline was:
May 5, 2018: Course Purchased
May 6, 2018: Course materials arrived via email (7ish GB download)
July 7, 2018: Sent in final exam (links to blog posts, github, exploit-db submission, etc)
July 12, 2018: Received email congratulating me on passing
The time I spent on this exam was around two months of my spare time, although this course ended up taking a lot more work than I was anticipating. Seven assignments does not really sound like a lot at first, but assignment five and six both had three parts so the exam really ended up being closer to eleven assignments. I also really wanted to understand the material so if I did not understand something I would generally spend as much time as it took to fully understand the instruction(s) (and why they were being used) line by line by line. If I couldn't explain it in detail then I would not move on to the next part.
As for study materials, here is most of what I used:
https://en.wikibooks.org/wiki/X86_Disassembly
https://www.google.com/
One of the main benefits of the SLAE is that every new student generates a new set of resources since it requires all code being written be open source and each blog post to be published online! While I tried to limit the amount of help I would give myself I did on occasion check out a previous students posts in order to get a better understanding of a concept if I was struggling with it. I found that by the SLAE asking the student to provide an in depth analysis to be published online in a blog it really pushed me to make sure I was publishing higher quality results.
Going into this course I had never really stopped and thought much about shellcode, but by the end of it I was able to generate my own shellcode from assembly code that I had written myself and was even able to submit shellcode to the exploit-db that was accepted and added! All in all a wonderful course and was definitely worth the cost for me!Current Certs : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
Goals for 2019 : OSEE
Goals for 2020 : OSWE -
yoba222 Member Posts: 1,237 ■■■■■■■■□□I appreciate your sharing the positive securitytube experience. One of these days I'm going to have to invest the time into one of Vivek's courses.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
the_Grinch Member Posts: 4,165 ■■■■■■■■■■Congrats! It's definitely on my long list of stuff to complete!WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
securitychops Member Posts: 52 ■■■□□□□□□□I posted a fairly in depth reply yesterday but the forum flagged it as possible spam, not sure how to get an admins attention to have it unflagged, but as soon as that happens it should pop up! Also, thanks for the congrats!Current Certs : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
Goals for 2019 : OSEE
Goals for 2020 : OSWE -
chrisone Member Posts: 2,278 ■■■■■■■■■□Thanks for the reply! Sounds like an amazing and fun journey! I think I may have to go for SLAE before I enroll in CTP OSCE.
Thank you for the motivation.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX