Starting eLearnSecurity WAPT v3 today

I actually paid for WAPT v3 in 2018, right after they introduced it. I got the Elite version for $700 as part of a promotion. I knew I wouldn't have time to take it for awhile. I finally got to start on it today (was hoping to start sooner). So far, I've downloaded the Module 1 materials: A Penetration Testing Reporting Guide and the WASC Threat Classification V2.00. Both are dated 2010. Very little mention of OWASP. You'd think that these materials would've been updated by now, especially since the course costs so much. I'm hoping that the rest of the materials are a bit more up-to-date. Time will tell as I work through the modules.

Edit: A couple of years ago, I took the eJPT and really enjoyed it. I'm hoping that WAPT turns out to be as good.

Find more posts tagged with

eLearnSecurity

wapt

Comments

chrisone

I just finished all the labs for WAPTv3, going to use the next two-three weeks to refine topics and go over everything again. I was supposed to take the exam this week, but I got a little burned out and lazy since last thursday lol I just didn't feel the confidence and readiness to take the exam. Plus I am still waiting for my IHRP exam results. Its been 3 weeks that I turned in the report.

The material seems to pick up after the introductory modules. It got really heavy once I got into the CMS, NoSQL stuff. I need to review a lot of that. The HTML5, XPATH, Auth and Sess modules were very new to me. The SQLi, XSS modules are good but most people coming from traditional pentesting or CTF courses understand these.

I think you will enjoy the course just push through. It is a lot of content to digest, the labs were fun. I also recommend taking notes on the labs, like if you were going a HTB or OSCP exam. You will need to reference those during the exam.

tedjames

Thanks for your reply, @chrisone Best of luck with your exams!

I appreciate the information. I feel a bit better that the slides have a 2018 date on them. Somebody (might have been you) said that they update the material every three years, so that part makes sense. I was a little disheartened at the start of the first video (HTTP Cookies and Sessions) when they used Firebug, but then I remembered that it was still in use back then.

I've done a bit of web app testing over the last two years, but it's all been at my own agency with the same types of apps. I've also had some other training (Zaid/Udemy, Phillip Wylie's WAPT course, etc.), so I'm hoping this one will put me over the top in terms of expertise. There are a lot of things here that I have not tried, so it'll be fun taking on new challenges and learning new things, especially the database testing. Looking forward to the labs.

And good advice on taking notes. That's what I did for eJPT -- lots of screen captures and dialog. Essentially, I created tutorials for myself based on the lessons/labs and definitely referred to them during the exam. I kept those open on my laptop while testing on my desktop.

It looks like you've been really busy. Can you estimate how much time you've spent on WAPT? I'm hoping to be ready for the exam in August.

chrisone

Yeah its been a very busy and grateful year. Last year was tough for certs due to time and money going to a special event in my life. But this year I have time, money, and focus.

WAPTv3 I have had since v2 days and I have always been on and off with my studies. You could say I have done the first 5-6 modules on and off since v2 with no real commitment to the course. However now I have the motivation to go through with it and properly focus on it and take the exam. I picked up where I left off, did the labs for xss and sqli, then proceeded with the rest of the course as normal (pdf, extra material, labs, challenges). To go through all the rest of the modules was around 3 and a half weeks. I understood everything but truthfully I really need to refine the material before I attempt the exam. I have slacked the past week. So I am targeting the last week of June or first week of July.

Then focusing on some azure and o365 stuff for the next two months july - august. Then end the year with PTXv2, hopefully resting all of December.

tedjames

Thanks again for the information. It doesn't sound like it'll be too time consuming (except for reading those 200+ page PDF slides). I hope the rest of your training goes well.

si20

Best of luck! How is it going?

tedjames

si20 said:

Best of luck! How is it going?

Thanks! So far so good. Yesterday, I finished the first four videos. Some, like the Burp and ZAP training, were review but good. The cookies and same origin policy training was really good. Today, I have to make it through 200+ slides and then do the labs. I'm looking forward to those.