SEC542 or SEC617?

docrice

I brought this up a while ago in another thread, but I'm hoping there are more folks around now who might have an opinion on the subject. I'm at the point where I've accumulated enough OnDemand Rewards points to get a free full-length SANS course. 542 or 617 looks about right.

• 542: Web App Penetration Testing and Ethical Hacking (http://www.sans.org/ondemand/description.php?tid=4382)
• 617: Wireless Ethical Hacking, Penetration Testing, and Defenses (http://www.sans.org/ondemand/description.php?tid=4467)

Both would serve me well in my current position, and while I'd love to further enhance my wireless knowledge, I also desperately need to learn the material 542 covers. Perhaps I might practically get more out of 542, but I think I'd enjoy learning about wireless more. One is more focused on upper-layer content while the other deals with infrastructure-level. Achieving the GAWN certification (through 617) would probably be overall easier for me since I have some 802.1X experience, making me GSE-eligible (as if that really matters, to be honest). 542 would bring my understanding of web attacks up from "clueless" to "somewhat-informed."

I won't be taking a full-length course until some time next year as I simply don't have the time for it at the present. There's also the eLearnSecurity Pro course which I still have access to and that covers a lot of the same thing 542 does, but SANS feels like they always give me a lot more.

I'm so torn.

ipchain

I bought SANS 542 not long ago, but to be honest with you, I haven't looked at it yet as I have been preparing for the CISSP exam. I still have access to OnDemand, so I will be able to provide more information in the coming weeks, once CISSP becomes a thing of the past.

Attacks have moved from the network-side of things and are now more focused on web applications and their underlying architecture. So, taking SANS 542 would provide an immediate benefit, at least in my opinion. SANS 617 looks promising, but unless you perform wireless penetration tests periodically, I don't see a benefit in taking it as you already have OSWP.

Have you looked at SANS 660? If I had an option, that would definitely be my choice. Just my two cents - hope you are able to find some value in them.

Stay tuned for more input. On a different note, I am not planning on taking the GWAPT (SANS 542) certification - I simply bought the course for the knowledge, not the certification.

docrice

617 and the OSWP probably don't compare at all to each other. The latter is pretty old material, barely gets into WPA, and doesn't touch 802.1X at all (nor Bluetooth or ZigBee). I like the idea of 542 because it scares me ... which is a good indicator that I would definitely benefit.

660 looks like a massive head crunch. Maybe I should do 560 before 660, even though the course description indicates it's appropriate for 504 alumni.

Good luck on your CISSP exam.

idr0p

I personally liked the GWAPT is was very interesting. I think i learned more from that course then 560.

docrice

As of this moment, I'm leaning towards 542 since it's a sore weak spot in my set of skills. I'll probably get more bang for the buck overall; although this course would be "free" for me, it does cost me in time. I'd probably have to take a few days off to go through the OnDemand material. The question is whether I should consider getting the cert for it.

docrice

Decision made - pulled the trigger on 542. I'm going to attempt the certification in a few months as well. Considering how non-existent my webapp kung-fu is, there's the high probability I'll fail the exam ... but that's not necessarily a bad thing since a slap in the face is sometimes a good reminder of how cold reality is. It'll be a good warm-up to the OSCP if I ever brave myself into doing it one day.

With some days off from work during the last week of the year for the holidays, I should have just enough time to make it through the OnDemand slides. Then it's about going through the MP3s during my commutes and reinforcing the material through its application at work during investigations and session traces. I don't necessarily go in-depth at the app-layer in my day-to-day job, but 542 if anything should give me good context since my company is in that space.

If I somehow manage to pass the GWAPT exam, I'll become eligible for the GSE written exam, albeit in weaksauce form since I haven't submitted a single Gold paper yet. Pretty lame by original GIAC standards since it used to be that you couldn't attain any certification until you submitted a practical. I have a long way to go before I should even consider attempting the GSE anyway.

Moar knowledge for teh brains. It feels like the more I learn, the more stuff spills out of my head and onto the floor.

contentpros

542 is a great course and Kevin Johnson is an incredible instructor! You will not regret this course if you stick with it. I highly recommend this course!

pharmerjoe

How did you find 542 with regards to giving you a foundation in the basics of Web hacking? And do you feel this course pretty much covered everything you would need to learn?

docrice

I'm still roughly three-quarters of the way through the course and been way too busy to stay up on it due to work schedule (and I wonder if I'll even be able to make the exam date). However, I'll say that it's been pretty good so far. It won't make someone like me an overnight expert nor competent to be a web app pentester, but the material has definitely helped me in some ways. I think it would personally help me more if I really knew JavaScript and Python as I'd be able to grasp the potential scope of what can be exploited and provide more thorough context, but the course doesn't require it whereas in the real world, you'd definitely need it.

JDMurray

Does the course use Python to craft the pen testing tools?

And do they also use PHP on the server side? Anyone bothering to learn Javascript on the client side might as well tackle PHP for the server side too.