Passed GWAPT

Finally took the exam this Monday morning just before voucher expires tomorrow end July. I took SANS 542 course in March. My practice test scores were 79% and 86% respectively. First practice test was taken closed book, i.e. I did not refer to my course materials. Spent about 1:10 hours and passed with 94%

To be honest, the exam was not difficult if you know HTML, JavaScript and SQL; i.e. you have programming background. Which I did due to past experience as database admin writing stored procedures and optimizing SQL queries; and as a web application developer writing server code and more importantly writing and troubleshooting client script code. There were questions about tools, which you can easily find the answers to from the course materials.

Overall SEC542 is a good course to get web developers trained on security. Don't think I can be a web penetration tester yet. Think I will try eWPT next.

Find more posts tagged with

Comments

636-555-3226

Agreed. I walked away with my GWAPT saying it's a great course to introduce someone to hacking web apps, but I'd never take the class thinking it's going to set me up to be a l33t hax0r. a starting point if you're looking to move into web app testing - definitely, but nothing that's going to make you an expert by any stretch of the imagination.

JoJoCal19

Congrats on the pass man! GWAPT is one I'd love to do.

Mike7

Thanks! Got my GWAPT digital badge within an hour of passing, GIAC Advisory Board invitation before 9 am EST Monday morning, and Advisory Board badge before 5 pm EST. 2 badges to add to my LinkedIn within 24 hours after passing.

Jasiono

Ok, question for you in regards to your skill set now post cert.
Do you feel as though you have learned enough to be able to assess a web application if your employer came to you and asked you to test a web app that they developed?
How heavily, if at all, was Burp Suite used?

markmorow

You use Burp Suite in the class quite a bit. I think you would have a good base to do what you want to do.

Jasiono

Very nice, thank you!

To the OP - My apologies, where are my manners! Congrats on the pass!

MalwareMike

I take the test on August 18th, thanks for the good info.

Mike7

What markmorow said. I would ask employer to purchase Professional license for Burp Suite as the community edition has certain limitations with regards to speed and features. And just to add, my trainer Hassan El Hadary demonstrated bug bounties where he was able to find vulnerabilities using professional features of Burp Suite.

Jasiono

Yeah, we use Burp Suite Pro at work now, among 2 other tools, so I was curious. This will help me immensely.