Hi H1t M0nk3y ,

Please tell me they allow you to retake the exam for $60 or you have to take course/VPN again?

If you've already taken the exam once at their official site, then you can just retake the exam for 60$ if that's the current price, and then schedule a new exam. 

I missed this one too.

I'm going to buck the trend and tell you keep trying until you pass

Even if you know the technical material, it seems like there is still room for improvement in your approach/organization/methodology. Further strengthening those skills would like make you a better web app tester as well. Plus, it's not like web app testing is isolated only to the application itself (it obviously could be scoped this way; I'm speaking generally). You'll want to make the most of that PHP shell and demonstrate how damage can really be done. Which report is going to have more impact, the one that shows a screenshot of a shell, or one that shows how that can be used to pivot through and compromise the entire network?

Honestly, I'm really surprised you struggled with this one so much. When we spoke at DefCon, it was obvious you had the right mindset and you weren't just someone who was good at memorizing a bunch of technical details. I think you're very close to passing this, and you're certainly more than capable. Giving up now goes against everything the course stands for. Try Harder!

Also, I'm very well aware of how easy it is for me to say all this without having attempted the exam myself I promise I'll take a stab at it in 2012...