Review: eLearnSecurity’s Penetration Testing Pro (PTP)

eLearnSecurity’s Penetration Testing Pro (PTP) – What CEH Should Have Been

elearn.jpgRecently the web has been abuzz with pentest training options. The CEH received new life as it was added to  DoD Directive 8570 as well as revamped its courseware in version 6.0, Offensive Security rolled out their version 3.0 of “Pentesting With BackTrack,” and it seems like new training options are coming out almost every day in the field. That being said, I have been lucky enough to receive an advanced copy of the flagship course by eLearnSecurity, Penetration Testing Pro (PTP).

PTP is a three section presentation and video course authored by Armando Romeo (admin of hackerscenter.com), Brett D. Arion, Nitin Kumar, and Vipin Kumar. It has an optional certification component called the Certified Professional Penetration Tester or eCPPT for short. The target audience for the course is security engineers or penetration testers in the 0-3 year experience range. The course divides penetration testing into three categories: System Security, Network Security, and Web Application Security. Let’s take a look at each.

box__prosmall.pngSystems Security

The Systems Security Module is arguably the most advanced section of the three.  The introduction covers using Dev-Cpp, some assembly concepts, and windows driver development. Then the Systems Section drills down into:

• Cryptography and Password Cracking
• Buffer Overflows
• Shellcoding
• Malware Introduction
• Rootkit Coding

Cryptography and password cracking is the fast track to all things crypto and authentication including introductions to Hashing, SKI, PKI, Block Ciphers, Stream Ciphers, PGP, SSH, Historic Cryptography Attacks, and then ending with a full section on Windows System Authentication including covering tools like psexec, pwdump, fgdump, gsecdump, ophcrack, and nbtdump for password cracking.

The next section on “Buffer Overflows” gives a really good introduction to the stack and how memory works. It then massages you through examples of finding an overflow, triggering a stack overflow, fuzzing platforms, and then a final section for exploiting a real-world overflow in a FTP suite. This section goes from theory to code very fast and is very exciting. It also goes hand-in-hand with the “Shellcoding” section.

The next few sections I’ll cover quickly. “Shellcoding” is a crash course on writing OS specific shellcode, egg hunters, etc. There is literally a few days of material between these two sections if you follow the examples and exercises. “Malware Introduction” is a great section that covered some of my favorite topics such as malware techniques, packers, polymorphism, metamorphism, obfuscation, and vectors from which malware spread. Lastly, “Rootkit Coding” is the shortest of the systems sections but still contains a great deal of explanation of rootkit classification, how rootkits hide, and control file access. All sections here lead with example code from which to learn.

Network Security (a la network pentesting)

• Information Gathering
• Scanning and Target Detection
• Enumeration
• Sniffing and MITM Attacks
• VA & Exploitation
• Anonymity

The pentesting module (here called Network Security and Web Application Security) was what I was really waiting to see, since it is the material for which I am most comfortable. Using Backtrack as a common test platform, the Network Security module takes you all the way from finding targets to staying hidden.

The first section, “Information Gathering,” goes over usage of common, up-to-date tools (unlike the CEH) including lessons on Nmap, Maltego, SubDomainer, DnsMap, Cain, Arpspoof, etc. All of these give step-by-step walkthroughs of the tools and, for the most part, cover why they work and what they are doing. These mini-sections include video walkthroughs for some of the tools as well.

“Scanning and Target Detection” leads off with theory, explaining the essentials of the ports, protocols, services, and the TCP 3-way handshake. Students then delve into Nmap and an intro to SuperScan. Both scanners are covered adequately and include the types of scans you would use on an internal pentest. Where applicable eLearnSecurity seems to try and cover both the Windows and Linux versions of a given tool to get the job done. Additional sections cover techniques for using and integrating Amap, Unicornscan, and p0f with Nmap. The scanning module includes videos covering advanced Nmap topics like the Nmap scripting engine, timing options, and other Nmap related goodness.

“Enumeration” covers mostly NetBIOS and SNMP. All your favorite tools and scripts to pull down the data associated with these two services are represented. The NetBIOS sections cover finding valuable shares using net view, auditing NetBIOS using NAT, winfo, and gathering usernames using SID2USER and USER2SID. The SNMP section showcases attacks against the community strings, using MIB resources to enumerate devices and servers, brute forcing, and using a variety of tools to pull down more SNMP information.

“Network Sniffing and MITM” is a primer for wireshark, tcpdump, dsniff, windump, ettercap, macof, Dnsspoof, arpspoof, Cain, and sslstrip. This section/module is a really well put together set of guides on how MITM trickery works, how to spoof everything one would need, and how to capture all that juicy data from your client’s LAN.

“Vulnerability Assessment and Exploitation” is one of the longest sections. It guides the student through setting up a full Nessus and Metasploit install and then through the usage of each product respectively. This section is video heavy and does not feature as much ninja-ry as we’d liked, but I am assured there will be more content added soon.

Finishing off Network Security is a small section called “Anonymity” which covers proxies, SSH tunneling basics, TOR, and cleaning logs on *nix and Windows machines. This section was very informative and is often an overlooked part of testing.

Web Application Security

• Introduction
• Information Gathering
• Vulnerability Assessment
• XSS
• SQL Injection Attacks
• Advanced Web Attacks

One area that impressed me very much was the Web Application Module. Probably related to his HackersCenter.org experience, Armando covers these topics very well. The “Introduction” and most sections thereafter cover their topics eloquently, making web hacking easy to learn.

“Information Gathering” rehashes some ideas from the network side but still manages to get some very valuable ideas across like Fingerprinting Frameworks and Applications, Harvesting Usernames using Burp, and some Google Hacking basics. “Vulnerability Assessment” was the only section we found a bit lacking as we would have liked to see Grendel Scan, W3af, NetsparkerCE, etc, covered instead of just Nessus with Web Checks and Nikto. We contacted Armando, and he told us that there will be a completely stand-alone Web Application course on its way containing much more web hacking fu. In the meantime he is working on adding w3af into the VA section.

“XSS” goes through all of the types of XSS (persistent, DOM, reflective), how to attack them, stealing cookies, and using BeEF for further infiltrating the browser. “SQL Injection Attacks” covers some really good injection examples, and gets into some very advanced database fu. After introducing you to the manual way, Armando shows the students how to do the techniques using Absinthe, BSQL Hacker, Pagolin, and SQLmap. This section was very well represented. The last section, “Advanced Web Attacks,” covers session stealing via predictability, cross site request forgery, local and remote file inclusion, and an intro to Web 2.0 (AJAX) auditing.

PTP Extras!

Just when you thought you were done, Armando and his course authors added some great extras to the package! This consists of a set of forms to keep track of your scanning and enumeration results, and a 24-page guide on reporting. This guide goes through a full pentest report and potentially what should be in each section. It is one of the best put together documents I have seen for this purpose and is extremely impressive. Also included is a document on mapping your project via mindmaps (one of my personal favorite techniques) using FreeMind.

The Skinny

Presentation/Delivery: 8/10
Technical Content: 8/10
Value: 9/10

I kept thinking “this is what the CEH/LPT should have been,” and I am delighted to say that if students can master the topics and techniques in eLearnSecurity’s Penetration Testing Pro, they should be well on their way to being an accomplished pentester. eLearnSecurity’s course is easy to follow the whole way through with appropriate breaks for video and sprinkled exercises at every turn. I enjoyed each section and could have taken much more time to review them as the course houses 1600 slides of information and 4 hours of video. If you think 1600 slides is too much, let us assure you it never felt disjointed. All the way through the course eLearnSecurity doesn’t just throw the tools in your face, attendees also get the technical foundation and theory to back it up using the attack tools. As for interaction, I emailed Armando many times, and he was very helpful getting us set up and fixing any content related issues. He assured us he will be just as vigilant with every student and has a forum set up for all such issues and suggestions. The extras, including the reporting guide, were great additions at the end of the 3 main sections.  I am very impressed by the product as a whole and congratulate Armando and Team in an exceptional first run of the course.

Areas for Improvement

Although eLearnSecurity was a great course, there were a few things I would have liked to have seen or have covered deeper in the course.

Firstly, starting with a client side/social engineering section (maybe including tools like SET, JetMetric, Phishme). I also didn’t notice any Pcap Analysis coverage in the “MITM” Section using tools to pull out relevant data after gathering some traffic. In the “VA and Exploitation” Section there was no Metasploit Scripting or Nmap/Nessus integration w/ Fastrack/DBautopwn. In large networks making the most of these features often will save a lot of time. Even coverage of some of the more popular NBE parsing utilities/scripts would be great. I would have liked more Metasploit fu, such as the newer getsystem functions, using resource files, using multi-handler, etc, but there are other places I can go for that if needed (MSU). There was also no Pass the Hash coverage which was disappointing due to the great attack vector it opens up.

As I said, this is the first run of the course, and it is a stellar curriculum that has some great people behind the wheel. We are confident that any ideas or contributions that better the course will be added by the eLearnSecurity team as fast as possible.

So in closing, here’s my offering for a soundbite world:

eLearnSecurity’s Penetration Testing Pro: the CEH killer =)

 

Author Bio

EH-Net Live July 2018 - Bug Hunting as a Second Income - Haddix - PicJason Haddix, VP of Trust and Security at Bugcrowd, Inc.

I am passionate about information security. Not only is security my career focus but it’s my hobby. I absolutely love my job.

In my previous role as Director of Penetration Testing I led efforts on matters of information security consulting. The gamut stretched from developing test plans for Fortune 100 companies to competing in “bake-offs” to win business against other top tier consulting vendors.

In my current role I serve as the Director of our Application Security Engineers and Technical Operations. This means I am an extension of (and advisor to) over 300+ security programs across many industry verticals. Under my direction, my team has triaged over 15,000 vulnerabilities this year alone. We also strive to keep the relationship between vulnerability researcher and customer a good one.

While I never call myself a “master” of anything, I do have a very particular set of skills; skills I have acquired over a very long career. These skills make me adept at getting business, finding security vulnerabilities, and eventually leading a customer to a better security posture.

Jason is a regular columnist for EH-Net. See all articles by Jason Haddix.

Tags:
Viewing 39 reply threads
  • Author
    Posts
    • #4985
      Don Donzal
      Keymaster

      Welcome to the Official First Article of our newest columnist, Jason Haddix. Glad to add you to the family. Thanks and I look forward to a bright future.

      Permanent: [Article]-Review: eLearnSecurity’s Penetration Testing Pro (PTP)

      eLearnSecurity’s Penetration Testing Pro – What CEH Should Have Been

      Recently the web has been abuzz with pentest training options. The CEH received new life as it was added to  DoD Directive 8570 as well as revamped its courseware in version 6.0, Offensive Security rolled out their version 3.0 of “Pentesting With BackTrack,” and it seems like new training options are coming out almost every day in the field. That being said, I have been lucky enough to receive an advanced copy of the flagship course by eLearnSecurity, Penetration Testing Pro (PTP).

      PTP is a three section presentation and video course authored by Armando Romeo (admin of hackerscenter.com), Brett D. Arion, Nitin Kumar, and Vipin Kumar. It has an optional certification component called the Certified Professional Penetration Tester or eCPPT for short. The target audience for the course is security engineers or penetration testers in the 0-3 year experience range. The course divides penetration testing into three categories: System Security, Network Security, and Web Application Security. Let’s take a look at each.

      As with any other article or column, please send us your feedback by replying to this thread. Also feel free to suggest any other reviews you’d like Jason to do.

      Don

      • This topic was modified 2 years, 2 months ago by Don Donzal.
    • #31469
      Xen
      Participant

      Excellent! I’m currently going through their demo SQL Injection module and have been greatly impressed by it. Also, how does it compare to PWB and SANS Sec 504 ( I guess Jason has done both of them)? Did you take the certification exam?

      Additionally, I’ve the 20% discount code for eLearnsecurity’s Penetration Testing Pro. I won’t be using and it’s valid until 30th April. I am willing to give it to some EH member. Contact me if you want. With the coupon the training cost is just $388.

    • #31470
      What90
      Participant

      Great review Jason, it really helps understand who this is focused towards and what they can get out of it!

      I’d love to hear about the web application stand alone course, once it’s ready for the general public of course;-)

    • #31471
      BillV
      Participant

      Great review, Jason 🙂 I personally haven’t had time to get much beyond the Systems Security section yet but it’s nice to know what is coming up.

      As mentioned in the article, Armando and his team is quick to update material and make any corrections as needed. I know there were a couple things I brought to his attention and he replied nearly immediately saying they’d be fixed. I definitely agree with the points made by Jason in his article and the eLearnSecurity group has created an excellent course.

      BillV

    • #31473
      Ketchup
      Participant

      Jason, that’s a great review!  All of my questions were answered and then some.  Fantastic work.

      It seems like eLS is a great bargain and offers some great training.  It will definitely go on my list. 

    • #31474
      hayabusa
      Participant

      Hey Jason. 

      Great review!  I’m pumped to look at this one now, too!  Question for you.  Dunno if you’ve done PWB yet, from Offensive…  If you HAVE, how does this compare to what muts and company have there?

      Obviously, PWB is pretty intensive (I’m preparing to start taking v3, in a couple of weeks), and I know from reading, the eLearnSecurity stuff is all online (no downloadable courseware, etc – assumably to keep it from being distributed, etc)  But wondering, as a comparison, how the two stack up. 

      Like I said, this looks promising, so I’ll likely go for this, when I am done with PWB.  Just looking for a feel on it, so I can guage my time AFTER PWB, for what and how I want to be doing.

      Thanks.

      Tim

    • #31475
      ethicalhack3r
      Participant

      Congrats Jason. Great article!  🙂

    • #31477
      pizza1337
      Participant

      good article, i am interested in “Web Application Security” part, because i am weak when it comes to web app, i only know little about xss.
      also interested in “Anonymity” part.
      also need to learn how to write shellcode, and exploits. i am script kiddie(but i understand the basics 🙂 )

      *thinks about summer job* 🙂

    • #31478
      hayabusa
      Participant

      @Armando wrote:

      @hayabusa You can sign up for a demo of our course, that is an (almost) full module on SQL Injection including 20 minutes of video training.
      Just enter your email on our home page and you will get a user and pass within 1 hour.

      Wanted to say that the introductory price ($485)
      will expire tomorrow April 30th at 12pm GMT. Regular price will be 449€ ($599)

      We really gifted this course that is worth at least three times the current price, but yeah! We will respect our first goal to make great training affordable! Even after the great reviews we are getting

      Thanks Armando.  Will register for the demo.  Appreciate the fact that your company is working to keep it real / affordable for everyone.  I won’t be able to register for the class at this time (budgetary issues), and won’t, until I’m done with PWB, so I’ll miss out on this discount, but I appreciate the concern and mention of expiration date.  ;D

    • #31480
      morpheus063
      Participant

      Congrats to Jason for the wonderful review and Hats off to Armando and his team – the course looks really promising 🙂 All the best to eLS team

    • #31481
      impelse
      Participant

      Great review

    • #31482
      What90
      Participant

      Hello Armando,

      Having taken the OSCP and GPEN, it’s a strain to convince the powers that be to let me on another similar pentest course, but they seems happy to let me take a run at targeted training.

      Do you have any time lines on the Web Application Security stand alone course being made available?

      From Jason comments and review, I’d guess this would be well worth taking to strengthen those web app skills 😉

    • #31484
      What90
      Participant

      Hello Armando,

      I really enjoyed reviewing the course demo on SQL injection, it is nicely put together, very clear and flows well. I think I learnt a couple of words in Italian too!

      I can believe your course is different to both SANS and Offensive Security’s offering, my trouble is pitching those differences to management so they can understand and sign off the training.

      My process is to do a brief summary of a course I’d like to take and note the key points of what I expect to learn and be able to use in my job after the training. Sadly, my boss is pretty astute and would notice the similarities of the course structures to the other two.

      The Web application security course is a much easier sell as it is a specialization and therefore more focused on providing particular skills. Plus it fits in with current buzz about web 2.0 the CIO likes to mention in meetings 🙂

      I’d love to take this course at some point, as I’m a firm believer in great training makes me excited about learning and understanding different approaches while still developing my knowledge and skills. Perhaps I’ll pitch it to someone else when my boss is next on leave for a month 😉

      I wish you and the team great success with the course as quality training such as this creates better security professionals and that’s no bad thing for the industry.

    • #31486
      UNIX
      Participant

      Thanks for your efforts Jason, nice review.

    • #31487
      impelse
      Participant

      This is very interesting, You release a new training (call it basic or standard) and during the reviews and different conversations a new product had born for you, The Web Application Testing. You got a mine gold here, you did not need to pay marketing to discover it.

      Great.

      I have your training in my list. Takes some time when you pay with your own money.

    • #31489
      Anquilas
      Participant

      Thanks Jason, for once again writing an extremely useful review!

      And hat’s off @ eLS, getting that kind of praise right after going live, that’s gotta mean something!

      I do have a similar question as Hayabusa.
      I’m currently saving up for my first cert (although it will be a while), and obviously I am now confronted with the choice between OffSec’s PWB and this one.
      Jason: you did both of them I think. Any thoughts?

    • #31490
      SJF1978
      Participant

      Hi Armando,

      I’m looking to purchase this course before the 31st deadline & beat the price increase. I just wanted to get the 5% also but no discount coupon has come through??? I’ve completed the CEH & OSCP courses so will look forward to this one also.

      thanks in advance

    • #31491
      Xen
      Participant

      @SJF1978
      You just have to click the eLearnsecurity banner at EHNet and provide your email at their website to get your 5% discount coupon.

      eLearnsecurity has also come up with a subscription plan where you pay some monthly fee ($249+$200+$200) and you’ll get one domain each month.
      http://www.elearnsecurity.com/course/penetration_testing/subscription.php

    • #31492
      SJF1978
      Participant

      I did and I got the mail saying the discount code will be in the next mail. But could’nt see one?

    • #31493
      Xen
      Participant

      Try contacting Armando using their contact page http://www.elearnsecurity.com/contactus.php or contact him via twitter @elearnsecurity.

    • #31495
      Xen
      Participant

      @Armando Just checked your website. The link to EHNet in the main page is broken. Hope you correct it ASAP.

    • #31497
      SJF1978
      Participant

      Got my code & paid my silver…  8) Looking forward to the course… I’ll let everyone know how it goes

    • #31498
      secureseve
      Participant

      Really looking forward to this!

    • #31499
      secureseve
      Participant

      Started my courses tonight! It’s fun and amazing so far!

    • #31500
      Anquilas
      Participant

      Cool 🙂 Keep us informed!

    • #31501
      T_Bone
      Participant

      @Armando

      When will the version 1.1 of the PTP course be released?

    • #31502
      Anonymous
      Participant

      I’m definitely thinking seriously of taking this course. Almost there.

      By the way the picture-logo is awesome!

    • #31505
      recon
      Participant

      Hi All:

      I’m considering taking this class before the price increases again.

      For those who are currently or have taken this class, could you let me know what were your thoughts about taking this online class and certification?

      What were the differences between this class and the Pentesting with Backtrack offerred by Offensive Security?

      Also, I’ve already read the course syllabus and reviews on here but wanted to get a feel of what ppl though of both courses.

      Thanks,
      recon

    • #31506
      hayabusa
      Participant

      Hey recon.

      While I’m in process with eLearn’s course, I’ve definitely been enjoying it.  Personally, I agree with JHaddix’s remarks, of it being a ‘CEH killer’, but it definitely varies, from what was covered in PWB.  It seems, to me at least, that eLearn went through more time on the web application attack side, whereas, PWB made gave you some higher-level overview, but then made you self-study that a bit more.  And if you’re a newbie to the realm of security, eLearn’s buffer overflow info is an excellent resource, and IMHO, will be easier for someone to learn, if they’re starting that topic from scratch.

      Overall, PWB was very rounded, and really made you work for your knowledge, and challenged you more, with their multiple-machine, multi-faceted labs.  So of the two, I preferred it, as it gave me much more hands-on experience and time on multiple fronts. 

      So it depends on who you are, how you learn, and what your end goals are.  If you’re emphasizing web app security, eLearn went out of their way to put some good training together.  If you’re looking for a much more rounded approach, with more lab and hands-on time, at least from what I’ve seen so far, PWB wins that comparison.

      But both courses are well worth the time and money that are involved with them.  And both are a step (or more  😉 ) above and beyond the CEH.

      My 2 cents, anyway,,,

    • #31507
      impelse
      Participant

      I am taking the eLearnsecurity right now (I did not take the offensive security jet), I feel the eLearnsecurity gives you a good base to begin to build your pentest career, I am fixing this training with the CEH (I am bad momorizing) so I see eLearnsecurity like the practice of the CEH.

    • #31508
      KrisTeason
      Participant

      D’oh – this kind’ve sucks. I had about 5 paragraphs typed out stating the comparisons between the two when I hit the post button I was timed out and lost everything I wrote. Having taken both (and currently still in eLearnSecurity’s PTP course), I’ll bullet out their main differences:

      -Offensive-Security’s Penetration Testing with Backtrack 3 course offers a vpn lab for you to test your newly acquired skills on expanding across 4 subnets.

      -In the eLearnSecurity course, you download slide attachments and pretty much replicate what’s on the slides to get the hands-on approach.

      -Offensive-Security has an IRC Channel for students where ops are around almost 24/7 to provide basic help. Don’t expect to be spoon fed answers, expect “Try harder” as their main responses regarding questions that your capable of doing yourself.

      -eLearnSecurity doesn’t offer an IRC Channel but has a ‘Chat with Tech’ support feature which isn’t available 24/7.

      -Both have an e-mail support line and both of these support areas you get responses pretty quick.

      -Offensive-Security has a support account on MSN that you can add and talk to 1 on 1 just in case you need a quick response on something.

      -Offensive-Security’s videos are more than twice as long eLearnSecurity’s video footage in the course.

      Regarding the above, eLearnSecurity’s videos tend to be on more point-n-click tools versus in the offsec course your learning more command-line kung fu techniques

      -eLearnSecurity’s Web Application Attack section is the strongest section.

      -Offensive-Security’s Web Application Attack section isn’t as detailed as eLearnSecurity’s (For example, eLearnSecurity’s course covers introductory stuff like basics of HTTP, cookies and sessions, in the OffSec course it’s mainly talking about exploitation of attack vectors XSS, RFI/LFI, SQL Injection, etc).

      -eLearnSecurity’s video demonstrations are pretty basic compared to offensive-securitys. In the eLearnSecurity course I’ve noticed a lot of point and click fundamental tool usage type stuff versus in the offsec class your focusing on your command-line kung fu.
      Overall I think the 2 courses are in a different league of their own but similar because you do a report and a practical pentest to obtain the certification. I’d say choose the course based on your experience level – are you new to the field and don’t know much regarding penetration testing? Go with eLearnSecurity’s course. Are you someone who’s comfortable with BackTrack as a pentesting platform, know the basics and ready to take it a step further with a more hands on approach? Take Pentesting with BackTrack.

    • #31509
      impelse
      Participant

      @xXxKrisxXx wrote:

      I’d say choose the course based on your experience level – are you new to the field and don’t know much regarding penetration testing? Go with eLearnSecurity’s course. Are you someone who’s comfortable with BackTrack as a pentesting platform, know the basics and ready to take it a step further with a more hands on approach? Take Pentesting with BackTrack.

      This is the real possition between these two training.

    • #31510
      dynamik
      Participant

      @xXxKrisxXx wrote:

      -Offensive-Security’s Penetration Testing with Backtrack 3 course offers a vpn lab for you to test your newly acquired skills on expanding across 4 subnets.

      This has been updated to BT4, and from what I hear, the labs are much larger this time around.

    • #31511
      recon
      Participant

      Hi hayabusa, impelse, xXxKrisxXx, dynamik and All:

      First, I’d like to thank you for the fast replies! 🙂 These were all great and in depth comparisons among the OCSP and eLearnSecurity classes. Since I do not have as much experience with Backtrack and would like a good overview again of the web application testing (others said is was strong in this), I’m going to pursue the eLearnSecurity class first since you have access to this class permanently. I think I would learn new things and this would also be great review for me. After that, maybe prepare and study for the CEH or do the Wifu from Offensive Computing. After all of this, I would really have to familiarize myself and be strong with Backtrack before I do the PWB from Offensive Security.

      Has anyone here done the Wifu class by Offensive Security?

      Thx,
      Recon

      @recon wrote:

      Hi All:

      I’m considering taking this class before the price increases again.

      For those who are currently or have taken this class, could you let me know what were your thoughts about taking this online class and certification?

      What were the differences between this class and the Pentesting with Backtrack offerred by Offensive Security?

      Also, I’ve already read the course syllabus and reviews on here but wanted to get a feel of what ppl though of both courses.

      Thanks,
      recon

    • #31512
      UNIX
      Participant

      pizza1337 took Wifu and did a short write-up on it.

    • #31513
      recon
      Participant

      Thx awesec.

      @awesec wrote:

      pizza1337 took Wifu and did a short write-up on it.

    • #31514
      hungrymind
      Participant

      Hi everyone,

      I am thinking of taking an online course in order to learn the fundamentals of penetration testing (and hopefully then some).

      I have been considering Wayne Burke’s offerings (not sure now due to the high price tag, but they look good), Offsec (very interested), and eLearnSecurity (also very interested due to the good reviews and the even better price point).

      So this is more of a follow-up post to see who has started the eLearnSecurity course and their satisfaction level with it thus far, what to expect, the exam itself, etc.

      Thanks guys.

      hungrymind

    • #31515
      Xen
      Participant

      Hello, hungrymind!

      I am  eLearnsecuirty’s PTP course student. xXxKrisxXx and I did a small post comparing PWB and PTP. You can find it here
      http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,5938.msg31605/#msg31605

      Let me know if you’ve more questions, I’ll be happy to help =)

    • #168827
      Don Donzal
      Keymaster

      Hard to believe this review of PTP v1 was over 8 years ago. With the recent release of PTP v5, I’m curious what our old-timers think of the massive improvements made to this course over the years. Would also be nice to hear from from newer students and their perspectives on this detailed course with hands-on labs and practical exam.

      https://www.elearnsecurity.com/course/penetration_testing/

      Don

    • #169234
      zunine-t
      Participant

      Great read! Thank you for sharing about penetration testing. I have come across a website infosecaddicts. Do you think http://www.infosecaddicts.com is worth to look at? Or am I jut wasting my time!

Viewing 39 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?