Nice! Congrats on the promotion.

Not sure regarding the competitor situation. I don't think they'd be that harsh! Hopefully someone gets back to you. Surprising situation I haven't heard anyone else go through.

-Kris

Hey matugm,

Welcome to the forums! I think I saw your name on the eLearnSecurity forums too. I haven't heard of anyone experiencing these type of issues but I am aware that they recommend that you don't use a non-free e-mail address when contacting them. Are you contacting them from a yahoo or hotmail e-mail address? I personally used my school e-mail when I signed up for the course.

Check here. Not sure if this is the issue or not just throwing out ideas. You should at least be  able to get a hold of someone through IRC.

Sorry to hear of your issues.

-Kris

Hey terro,

Welcome to the forums!

I think it's definitely possible depending on how much time and effort you put into it! The course is aimed for audiences with 0-3 years penetration testing experience. Your given a good amount of time to go through the course material before you go for the certification challenge. I think it's good you have the development background - it helps in the field. The certification challenge is a web-application pen-test and even if you didn't have a few tricks up your sleeve like you mentioned, the Web-App Section in the course is explained in detail enough to where you'd be able to get there.

Your going to learn a lot of cool stuff, especially if your new. The hardest part of the challenge was the reporting! The Penetration Testing Reports thread will come in very handy here. eLearnSecurity has even recently released a Web Application Security Lab for their students and if you manage to complete those, you'll feel prepared for the exam. Incase your ready to endure some more web-app hacking, test your skills against the Vulnerable Web-Applications here.

There's tons of resources in the course including a forum area, and personal e-mailing (Armando e-mails back in a very timely manner). Plus there's our board here where a few eCPPT certified folks + current eLS students participate and were glad to pitch in our 2 cents.

p.s - don't forget the 5% discount ethicalhacker.net members get here

Kris

Hey birdofbeauty11,

Welcome to the forums!

There was a review written here awhile back on the eLearnSecurity course. It's attracted a lot of attention as being dubbed, 'What the CEH should have been'. I've taken the course last year and they seem very open to course suggestions because they're always looking to tailor the course to students demands. They've even opened a feedback area for the eLS PTP Pro course here. The eLearnSecurity folks have added a lot to the course since that review was made and even a few more modications since the eCPPT's on this board have taken the course.

I'm personally aware employer wise, employers know the C|EH certification over the eCPPT certification currently - but as you mentioned you would be starting with the student version as oppose to the Pro course which I don't think the student course comes with the certification attempt. I haven't taken the C|EH training but I can throw out a couple obvious differences between the eLearnSecurity Penetration Tester Pro courses and the C|EH:
1. C|EH written Exam vs. eLearnSecurity's Practical Hands-On Web App Pen-Test + Report Exam
2. C|EH's focus towards introductory usages of tools vs. eLearnSecurity's in-depth sections of material (the Web-App Security section is very-well put together!)
3. eLearnSecurity offering a 5% discount to ethicalhacker.net members which can be redeemed here
4. eLearnSecurity offering a 7-day risk free guarantee
and the list could go on and on by taking the time to read and compare user's reviews of C|EH vs ELS through the eCPPT section here, and the C|EH section.

Either route you choose to go, your bound to learn something new that'll benefit your career. Good to see you aboard - if you have further questions, don't hesitate to ask!

-Kris

Hey xsurf,

Welcome to the forums.

That's a good question. Last time they updated Pentesting with BackTrack was last year in March. According to the BackTrack wiki page, that's a couple months after the initial release of BT4. I'd take a guess and assume they're going to update it for BT5 . You should send over your questions over to their Contact Form and wait to hear an official answer.

I can only imagine how much fun PWB v4 can be. Plus upgrades between versions for existing students are kept affordable. If you get an official answer from them, please let us know!

When you sign up for a start date and your approved to take it, on the course begin date you receive an e-mail giving with links to the Lab guide and Course Video contents. Your also given credentials and instructions with how to connect to the student network. The days you pay for the course control how long you have access to the offsec lab environment to practice in.

hey lblake,

welcome to the forums!

You seem to be leading more towards the OSCP course than the others you listed off. I think it's a big plus you've had years with programming and linux.


If you were really aiming for PWB, I'd suggest taking the time to familiarize with some penetration testing. Maybe build a home lab to practice in. I think if you walk in having little familiarity with some of the tools in BackTrack your lab days get spent learning the syntax usages as oppose to getting your hack on. 90 day option is great, you'd learn a ton but it's best to get comfortable with what your going to be using in the course before signing up for it - especially for the OSCP course!


eLearnSecurity is as hands-on as you make it. I took the pro courses which came with tons of interactive slides, labs attached to the slides for you to do at your own pace, and video demos. To get the most out of the course, I'd suggest going through and completing all of the labs. Plus they're only working on making their courses better. Check the link below to see what the folks at eLS are working on getting into the course (if they haven't added it in already):
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6872.0/

Some more positives about eLearnSecurity, EthicalHacker members get a 5% discount here. Your also given 120 days to go through the course which is great and gives you a lot of time to get things done.

Can't really speak for Hacking Dojo or SANS except all of the training vendors you listed off are great. SANS certifications are well respected in the industry but they're quite pricey!


This is a field where you need the experience and the certifications/education to get hired. I'm OSCP and eCPPT certified but I'm far from being ready to pen-test in an enterprise environment.

In my opinion, I'd say go the eLearnSecurity or HackingDojo route. These will give you a solid foundation then maybe you could venture off into PWB even more prepared.

@Jamie.R - Nope, but for the past couple of years, a month is usually chosen to be an Offensive-Security seat giveaway. Last year up to 5 people were chosen to participate in PWB, CTP, and their WiFu courses for free. When that month comes the board will be booming like never before!

hey satish.lx,

Welcome to the forums!

These are good questions that I don't 100% know the answers to but I'm going to take a random educated guess at them.

My guess would be yes simply due to the fact that the certification examination requires you to have an OSID and password. Not only that, but I don't think the off-sec guys would put at risk the possibility of having the final certification examination challenge exposed by someone willing to pay the $60.00 listed for the 'Certification Retake'. I could definitely be wrong though; I've never seen someone pass the Examination or Take it without being a PWB student.

As far as I know, the examination is only offered online to students. The examination is not your casual written test. It is a hands-on prove your abilities type exam that takes place in a secluded environment which the off-sec folks give you credentials to VPN into. It is not tied directly to any specific location or city.

You should take a look at the costs here. I doubt they offer just an exam challenge attempt for a fee.

If you'd like official answers you may want to contact Offensive-Security through their Contact Us Form or by PMing one of the mods in their IRC Channel. Last time I checked they're located on Freenode in channel #offsec

Cheers,

-kris

I'll try to help out as much as I can with this by giving my personal experience with one of the colleges you listed off.


I'm a current student at the school, and I'll tell you that the current cost of each class is priced at $1,972.00. It's also worth noting that when I signed up in 2009, the cost of each class was $1,472.00. The positives if any that I could say regarding the school is that the Career Service folks really try to get your resume out to local companies to find you a job. This happens to be later on down the road though when your just about done in your program. I know currently the school requires you to take their Associate Program Computer Networking Systems before you enroll into the Bachelor Program of Information Systems Security like you mentioned - so you'll be starting there.

Financial aid is readily available for those who qualify. In my opinion, it's really needed here since it's a for-profit school and the prices of classes are extremely high. Just throwing out another positive here regarding this school is your allowed to 'Test-Out' of classes. A Test-out is basically taking the final of a class your wanting to challenge out of, prior to sitting in the class. If you receive a proficient grade of 70% or better you get what's called a Credit By Examination. If you can do this successfully, you won't have to take the class or pay for it.

The school has it's more negatives than positives which I won't publicly mention on the board. PM me if your interested in that info. Just pitching in my 2 cents, hope any of it has helped.

Regards,

-kris

Hey nyx,

Welcome to the forums!

When I enrolled in PWB v3 last year, I paid for 60 days lab access and even went back to purchase additional days after that. Around that time I was giving lab more than 3 hours a day, but out of the paid days, I may of missed a couple.

I'm with WCNA, you may want to spend as little money as possible, but if your going to be giving it 3 hours a day, You may want to consider the 60 or 90 days. The labs are huge! Over 50 machines spread out across 4 subnets to hack away at! Mix that in with the time it takes to do the exercises, extra-mile exercises, documentation, reading over the pdf, going over the 8 + hours of course videos, working on the official report...your going to have your hands full big-time.

If I recall correctly, I think in PWB v2 or OffSec 101 they had posted that the course content will be at least 40 hours long. It's expanded out a lot since then - I remember when I was in the course, PWB almost becoming a lifestyle believe it or not. The course was full of some pain, but remained fun and addicting. I was like yourself thinking, "I'm going to put 5 hours in on labs today", but in reality I'd spend a lot more time in there then I had planned; but it all worked out for the greater good!

Anyway, good luck on making the right decision, there's a few of us that have our OSCP certs on this board, hopefully you'll hear their input before you officially pay for the course.

Cheers,

Kris

hey jamesb7555!

Chances of you asking that question makes the chances of you being hired for that position slim. This would make us wonder if you had permission at all to go about performing this test. We don't condone illegal activity here, welcome to the EthicalHacker Network.

-Kris

Glad I could help in a timely manner. I'm browsing the forums all day trying to find where I could throw my 2 cents in. Good to see the community grow 1 more active member stronger.

Cheers,

-Kris

Failed my first attempt too - no worries.

They're really informative on what you missed on your first submission and you should have little problem getting in your second submission.

Keep us updated!

-Kris

Hey MadCoder,

Welcome to the forums.


The whole training process entails the course being presented in interactive slide form. Additionally there are exercises you can replicate based off the slides and the resources are given in slide attachments. eLearnSecurity even has video tutorials throughout the course that explains tool demonstrations and usages. Student forums are provided where other students and instructors interact and help you when you have questions.

There are a couple course reviews in this section on the Forum:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/board,96.0/

My Review here talks about my experience through the course and I try to compare/contrast the course with Offensive-Security's Penetration Testing with BackTrack v3 course.

You should be able to retain the information in the course by going through the exercises. I would suggest going through the slides and replicating the exercises for it to stick a lot better. I'm personally the kind of person where the more I do something, the more it sinks in - even if I have to do it 200 times before it actually sticks. You have way more experience than I do, I think your experience will only benefit you more walking in.

Can't exactly answer this question, I know a lot of certifications and courses are over-priced, eLearnSecurity comes to the scene relatively affordable courses geared toward the novice in pen-testing. The course is aimed at people with 0-3 years in the field (Read Jason Haddix's Review) - and is still very new to 'the scene'.

I think the course would benefit you if your very new to pentesting. If you plan on going with the PRO course and get a chance to take on the certification challenge, I think you'll have tons of fun and it is very do-able in the amount of time they give you. The required report you would write would make you feel like you have gotten your feet in the door even more.

There's a couple of us on this board that have been through the course, don't hesitate to ask for help!

-Kris