SANS Python for Pentesters in beta

[tturner]

Check it out, it's a 5 day course and includes a copy of http://www.amazon.com/Violent-Python-Cookbook-Penetration-Engineers/dp/1597499579  - http://www.sans.org/course/python-for-pen-testers

[azmatt]

The real loser here is my savings account.

[lorddicranius]

I wonder how the class will compare to SecurityTube's Python class (http://securitytube-training.com/online-courses/securitytube-python-scripting-expert/), because I'm sure it won't be cheaper haha

[ajohnson]

Man, that's kind of underwhelming. Two days are spent on Python basics, and the last day is exercises? Most of the foundation items are covered for free in Google's two-day Python course: http://code.google.com/edu/languages/google-python-class/

The SPSE covers the vast majority of these topics, and additional items, such as RE and scripting Immunity. The book appears to fill in the gaps, and includes additional content as well.

That's a huge expense to have someone teach you a subset of a $30 book. The value I see in other SANS courses is the relatively large amount or original/unique content. There's no way I could personally justify this.

[hayabusa]

I'd have to agree with ajohnson...

While there are some SANS courses I see value in, I can't personally see or justify the cost associated with SANS courses, for this python course.

SPSE has been good (as far as I've had time to go through it), and is far cheaper, and I still plan to buy a copy of Violent Python, anyway.

[tturner]

Keep in mind 2 things.

One, SANS markets courses at the lowest common denominator to maximize attendance, which in security means non-coders. They have to cover basics here and will probably never have a 500 level course that requires substantial knowledge coming into the course. If this course does well for them I'd expect to see a more challenging 600 level or perhaps 1 or 2 day advanced courses in the future.

Second, this course is beta, and they very frequently make changes from beta to live and often even a year or two after going live sometimes make sweeping changes. If they see that people are not buying the course because of this they will shift gears. If however a bunch of people without experience sign up then we will just have to wait for the more advanced course.

Personally I think SPSE is the better value by far but with Mark Baggett at the helm I'm expecting some pretty great stuff from this course as well. I plan on doing both but I probably won't do the SANS course until they work the kinks out. That usually happens by the time they have the cert. GPYP maybe?

Did anyone here take Joe McCray's Python course earlier this year? http://strategicsec.com/services/training-services/classroom/python-for-security-professionals/ Anyone know if he's doing another run of it?

[hayabusa]

Missed Joe's, and like you, perhaps IF they get a more advanced course, down the road, and the pricing is decent, MAYBE I'll take a look.  (But you're right, in that SPSE is considerably more affordable, even for beginners, and the beginning sections are pretty good primers, for folks who have done 'no' major python coding)

I agree, with Baggett at the helm, it should at LEAST be a good course.

[ajohnson]

Just to be clear, I wasn't implying the course would be poor quality. It just seems like a waste to spend two days on such basic material. I realize the courses are designed for broad appeal, but other 5xx courses have some teeth to them.

If you look at the SPSE, you'll see there are a ton of interesting directions you can take that aren't ridiculously hardcore or intimidating. More often than not, it's just introducing the student to a new library and providing some background on how to use it.

They already have a two-day Scapy course. I wish they would have dropped the intro fluff and brought that material in instead. That would have freed up the networking portion for an intro to RE and exploit development, or a myriad of other topics.

[tturner]

Unfortunately Scapy didn't sell well so they appear to have abandoned that content.

[markbaggett]

Hey.  This is awesome.  I appreciate that people are talking about the course already.  Thanks for your kind words and vote of confidence about 'Baggett at the helm'.  It means a lot to me.   Here is a little background on the course. 

I started teaching this course at on-site engagements for military customers almost two years ago.   It was originally a 3 day course and I listed several online courses (Google Python Class, Kahn Academy, SPSE didn't exist at that time) as prerequisites.   We jumped straight into the 4 hands on projects where we build a AV/IDS Evading backdoor, sql injection tool, password guesser and a network recon tool.    As you can imagine prerequisites are difficult to enforce and I had a portion of the student that were lost.  I decided I had to cover the essentials, but I didn't want to bore people who know how to code.   

I put a lot of thought into how to cover the essentials for someone who is new to programming/Python and keep it engaging for people who can already code.  What I came up with is pyWars.   It is a CTF Challenge that runs the first 4 days and is deeply integrated into the course.   Skilled programmers will likely disengage from the course material and play pyWars until the material catches up to their skill.   New programmers will stay engaged early but turn to pyWars as they build their skills.   

Thanks for the interest an "buzz generation." 

[lorddicranius]

Did anyone here take Joe McCray's Python course earlier this year? http://strategicsec.com/services/training-services/classroom/python-for-security-professionals/ Anyone know if he's doing another run of it?

I missed Joe's too.  I heard if it went well he was gonna give it another go, but I didn't hear anything afterward.

Unfortunately Scapy didn't sell well so they appear to have abandoned that content.

I didn't know they had a scapy course

Thanks for hopping in and giving some extra info, Mark.  pyWars sounds pretty cool and a neat idea for those with experience already.

Maybe we can get the course in on a EHnet giveaway so we can get a course review here

[tturner]

Did anyone here take Joe McCray's Python course earlier this year? http://strategicsec.com/services/training-services/classroom/python-for-security-professionals/ Anyone know if he's doing another run of it?

I missed Joe's too.  I heard if it went well he was gonna give it another go, but I didn't hear anything afterward.

Unfortunately Scapy didn't sell well so they appear to have abandoned that content.

I didn't know they had a scapy course

Looks like Joe's Python course is being offered again in a week or 2. http://www.trainace.com/courses/python/ I'm not sure if he's the instructor or not.

Also, the Scapy course was a Judy Novak original. SEC567, here's a cheat sheet for the course http://www.sans.org/security-training/course_sums/1382.pdf I was very sad to see it go.

[ajohnson]

Yes, thanks for the feedback Mark. You should play up the PyWars piece a bit more on the course page. That sounds like a key aspect of the course that deserves more than a single bullet point under Lab Details.

[lorddicranius]

Also, the Scapy course was a Judy Novak original. SEC567, here's a cheat sheet for the course http://www.sans.org/security-training/course_sums/1382.pdf I was very sad to see it go.

Awesome, thanks for the link

[markbaggett]

ajohnson - Good point.   I'll take another look at the course description.

lorddicranius  - Let me run the BETAs and make sure the product lineup is finalized before we talk about a course review. 

All - Thanks for the feedback.   I appreciate it.