eLearnSecurity Exploit Developer Student - New Course

EnderWiggin

Looks like eLS is pumping out another new offering soon. They're calling it Student, which makes it sound like it'll be a shorter, easier course, similar to PTS. Guess we'll see in a few weeks at the launch.

JoJoCal19

I’m super pumped for this. An entry level exploit dev course is something I’ve been hoping for for a while. 

new2Sec

I am completely soured on els. In May, they were acquired by INE, and since that time, Armando and Jens have left.  This is not the company of old.  Years ago, great reviews and an excellent product. Based on their past few courses, their quality and support has diminished greatly. 

Before, the quality had a chance to be worthwhile. Now with no accountability, we get courses like IHRPv1  

Using a phrase from their Digital Forensics course (Filesystem Analysis-Module 5, p312) What they now offer is frugal manure.

Student level or not. I suggest keeping our expectations as low as possible, so when they fail to meet that, it won't hurt so bad.  
 

JoJoCal19

Oh snap! I didn’t know they were acquired by INE and that Armando was gone. I hope the course is good and not overpriced. Guess we’ll see. 

new2Sec

Yep.
(Sorry, can't post links..)

JDMurray

I have access to INE via my employer, but I haven't seen any eLS courses appear yet. Maybe that content a separate licensing deal that needs to be made.

And Frugal Manure is a great gaming handle. Claim it while you can still be the first to own it!

tedjames

JDMurray said:

And Frugal Manure is a great gaming handle. Claim it while you can still be the first to own it!

Sounds more like a racehorse name. "Coming around the back, it's Frugal Manure for the win!"

chrisone

Official INE statement released last Wednesday 
@new2Sec wasn't lying , even though he is a elearn hater  

https://ine.com/blogs/ine-news-updates/ine-expands-cybersecurity-content-with-elearnsecurity

new2Sec

I am more of an elearn realist.. LOL

Unfortunately, I easily spot their glaring flaws, and hope that they improve. But they don't, they only get worse. 

yoba222

Damn this is terrible news. Please please please eLearnSecurity, don't turn into EC Council!

Edit: Maybe I'm jumping the gun a little. I don't know anything about INE, but I do see they offer an OSCP prep course. Maybe this isn't terrible news.

chrisone

yoba222 said:

Damn this is terrible news. Please please please eLearnSecurity, don't turn into EC Council!

Edit: Maybe I'm jumping the gun a little. I don't know anything about INE, but I do see they offer an OSCP prep course. Maybe this isn't terrible news.

Yoba, they are one of the best trainers for the network field. Their labs were awesome for CCNP/CCIE studies. As you know, studying for those certs require lots of equipment. I am sure you can virtualize many of these labs, but INE has you covered. Many will have their opinions about INE but they have always been one of the main players for Cisco workbooks and labs. 

I trust INE in moving eLearnSecurity to the next level in their business model. 

INE = Strong presence and Experience. 

new2Sec

OMG!!! 
Another incomplete course. What a f-up it was when they conned people into getting the IHRPv1 course....
I am not impressed.
Oh wait... it is windows XP. Now I am impressed. More advanced than I expected...

LOL

Real World?? How many XP machines are out there in the wild??

LonerVamp

Here we are, walking right into the "but the security course is oudated" trope.

I recently saw this post, and I think it addresses this common "issue" with things like exploit dev courses using "old" things: https://connormcgarr.github.io/CTP-OSCE-Thoughts/

Please don't fall into that thinking.

iBrokeIT

new2Sec said:

OMG!!! 
Another incomplete course. What a f-up it was when they conned people into getting the IHRPv1 course....
I am not impressed.
Oh wait... it is windows XP. Now I am impressed. More advanced than I expected...

LOL

Real World?? How many XP machines are out there in the wild??

Your rage and emotions around a previously bad experience are interfering with your ability to objectively assess the new course and is harming your credibility. 

You don't learn the basics of exploit dev by starting in an environment with all exploit mitigations turned on... SANS, OffSec and now elearnsecurity all take the same approach of starting with everything off then introduce them one at a time. I'm actually surprise they are introducing ROP chains in a "student" level course.

JoJoCal19

iBrokeIT and LonerVamp, exactly my thoughts. "outdated" stuff is still extremely helpful in learning the concepts. With a 40% off discount since I'm a current member, it's a no brainer since security researching and exploit dev is my main area of interest.

chrisone

The following is purely speaking out of lack of exploit dev experience. 

The class seems pretty good based off the syllabus.

Not that anyone asked for my opinion but, honestly, this is a subject I probably just want to work based on the books/online turorials I have. 
I have the following books I need to work on, whether they cover the material in the elearn course or not. This to do list below:

Online tutorials

Practical Malware Analysis 

IDA Pro 2nd Edition

Art of Assembly Language, Second Edition

Practical Reverse Engineering 

The Art of Memory Forensics

Practical Binary Analysis

RootKits and BootKits  

I feel I am not ready or in any need for an exploit certification. I would advise not to be entirely influenced by my statement/comment but $1000 with unlimited lab time (although a great deal, especially compared to SANS) I paid around $200-250 at best for the books above (less if you get humble bundle). 

My conclusion is based off money and my state of interest for exploit development. If you have no additional material or just getting started with exploit dev the course seems highly valuable. 

JDMurray

new2Sec said:

Real World?? How many XP machines are out there in the wild??

How many Windows XP computers are still in use as of 2019? - Quora

EANx

new2Sec said:

OMG!!! 
Another incomplete course. What a f-up it was when they conned people into getting the IHRPv1 course....
I am not impressed.
Oh wait... it is windows XP. Now I am impressed. More advanced than I expected...

LOL

Real World?? How many XP machines are out there in the wild??

You'll eventually learn that there is a significant amount of "old" stuff out there and it is often found in modern, large western companies as well. IT professionals often have a heads-down focus on the stuff they support, forgetting there's all sorts of end-points that don't support users. Think about environmental monitoring (HVAC), security monitoring, digital signage, etc. And then if you really want to talk old, think about Linux endpoints and IoT. Personal networking, security and environmental will again be large contributors. Heck, what OS runs the office printer closest to you? When did it last have it's flash updated?

SecretUser

Did anyone buy the course already? How are the materials? I'm still deciding on whether to buy this or just download the syllabus and self study. 

chrisone

The course was just released 3 days ago. Not all the materials have been released as they are releasing sections of the course & labs every 2 weeks. So you could not get an honest review anywhere. 

If you have previous experience with elearnsecurity and its positive, you trust the authors, you trust the parent company, you like what you see in the syllabus, you liked what you saw in the webinar, you have no dev exploit materials, then probably look into the course. 

You could also research other dev exploit courses, wage the price tag, compare syllabus', check what others are saying about the other offerings. 

Here at TE, some of seem to think the syllabus is not bad, the price is fair if not better than most. The course is not recognized as of yet, but elearnsecurity is growing fast (Especially if INE was focused on buying them out).

iBrokeIT

SecretUser said:

Did anyone buy the course already? How are the materials? I'm still deciding on whether to buy this or just download the syllabus and self study. 

https://www.pentesteracademy.com would probably be the route to go at a much better price point if you aren't interested in the cert.

SecretUser

I have a subscription to pentesteracademy and I know that they have a Win32 Buffer Overflow course as well as a lab platform (attackdefense). I do remember Vivek mentioning that he was going to release more buffer overflow videos in the future, but that was a long time ago. 

chrisone said:

The course was just released 3 days ago. Not all the materials have been released as they are releasing sections of the course & labs every 2 weeks. So you could not get an honest review anywhere. 

If you have previous experience with elearnsecurity and its positive, you trust the authors, you trust the parent company, you like what you see in the syllabus, you liked what you saw in the webinar, you have no dev exploit materials, then probably look into the course. 

You could also research other dev exploit courses, wage the price tag, compare syllabus', check what others are saying about the other offerings. 

Here at TE, some of seem to think the syllabus is not bad, the price is fair if not better than most. The course is not recognized as of yet, but elearnsecurity is growing fast (Especially if INE was focused on buying them out).

I do have experience with eLS. I have the eJPT, eCPPT, and am currently working on their eWPT course. The quality of these three courses is great in my opinion. I also bought their IHRP course when it came out but the quality of that course wasn't as good as their previous courses, so I ended up returning that course. I trust INE, but I was hoping to see a review of the quality of the XDS course before buying it. Also, I thought that Don said that the course was complete and it was just the extra labs that we have to wait 2 weeks for. 

chrisone

SecretUser said:

. Also, I thought that Don said that the course was complete and it was just the extra labs that we have to wait 2 weeks for. 

You may be right. I guess you may have to wait or take a leap of faith? I enjoy elearnsecurity courses, I have the IHRP, haven't cracked it open yet, I don't feel like returning it either. 

Speaking of INE, I wonder if they are going to still honor or keep the full lifetime course upgrade access if you pass any of elearnsecurity's training paths. 
"If you complete a path by obtaining all the certifications in it, you'll receive lifetime course-updates for those courses at no cost. More details in the F.A.Q." 

SaSkiller

The course was just released 3 days ago. Not all the materials have been released as they are releasing sections of the course & labs every 2 weeks. So you could not get an honest review anywhere.

Yeah that's a stupid idea IMO, and surprise, by the time all the material is released, the sales (currently good through the end of the month) are over, and they've gotten their money.

I found myself disappointed that they are still so focused on slide decks vs video content. 1000+ slides and 2 hours of video I think they said?

Also they haven't released a course video yet. I should have just recorded the launch. I was really hoping to get an idea of how much programming was essential to the course and what would be covered. Did anyone get that?

Now with no accountability, we get courses like IHRPv1

What happened there?

As far as their acquisition by INE, I will say I like the OSCP prep course overall. I also wasn't a big fan of Armando's way of doing things, they actually nearly turned one of my friends away from ELS. They had a policy of "not responding" to queries about discounts. "This is an industry standard", no it's not. Even if you aren't giving them, you can send a pre-canned email, you don't not respond to potential customers.

jeremy_dfir

From their syllabus, on Linux they went all the way from fundamentals to advanced techniques and bypassing "modern"/current mitigations like NX/DEP, ASLR, Stack Cookie etc. (inluding x64) and on Windows they went all the way to Win7 ROP. For the price i consider it a very "cool" course. I say cool because i am not qualified enough to judge it (i am a blue team guy). The little hours of video would bug me too to be honest, but they have 19 labs on the other hand.

PS: I have two of their certifications already, so you can consider me a fan boy.

chrisone

Its fair to say they are a young company trying to make a big impact with plans and ideas for massive growth. They try to cover most bases of security topics. It is not easy and finding the correct instructors is very difficult.

They are not the very BEST and with such a large footprint to cover in security some areas will be thinner than others. Some courses will be newer & less thorough than others as they plan to map out upgrades to courses from listening to clients and members.

You can pretty much hear it from any forum, about any security course, that they suck or that someone is unimpressed about (insert your bad experience here with course xyz).

yoba222

I'm starting to think that the IHRP was rushed to market to sweeten up the acquisition by INE and this is also possibly one of the reasons why ELS has been perceived as chopping up certs. Hopefully now that the acquisition is done, they'll get back to quality and fast track a v2 for IHRP. No idea on how valid my theory is, but I suspect the exploit dev course may have been rushed too. And I'm about to propose doing the eCPPT to my employer.

SaSkiller

"I'm starting to think that the IHRP was rushed"

What are the details of this, how bad was it?

jeremy_dfir

There is a dedicated post on IHRP, my opinion is on the last page.

I was perfectly fine with the course to be honest. Still applying what I found there in my day to day activities.

There are also great reviews about the exam on LinkedIn and Twitter.

SaSkiller

For future reference the thread is here:

https://community.infosecinstitute.com/discussion/134275/elearnsecurity-ihrpv1-incident-handling-and-reponse#latest

boonboon

I was with the course last month but I didn't finish it. The contents in the course material sometimes are off or not connected slide to slide.