I'm not sure how ready I am for yet more training.  I'm doing vendor training this week, I have another once next months, and I'm taking two classes at Black Hat.  My brain hurts.  Why do I keep doing this to myself...

Its ok for some . I will just about be able to afford the Python Course at the end of the month. It sounds like you have a very supportive company or you have a wide bank account 

This course certainly sounds like it could be an all round competitor for ELS2. I have to admit I have taken ELS1 and that was pretty good for what it was, just cant afford ELS2 and it looks like the Codename Samurai course is the same price so am not taking any of these anytime soon

Do we have an ETA for the review on this course... Jason?

I don't know why people even bother with that garbage; these exams really aren't that difficult. If you hate studying and/or have problems with learning new things, you're in the wrong field.

Thumbs up to this comment.

In the end of the day someone whom wants to cheat will always find a way to cheat, just like a hacker whom has decided to target your organisation for your assets they will always find a way and the best you can do is deter them and make it as difficult as possible. The same principle applies here and ISC2 can only but do their best.

Afterall ISC2 are a business and as far as I am aware they are not a non profit organisation so therefore they are going to start using more easier methods to create business and profitability.

So if you don't want to legitimate gain the knowledge to pass the exam then why bother? I understand there are situations where your company may want you to become qualified and you feel that you have more knowledge through experience etc than the exam will bring that is understandable (and is the case for a HUGE percentage of security folk  ). However, if you do have the knowledge then the exam should be easy for you

I'm actually working and have been working on getting some stuff together a-la Moodle and GoToMeeting to train people but its not based on any cert. More like a "hacking without borders" type of class using Rosetta Stone like methods of penetration testing, forensics and counterforensics all rolled in one. Zero fluff and no re-hashed information but not sure of the appeal it would have since there would be no cert to achieve in taking the course.

Been throwing the idea around for some time, actually made the Moodle site, some modules, and so forth, just been swamped with other training priorities.modules, and so forth, just been swamped with other training priorities.

That actually sounds pretty cool.  Certs are just a bonus to some of those decent technical courses, honestly the main reason I am currently taking eCPPT is just for the knowledge.  In my market it is not that well known of a cert.  But the content is decent and a great way to get a better understanding of the material.

As for what you are trying to do, I think that would be a great way to learn.  Then afterwards the students can take that knowledge back to their current jobs and making their pen tests worth that much more or for the beginners to go and maybe pursue some entry level certs.  I look forward to hearing more about this when you find time in the busy schedule.

This sounds excellent Sil, I really couldn't care less about getting a certificate of any kind, all I could care about is gaining the knowledge from yourself. keep us updated

I haven't heard anything else about it.  I've tried to converse with Joe a few times via email, he's not very responsive at all.  I did get a couple replies after I took a different class he did, but he was supposed to get back to me about resolving the issue with the labs that most everybody in the class was having problems with, but he never did.

While he may do some classes on topics I'm very interested in, the lack of response/support has me hesitant on paying for anymore and looking to spend my money elsewhere.

I totally agree with you and I also took that course. Despite the fact the course was very cheap, it was a bit of a shambles with all the time that was wasted on troubleshooting the VPN issues etc.

Like you say the course sounds really interesting but would have to agree, I have contacted Joe on a few occasions and received nothing so am thinking it would be wise to look elsewhere.

Anyone heard any more about this becoming an online course? I have emailed Joe but received no response

That makes sense and am actually intending to do just those steps. Guess I was curious and wanted to see what you guys thought

Are all of the exploits for the course available in exploit-db and if so are they sanity checked for malicious code? That might sound like a dumb question as I am sure it is likely to be the case, however the reason I ask is because a number of forums explain that exploits in the course will need to be compiled and in some cases "adjusted to fit" in order for them to work.

I am very sceptical about using code from third party sites and wouldn't have thought that the course would encourage downloading code/scripts from these sites? I am aware that any exploits code should be reviewed for any backdoors etc, but you are likely to get people doing the course whom have no idea how to review code and therefore will just use the exploits as they are or is this incorrect?

I have been waiting for the Metasploit Megaprimer .iso to download but it doesnt appear to be available as yet, is vivek still a member on here?

Vivek??

That would be awesome if this course was made available online ... I am going to ping Joe and email now

Congratulations MaXe, it is a great resource and am glad to see you have managed to bring it back online after all the problems you encountered.

This course does look good, although there is no way I would be able to afford to do it as usual 

Has anyone ever taken one of Joe's online courses and if so what was it like?

I would just download the iso at work 

That will be awesome if they do produce a DVD. I only have mobile broadband at the moment so have to be careful on my usage