|
millwalll
Guest
|
 |
« on: October 13, 2011, 05:38:00 AM » |
|
HI all,
Can anyone recommended a good online course for web testing?
|
|
|
|
|
Logged
|
|
|
|
|
hayabusa
|
|
« Reply #1 on: October 13, 2011, 07:47:54 AM » |
|
I recently emailed back and forth with Joe McCray. I know he's currently doing a revamp on his 'So You Want To Be A Web App Pentester." Might be worth checking in with him, to see where it stands.
|
|
|
|
|
Logged
|
~ hayabusa ~
"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'
OSCE, OSCP , GPEN, C|EH |
|
|
|
millwalll
Guest
|
|
« Reply #2 on: October 13, 2011, 08:18:35 AM » |
|
Thanks have you done the course ? or has anyone ? what was it like ? I was also looking at mile 2 course Certified Secure Web Application Engineer as they offering 50% off it work out about £170 has anyone done this ?
|
|
|
|
|
Logged
|
|
|
|
|
tturner
|
|
« Reply #3 on: October 13, 2011, 08:27:28 AM » |
|
I'm doing CSWAE now but am not very far into it. So far it looks good except the videos are taken from a live class and there's one student who keeps asking annoying questions.
|
|
|
|
|
Logged
|
Certifications: CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP WIP: OSWP, GSSP-JAVA, GXPN Udacity on hold, again. I suck. http://sentinel24.com/blog @tonylturner http://bsidesorlando.org |
|
|
|
YuckTheFankees
|
|
« Reply #4 on: October 13, 2011, 08:57:42 AM » |
|
I've had heard a lot of people say eCCPT has a really good web pentesting portion. I dont know if you're looking for a cert but incase you're not..you can just take the eCPPT course.
|
|
|
|
|
Logged
|
OSCP in progress
|
|
|
|
impelse
|
|
« Reply #5 on: October 13, 2011, 08:58:18 AM » |
|
ElearnSecurity is a good base web attack training.
|
|
|
|
|
Logged
|
|
|
|
|
YuckTheFankees
|
|
« Reply #6 on: October 13, 2011, 09:02:57 AM » |
|
impelse,
have you took the course?
|
|
|
|
|
Logged
|
OSCP in progress
|
|
|
|
Agoonie
|
|
« Reply #7 on: October 13, 2011, 09:18:02 AM » |
|
I recently emailed back and forth with Joe McCray. I know he's currently doing a revamp on his 'So You Want To Be A Web App Pentester." Might be worth checking in with him, to see where it stands.
I saw that and it definitely looks good. I think he teaches how to go somewhat undetected also. I think the price would be the only thing that holds me back from his course but it is probably worth it. |
|
|
|
|
Logged
|
|
|
|
|
millwalll
Guest
|
|
« Reply #8 on: October 13, 2011, 10:22:47 AM » |
|
Agoonie what was the price of the course ?
I have looked at ElearnSecurity but in order to do the pro course it cost $599 or three payment what work out $650 that is a lot of money compared to the mile2 course at $250 and its only really web stuff I need to learn ASAP.
Does anyone know why with ElearnSecurity if you do the pay monthly its more expensive ? I think this little off putting IMO if it was same price I would be more tempted to do it.
Also does anyone know if you pay monthly do you still get the 5% off ?
Having another certificate would be cool but I am not sure how many companies in the UK would see the value of it.
|
|
|
|
|
Logged
|
|
|
|
|
alucian
|
|
« Reply #9 on: October 13, 2011, 10:32:54 AM » |
|
Depends of your level of knowledge and your budget.
I have done both eCPPT and SANS GWAPT. eCPPT is a very good introductory course, it covers most of the basic stuff and is has execellent presentations.
SANS goes deeper (escpecially for the client side), but it is very expensive.
If you'll pay, I suggest you to start with eCPPT, buy the new book The Web Application Hacker's Handbook, buy a license for Burp pro and you are good to go. After this you'll discover by yourself where you lack knowledge.
Also, after eCPPT, you can do OSCP (I don't see it in your signature). They also have web stuff.
If your company will pay for the course, you can go for SANS.
|
|
|
|
|
Logged
|
CISSP ISSAP, CISM/A, GWAPT, GCIH, eCPPT, OSWP
|
|
|
|
millwalll
Guest
|
|
« Reply #10 on: October 13, 2011, 10:55:11 AM » |
|
alucian
cool burp already have and new hacker handbook already have. I doubt my company will pay as they believe in training in house but for me I prefer to learn from watching video and then trying stuff that why I am looking at doing a course.
|
|
|
|
|
Logged
|
|
|
|
|
lorddicranius
|
|
« Reply #11 on: October 13, 2011, 11:02:23 AM » |
|
I can vouch for eLearnSecurity as well. This is my first course diving into web app pentesting and it's very easy to understand and the forms are active with people who can help if you have questions. Starting my exam within the next 2 weeks, I'll try and write up a review soon.
|
|
|
|
|
Logged
|
GSEC, eCPPT, Sec+
|
|
|
|
millwalll
Guest
|
|
« Reply #12 on: October 13, 2011, 11:17:51 AM » |
|
Cool it does sounds really good will have to think about it but what put me off is face it more if you pay monthly and you don't get the 5% off and money is tight  |
|
|
|
|
Logged
|
|
|
|
|
|
|
millwalll
Guest
|
|
« Reply #14 on: October 13, 2011, 12:39:15 PM » |
|
Ah cool just a little out my price range |
|
|
|
|
Logged
|
|
|
|
|
