SecurityTube: Javascript for Pentesters

docrice · March 2014

The course starts on 4/5/14:

http://www.securitytube-training.com/online-courses/javascript-for-pentesters/

Early-bird pricing is pretty cheap so I decided to go for it. Not planning for the exam, but just want to go through the videos and exercises when the course is finally released. I feel this is what would have really complemented my SANS SEC542 experience.

Master Of Puppets · March 2014

This seems exciting. If I didn't have other certs and courses on my plate right now, I'd definitely give it a try.

docrice · March 2014

I got a ton on my plate as well, and a month ago I was pretty sure I was going to take a break from any classes or cert prep this year.

I'm starting SANS FOR408 next week via OnDemand, in the middle of working through an online training course for a vendor appliance, and also have FOR508 scheduled in May at SANS Security West. Then at Black Hat during August I have a couple of two-day classes I'm hitting up. The hell with it - if I'm going to dive in, it might as well be at the deep end.

If you're not a JavaScript guy (I'm not) but want to understand pieces of scripts when looking at HTML source, this might be worth it during quick breaks, especially at this price point. Whenever I'm looking at HTTP payloads from an IDS alert, it irks me that I can't really understand the scripting portion that well and assess what's going on clearly. That's one thing that held me back when I took SANS SEC542, because if you understand at least the basics of writing JavaScript, you realize the potential scope of attacks against web apps better.

Master Of Puppets · March 2014

It seems like you're always going pretty hard, done with on thing and on to the other. Very admirable, I gotta say. I'm also always biting more than I can supposedly chew and if I'm not learning something every day, I feel like I'm wasting precious time

Some may call it an addiction but I think it is a healthy one compared to many others out there.

This really seems like a good way to explore web apps and attacks against them. I know languages like C and Python but I am just starting with html and js. This is definitely a skill that makes a difference and I think it will be required even more in the future.

the_Grinch · March 2014

Nice find! I picked it up as I deal with web applications all day at work. Gives me a goal to complete SPSE since this would start till April!

Jinverar · March 2014

I also bought into the course. Waiting for the Zip files now. Should get them shortly.

YFZblu · March 2014

docrice wrote: »

If you're not a JavaScript guy (I'm not) but want to understand pieces of scripts when looking at HTML source, this might be worth it during quick breaks, especially at this price point. Whenever I'm looking at HTTP payloads from an IDS alert, it irks me that I can't really understand the scripting portion that well and assess what's going on clearly.

For this type of thing I just ran through CodeAcademy's JavaScript course and familiarized myself with most common JavaScript functions; as you know, most of the JS stuff associated with badness will be obfuscated anyway - For that reason I also looked into common JS obfuscation techniques.

Just another suggestion for those who don't want to open their wallets right now - I'm sure the training is good though.

the_Grinch · March 2014

Course won't be released till April so you won't receive anything until then.

Master Of Puppets · March 2014

YFZblu wrote: »

Just another suggestion for those who don't want to open their wallets right now - I'm sure the training is good though.

Thanks, I will look into this.

docrice · March 2014

I find Vivek's videos very friendly for me. Every JavaScript book or video I've gone through always seem to expect a prerequisite out of me, but his preview videos assumed a blank enough slate that his approach works for a brain that's been hit by the dumb-hammer enough times. At this point I'll take all the hand-holding I can get.

NovaHax · March 2014

Purchased. The syllabus is short...but I haven't been disappointed by Vivek yet.

amidamaru · April 2014

Purchased here as well. Now hopping to the best preparing to the worst.

NovaHax · April 2014

Yeah...has anybody received the course material yet? I think it was supposed to be this month.

philz1982 · April 2014

I just subscribed sounds fun.

Zoovash · April 2014

Hello,

I just started the XSS challenges module and since there's no official forum associated with this course I was wondering if I could throw in a question about a challenge.
Anyone else started this and is not a beginner like me ?

Thanks!

NovaHax · April 2014

I've got it and do pentesting professionally. Unfortunately, I've got a book deadline and won't be able to get started until next weekend. What's your question though? Maybe I can still help.

shajeer · April 2014

I just enorlled for this security tube javascript for pentesters

Zoovash · April 2014

Thank you very much Nova!
I answered myself this morning in the shower

)
Apparently it was one of those moments when my mind froze and actively refused to think.
I can't stop laughing at how silly my question was

chopsticks · April 2014

shajeer, similarly, I enrolled too

shajeer · April 2014

chopsticks

however , i hanvnt received any update from them about the book/files

chopsticks · April 2014

shajeer, you need to send them an email to notify them that you did not receive their course work yet.

shajeer · April 2014

thanks chopstick..

received on the email..and downloading now..

chopsticks · April 2014

shajeer, oh great! I'm watching the videos now, it's very interesting

SecurityTube: Javascript for Pentesters

Comments