I just ordered this book l33t5h@rk, hope it's good!

Thanks, I guess I'll do OnDemand then if I ever get the money.

I just found out I'm not going to be a volunteer for GWAPT at SANS in February .  I didn't think I'd make it, but there's always hope.

Oh well, I just ordered the WAHH V2, maybe once I finish that I'll have enough money saved to do the OnDemand version of GWAPT.

What if you just signed up for the OnDemand as opposed to the vLive or something like that?  Does the OnDemand leave out things that are in the live course?  I like to work at my own pace, so if I ever save up enough money for GWAPT, I would probably do the OnDemand.  I have an insane memory, but it only works if I have time to process the information.  Taking the live class I'd learn all the material so fast that I'd probably not retain it that well after the exam.

I came across a lab on eLearnSecurity where you could bypass the restriction by just making sure ".jpg" was in the filename.  I though that was a pretty cool bypass.

So you could try naming the file something like "file.jpg.php" for example.

Yeah, this is kinda the feeling I got when I looked this topic online.


I HATE typing on my phone, I can call and leave a voicemail faster than I can send a text!

My sister just got an iPad from her work (apparently you can't teach 2nd grade without one now--when I was in grade school I think there 10 Apple IIs for the whole school!), and although I personally don't see the appeal for tablets, it got me thinking: has anyone here found a use for mobile devices in pentesting? 

There are quite a number of articles about performing a pentest on mobile applications, but besides one or two interesting projects, I couldn't really find anyone using smartphones or tablets to help perform a pentest.  This is understandable given the limited processing power, but I was just wondering does anyone here have any thoughts or personal experience on this topic?

Never mind, I found a description on the website, looks to be a few new labs from when I did it.

I think there were 10-20 eLS labs when I went through it during my course, I was just wondering how many there are now if anyone knows.

Has anyone gone through all the Coliseum labs for elearnsecurity?  How do those compare?  Are there any other online labs that are perhaps a better value than the WAHH ones?

US

Nope the material is free, the test costs $295.  I think there is also a 2-day training course that costs money but I don't know why you'd take it.

Most of the interviews I've had they've explicitly told me "I can tell you're very passionate" or "you're doing the right things (in order to try to get the experience)", but they still say we're looking for someone with more experience.  Guess I just haven't found the right company yet.


I am doing unpaid work for a startup, I'm not getting a lot of experience, but it's better than nothing.

Which book are you referring to?

Joshsevo, you're lucky like you said.  I haven't been able to find any pentesting jobs that require less than 3 years experience, let alone an internship.  How to get that first job without the 3 years...