eLearnSecurity WAPTv3 Journey.

wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6Member Posts: 1,013 ■■■■□□□□□□
Hi.

I am starting this thread to motivate me to finish eWPT this year, I am an IT Support guy, at my current job I don't need penetration testing knowledge, and I am forbidden from trying to use any of the things that I learn.
It is a good paying job, a good team and good company, so I don't have a real incentive to try to change jobs.

I started with pen-testing study back in 2014, what I did in the last 3+ years is listed below:
Note: I like to pay for training :)

2014-Dec-14: Bought Penetration Testing Student V2 (49.00$)
2015-Feb-27: Bought Penetration Testing Student V3 (199.00$)
2015-July-12: Passed eJPT v3 :D (0.00$)
2015-June-30: Bought Web Application Penetration Testing V2 Elite (719.40$)
2016-June-30: Bought Penetration Testing Professional v4 Elite (699.30$)
2017-June-28: eWAPT Lab expired, I bought a 60 Hours extension (249.00$)
2018-May-23: Bought Penetration Testing Professional v5 Elite upgrade (519.60$)
2018-Aug-31: Bought Web Application Penetration Testing V3 Elite upgrade (359.70$)

So in total I paid eLearnSecurity 2,795.00$ in 3 years and only have eJPT, this must change.
Tagged:

Comments

  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,013 ■■■■□□□□□□
    I Finished Unit 1 (Penetration Testing Process) Good general information in that Unit.

    I finished reading Unit 2 (Introduction) and watched the videos, now I am stuck in the LAB.
    It is a little bit frustrating, the Videos are too old referring to Iceweasle (now firefox) and old Firefox plugin FireBug, old versions of Burp Suite and OWASP Zap.

    So, instead of progressing I need to look for ways to do the lab using the updated versions of the tools.

    I will write Back after finishing the Labs with hints on how to use the updated versions of the tools.
  • MalwareMikeMalwareMike GSEC, GCIH, GCIA, GWAPT, RHCSA, WCNA Member Posts: 147 ■■■□□□□□□□
    I've spent quite that amount of money but I definitely have a few courses with them and haven't finished them...I've barely touched them.
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • chrisonechrisone Senior Member Member Posts: 2,070 ■■■■■■■■■□
    If you don't want to feel the sting of paying for something you haven't gotten around to accomplishing yet, I would recommend to make sure you are putting these expenses on your taxes. You should be putting the books and courses you spend for ANY IT related training, on your taxes. I can't believe I went years! without doing this! I plan on getting some type of reimbursement from the government this year as well! I have been doing it for the past 3 years now :) ....stupid me , but I get it back during taxes now.
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), eLearnSecurity: IHRP (completed), eLearnSecurity: THPv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCHTPv2
  • MalwareMikeMalwareMike GSEC, GCIH, GCIA, GWAPT, RHCSA, WCNA Member Posts: 147 ■■■□□□□□□□
    chrisone wrote: »
    If you don't want to feel the sting of paying for something you haven't gotten around to accomplishing yet, I would recommend to make sure you are putting these expenses on your taxes. You should be putting the books and courses you spend for ANY IT related training, on your taxes. I can't believe I went years! without doing this! I plan on getting some type of reimbursement from the government this year as well! I have been doing it for the past 3 years now :) ....stupid me , but I get it back during taxes now.

    Do you have any links to exactly what you are referring to?
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • JoJoCal19JoJoCal19 California Kid Mod Posts: 2,823 Mod
    *Disclaimer: Not legal or accounting advice

    https://smallbusiness.chron.com/training-costs-tax-deductible-43461.html If the training helps you sustain or grow in your current role, you can include it in your taxes it seems. The deduction is not refundable it seems, but reduces your taxable income.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • FluffyBunnyFluffyBunny CISSP, OSCP, CEH, RHCE, GCCC, Pentest+, PSM-1, alphabet soupMember Posts: 96 ■■■■□□□□□□
    JoJoCal19 wrote: »
    *Disclaimer: Not legal or accounting advice

    https://smallbusiness.chron.com/training-costs-tax-deductible-43461.html If the training helps you sustain or grow in your current role, you can include it in your taxes it seems. The deduction is not refundable it seems, but reduces your taxable income.
    Of course, that excludes any training and certs paid for by your employer.

    #StatingTheObvious
    CISSP, OSCP, CEH, GCCC, RHCSA, RHCE, Pentest+, Linux+, PSM-1, alphabet soup...

    2020: Renew RHCE (with EX407), CompTIA CTT+, Autopsy forensics, Purple teaming training
  • chrisonechrisone Senior Member Member Posts: 2,070 ■■■■■■■■■□
    Good luck on the WAPTv3 course, it looks good. I bought the upgrade myself but won't be doing it until late 2019 once SLAE and OSCE is done.
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), eLearnSecurity: IHRP (completed), eLearnSecurity: THPv2 (in-progress)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCHTPv2
  • KhohezionKhohezion Member Posts: 57 ■■■□□□□□□□
    I know that feeling for the second lab. Working on it myself. But I'm dodging Hurricanes where I live so I cannot focus too much time on it...
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,013 ■■■■□□□□□□
    Thanks chrisone and good luck to you.

    I just finished the LAB for Unit 2.

    First, Firebug is no longer available, Firefox Developers tools can be used instead, link below is for good documentation on Mozilla Developer Network to show how to use them.

    To view cookies "Network" tab can be used, but to manage cookies you will need to go to the Toolbox options and enable the "Storage" Tab.

    https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector

    For Burp Suite, and ZAP, you might need to change the ports from default 8080, if other services are using them on your PC port 8080 will not work, so I made Burp 8081 and ZAP 8082.

    Also for OWASP ZAP the two arrow used to control the breakpoints are replaced with a single green circle in the same location.

    Next, I will go through a free 2 Hours Burp Suite course on udemy.

    https://www.udemy.com/burp-suite/
  • Test_studentTest_student Registered Users Posts: 3 ■□□□□□□□□□
    Hi WD40, have you had a chance to compare the WAPTv2 and v3 material?

    I saw that they added two extra modules but otherwise the syllabus looked the same, I'm just wondering if they updated the course material for v3 or it's the same as v2?

    Thanks for the link to the free Udemy Burp course!
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,013 ■■■■□□□□□□
    Hi Test_student,

    As per eLearnSecurity the courses are identical, with the exception of the added modules in v3, so no need to waste time in comparing them.

    I just finished the Burp Suite course and highly recommend it, I had to download virtual box (which is really easy in Linux), learned about WebGoat and had a small tip about xss.

    I bought the instructor's other course for 10$ "he sends a coupon after you complete the free course".
    https://www.udemy.com/webhacking/

    Next: I will start with module 3 and go through the udemy course.
  • MalwareMikeMalwareMike GSEC, GCIH, GCIA, GWAPT, RHCSA, WCNA Member Posts: 147 ■■■□□□□□□□
    wd40 wrote: »
    Hi Test_student,

    As per eLearnSecurity the courses are identical, with the exception of the added modules in v3, so no need to waste time in comparing them.

    I just finished the Burp Suite course and highly recommend it, I had to download virtual box (which is really easy in Linux), learned about WebGoat and had a small tip about xss.

    I bought the instructor's other course for 10$ "he sends a coupon after you complete the free course".
    https://www.udemy.com/webhacking/

    Next: I will start with module 3 and go through the udemy course.

    They still had firebug in the v3 material? That shows you they didn't update the material...now im annoyed I bought V3.
    Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
    Twitter: https://twitter.com/Malware_Mike
    Website: https://www.malwaremike.com

  • Test_studentTest_student Registered Users Posts: 3 ■□□□□□□□□□
    Hi WD40,

    Thanks for the quick response. It looks like I saved $359 then, good to know!

    I'm signing up for the Udemy course later today, thanks again for the info.
  • KhohezionKhohezion Member Posts: 57 ■■■□□□□□□□
    They still had firebug in the v3 material? That shows you they didn't update the material...now im annoyed I bought V3.

    The slides are updated. But the video that came with the slides is not. Can confirm I am on that section now.
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,013 ■■■■□□□□□□
    MalwareMike, I am more annoyed by the annoying music that plays at the start of every Video, Just finish the course maybe the extra modules are worth the 359$, plus if you fail twice you still have two attempts from the V2 course.

    I just noticed that you only have 2 attempts for this, maybe because the exam did not change, for eCPPT there are 2 different exams (Gold and V2 hence the 4 attempts)

    Aah, I hit edit instead of quote and deleted my post ... I am not typing it again ...
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,013 ■■■■□□□□□□
    I finished the Lab, it took 25 minutes, I remember doing it 3 years ago when I bought the course :D.

    Next: Unit 4
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    Can I check are there any links or references to say that we are entitled to more than 1 attempt for the exam for WAPT and ECPPT?
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,013 ■■■■□□□□□□
    Here

    https://www.elearnsecurity.com/certification/ewpt/process
    One of our instructors will carefully review your report and if your findings and the quality of the report is deemed sufficient to pass the exam, you will become an eWPTv1.Should you fail the first attempt, the instructor will provide you with valuable feedback. Armed with this information you will have a free retake to be used within 7 days to upload a new report.The retake time window will begin from the moment you review the examiner's feedback. During this period the exam lab network will be re-opened for further tests. In any case a new report should be uploaded no later than 14 days from the date you receive the first attempt results by email.
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    Beautiful. Thanks so much!

    icon_thumright.gif
  • bedpankhbedpankh LA ISO27001 Member Posts: 4 ■■□□□□□□□□
    Hi, 
    I have enrolled myself in WAPT v3 myself, want to share lab experiences? it would really help me to have someone to discuss them with, otherwise i dont understand if i am doing them right or not. :P 
Sign In or Register to comment.