[Article]-Course Review: eLearnSecurity WAPTX (WebApp PenTes

Viewing 11 reply threads
  • Author
    • #8822
      Don Donzal

      This is a blog post. To read the original post, please click here »

      The past few years were a sort of lull for me. While I’ve continued to read and review books, watch and listen to webcasts and podcasts and do my best to stay ‘fresh’ on the pentesting front, I’ve not had a good opportunity to squeeze in any more ‘structured’ training courses. Ever since completing the OSCE course by Offensive Security (OffSec), I’d been feeling good about much of my repertoire but had been itching to get some solid web courses under my belt. I had contemplated OffSec’s OSWE, but as it’s only offered at BlackHat, has no self-study options and because my work and personal life haven’t offered me time to go down that road, I’d been itching for other options. Enter the eLearnSecurity WAPTX online course.

      Rewind the clock to a couple of months ago. I’ve long been familiar with eLearnSecurity, having previously reviewed the eCPPT certification training here at The Ethical Hacker Network (EH-Net) and discussing their various offerings with CEO and Founder, Armando Romeo. Each time I’ve looked at their materials in the past, I’ve been pleased with both the materials presented and the overall ‘bang for the buck’ that they’ve provided. Most recently, I’d been looking at the web application courses they offer, specifically Web Application Penetration Testing – WAPT and Web Application Penetration Testing Extreme – WAPTX. On the one hand I knew that eLearnSecurity was soon to be releasing an updated version of the WAPT course. But the subject matter and descriptions of the WAPTX were really intriguing to me, so I decided to go to the extreme (pun intended). Suffice it to say, I have been very happy with that decision. This course has been outstanding, and I’ve learned a TON from the material in these past two months! Let’s take an in-depth look.

    • #54194

      Thanks for the review, Tim. It would be nice if you could update it once you have taken the associated exam. 😉

    • #54195

      UNIX – That’s the plan, and I definitely will, thanks.

    • #54196

      Sounds interesting, the pricing is a little odd though. They have a barebone version for 899 that doesn’t include any labs, so just the videos. Then for 100 more you get lab access, the cert exam and more. Labs should be included in all versions even if there are reduced hours.

    • #54197

      I understand what you’re saying Daniel. (Obviously, something you might talk to eLearn about. Armando is a member here, as well, so you could even PM him)

      His username IS Armando.


    • #54198

      Thanks for this review sir.But we indians many are from middle family can’t afford that course. Can you provide pdfs or slides of that course in free for us.Thanks

    • #54199


    • #54200

      Good review hayabusa,

      Behind Every course work there involves lots of research and so many specialists hard work. Please do not refer country name or middle class situation to request for something free… Since every country does have middle class people and it’s the individuals effort and passion should encourage rather asking for free, I have a respect for you buddy… Good luck to you

    • #54201


      Requesting that someone provide you with ‘free’ copies of paid courseware is hardly ethical. I apologize if that offends you, but quite simply, as this is the ‘ethical hacker network’, your request isn’t going to have any merit, here.

      Perhaps, if you’re in such a bad way, you can contact Armando and work something out.

      Best wishes.

    • #54202

      can I have Armando email address?

    • #54203

      As I’m not certain where all he posts his email, I’m not personally at liberty to just hand it out.

      I’d suggest either contacting him via his profile here:


      Or through the “Contact Us” link on eLearnSecurity’s webpage:


      Or even perhaps via LinkedIn:


    • #54204

      So for those who are wondering…

      I failed the certification exam for this course. :-[

      I will say that the exam is excellent, and well worth studying for, but my time to take it was limited, due to other things going on, so I couldn’t give it the effort and commitment that they required. (Didn’t help that the voucher for the exam was only good for a limited time, and as such, it was rough for me to schedule it, before it expired.)

      Once you schedule the exam, you have a week to take it (7 days of VPN access), and a second week to write up and submit for grading. If you fail, you get one more free attempt (an additional week) to correct / try again – according to their instructions beginning the moment the first attempt was scored. That scoring occurs ‘within 30 days’ of your original attempt, so planning to accommodate it, when I wasn’t sure when to expect my original grade / scoring, wasn’t in the cards, and I simply couldn’t put a full second week (I only had a day or so to commit to attempt #2) into passing.

      I got / acquired the only ‘required’ item to pass, however that, in and of itself, was insufficient to pass. And while I found a handful of other vulnerabilities per the course / study, exploited them and reported on them, evidently my efforts weren’t sufficient to pass, entirely.

      While I’d love to say I hold their certification, and again, I can say it was worthwhile / valuable information I learned in this course, I’m unsure at this time whether or not I’ll kick out the $200 fee for a new certification voucher, to try again.

      Time will tell. But I’d still recommend this course to anyone wanting to expand their boundaries and experience more, into Web App Pentesting.


Viewing 11 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?