[Article]-Review: eLearnSecurity’s Penetration Testing Pro (PTP)

Viewing 39 reply threads
  • Author
    Posts
    • #4985
      Don Donzal
      Keymaster

      Welcome to the Official First Article of our newest columnist, Jason Haddix. Glad to add you to the family. Thanks and I look forward to a bright future.

      Permanent: [Article]-Review: eLearnSecurity’s Penetration Testing Pro (PTP)

      eLearnSecurity’s Penetration Testing Pro – What CEH Should Have Been

      Recently the web has been abuzz with pentest training options. The CEH received new life as it was added to  DoD Directive 8570 as well as revamped its courseware in version 6.0, Offensive Security rolled out their version 3.0 of “Pentesting With BackTrack,” and it seems like new training options are coming out almost every day in the field. That being said, I have been lucky enough to receive an advanced copy of the flagship course by eLearnSecurity, Penetration Testing Pro (PTP).

      PTP is a three section presentation and video course authored by Armando Romeo (admin of hackerscenter.com), Brett D. Arion, Nitin Kumar, and Vipin Kumar. It has an optional certification component called the Certified Professional Penetration Tester or eCPPT for short. The target audience for the course is security engineers or penetration testers in the 0-3 year experience range. The course divides penetration testing into three categories: System Security, Network Security, and Web Application Security. Let’s take a look at each.

      As with any other article or column, please send us your feedback by replying to this thread. Also feel free to suggest any other reviews you’d like Jason to do.

      Don

      • This topic was modified 2 years ago by Don Donzal.
    • #31469
      Xen
      Participant

      Excellent! I’m currently going through their demo SQL Injection module and have been greatly impressed by it. Also, how does it compare to PWB and SANS Sec 504 ( I guess Jason has done both of them)? Did you take the certification exam?

      Additionally, I’ve the 20% discount code for eLearnsecurity’s Penetration Testing Pro. I won’t be using and it’s valid until 30th April. I am willing to give it to some EH member. Contact me if you want. With the coupon the training cost is just $388.

    • #31470
      What90
      Participant

      Great review Jason, it really helps understand who this is focused towards and what they can get out of it!

      I’d love to hear about the web application stand alone course, once it’s ready for the general public of course;-)

    • #31471
      BillV
      Participant

      Great review, Jason 🙂 I personally haven’t had time to get much beyond the Systems Security section yet but it’s nice to know what is coming up.

      As mentioned in the article, Armando and his team is quick to update material and make any corrections as needed. I know there were a couple things I brought to his attention and he replied nearly immediately saying they’d be fixed. I definitely agree with the points made by Jason in his article and the eLearnSecurity group has created an excellent course.

      BillV

    • #31473
      Ketchup
      Participant

      Jason, that’s a great review!  All of my questions were answered and then some.  Fantastic work.

      It seems like eLS is a great bargain and offers some great training.  It will definitely go on my list. 

    • #31474
      hayabusa
      Participant

      Hey Jason. 

      Great review!  I’m pumped to look at this one now, too!  Question for you.  Dunno if you’ve done PWB yet, from Offensive…  If you HAVE, how does this compare to what muts and company have there?

      Obviously, PWB is pretty intensive (I’m preparing to start taking v3, in a couple of weeks), and I know from reading, the eLearnSecurity stuff is all online (no downloadable courseware, etc – assumably to keep it from being distributed, etc)  But wondering, as a comparison, how the two stack up. 

      Like I said, this looks promising, so I’ll likely go for this, when I am done with PWB.  Just looking for a feel on it, so I can guage my time AFTER PWB, for what and how I want to be doing.

      Thanks.

      Tim

    • #31475
      ethicalhack3r
      Participant

      Congrats Jason. Great article!  🙂

    • #31477
      pizza1337
      Participant

      good article, i am interested in “Web Application Security” part, because i am weak when it comes to web app, i only know little about xss.
      also interested in “Anonymity” part.
      also need to learn how to write shellcode, and exploits. i am script kiddie(but i understand the basics 🙂 )

      *thinks about summer job* 🙂

    • #31478
      hayabusa
      Participant

      @Armando wrote:

      @hayabusa You can sign up for a demo of our course, that is an (almost) full module on SQL Injection including 20 minutes of video training.
      Just enter your email on our home page and you will get a user and pass within 1 hour.

      Wanted to say that the introductory price ($485)
      will expire tomorrow April 30th at 12pm GMT. Regular price will be 449€ ($599)

      We really gifted this course that is worth at least three times the current price, but yeah! We will respect our first goal to make great training affordable! Even after the great reviews we are getting

      Thanks Armando.  Will register for the demo.  Appreciate the fact that your company is working to keep it real / affordable for everyone.  I won’t be able to register for the class at this time (budgetary issues), and won’t, until I’m done with PWB, so I’ll miss out on this discount, but I appreciate the concern and mention of expiration date.  ;D

    • #31480
      morpheus063
      Participant

      Congrats to Jason for the wonderful review and Hats off to Armando and his team – the course looks really promising 🙂 All the best to eLS team

    • #31481
      impelse
      Participant

      Great review

    • #31482
      What90
      Participant

      Hello Armando,

      Having taken the OSCP and GPEN, it’s a strain to convince the powers that be to let me on another similar pentest course, but they seems happy to let me take a run at targeted training.

      Do you have any time lines on the Web Application Security stand alone course being made available?

      From Jason comments and review, I’d guess this would be well worth taking to strengthen those web app skills 😉

    • #31484
      What90
      Participant

      Hello Armando,

      I really enjoyed reviewing the course demo on SQL injection, it is nicely put together, very clear and flows well. I think I learnt a couple of words in Italian too!

      I can believe your course is different to both SANS and Offensive Security’s offering, my trouble is pitching those differences to management so they can understand and sign off the training.

      My process is to do a brief summary of a course I’d like to take and note the key points of what I expect to learn and be able to use in my job after the training. Sadly, my boss is pretty astute and would notice the similarities of the course structures to the other two.

      The Web application security course is a much easier sell as it is a specialization and therefore more focused on providing particular skills. Plus it fits in with current buzz about web 2.0 the CIO likes to mention in meetings 🙂

      I’d love to take this course at some point, as I’m a firm believer in great training makes me excited about learning and understanding different approaches while still developing my knowledge and skills. Perhaps I’ll pitch it to someone else when my boss is next on leave for a month 😉

      I wish you and the team great success with the course as quality training such as this creates better security professionals and that’s no bad thing for the industry.

    • #31486
      UNIX
      Participant

      Thanks for your efforts Jason, nice review.

    • #31487
      impelse
      Participant

      This is very interesting, You release a new training (call it basic or standard) and during the reviews and different conversations a new product had born for you, The Web Application Testing. You got a mine gold here, you did not need to pay marketing to discover it.

      Great.

      I have your training in my list. Takes some time when you pay with your own money.

    • #31489
      Anquilas
      Participant

      Thanks Jason, for once again writing an extremely useful review!

      And hat’s off @ eLS, getting that kind of praise right after going live, that’s gotta mean something!

      I do have a similar question as Hayabusa.
      I’m currently saving up for my first cert (although it will be a while), and obviously I am now confronted with the choice between OffSec’s PWB and this one.
      Jason: you did both of them I think. Any thoughts?

    • #31490
      SJF1978
      Participant

      Hi Armando,

      I’m looking to purchase this course before the 31st deadline & beat the price increase. I just wanted to get the 5% also but no discount coupon has come through??? I’ve completed the CEH & OSCP courses so will look forward to this one also.

      thanks in advance

    • #31491
      Xen
      Participant

      @SJF1978
      You just have to click the eLearnsecurity banner at EHNet and provide your email at their website to get your 5% discount coupon.

      eLearnsecurity has also come up with a subscription plan where you pay some monthly fee ($249+$200+$200) and you’ll get one domain each month.
      http://www.elearnsecurity.com/course/penetration_testing/subscription.php

    • #31492
      SJF1978
      Participant

      I did and I got the mail saying the discount code will be in the next mail. But could’nt see one?

    • #31493
      Xen
      Participant

      Try contacting Armando using their contact page http://www.elearnsecurity.com/contactus.php or contact him via twitter @elearnsecurity.

    • #31495
      Xen
      Participant

      @Armando Just checked your website. The link to EHNet in the main page is broken. Hope you correct it ASAP.

    • #31497
      SJF1978
      Participant

      Got my code & paid my silver…  8) Looking forward to the course… I’ll let everyone know how it goes

    • #31498
      secureseve
      Participant

      Really looking forward to this!

    • #31499
      secureseve
      Participant

      Started my courses tonight! It’s fun and amazing so far!

    • #31500
      Anquilas
      Participant

      Cool 🙂 Keep us informed!

    • #31501
      T_Bone
      Participant

      @Armando

      When will the version 1.1 of the PTP course be released?

    • #31502
      Anonymous
      Participant

      I’m definitely thinking seriously of taking this course. Almost there.

      By the way the picture-logo is awesome!

    • #31505
      recon
      Participant

      Hi All:

      I’m considering taking this class before the price increases again.

      For those who are currently or have taken this class, could you let me know what were your thoughts about taking this online class and certification?

      What were the differences between this class and the Pentesting with Backtrack offerred by Offensive Security?

      Also, I’ve already read the course syllabus and reviews on here but wanted to get a feel of what ppl though of both courses.

      Thanks,
      recon

    • #31506
      hayabusa
      Participant

      Hey recon.

      While I’m in process with eLearn’s course, I’ve definitely been enjoying it.  Personally, I agree with JHaddix’s remarks, of it being a ‘CEH killer’, but it definitely varies, from what was covered in PWB.  It seems, to me at least, that eLearn went through more time on the web application attack side, whereas, PWB made gave you some higher-level overview, but then made you self-study that a bit more.  And if you’re a newbie to the realm of security, eLearn’s buffer overflow info is an excellent resource, and IMHO, will be easier for someone to learn, if they’re starting that topic from scratch.

      Overall, PWB was very rounded, and really made you work for your knowledge, and challenged you more, with their multiple-machine, multi-faceted labs.  So of the two, I preferred it, as it gave me much more hands-on experience and time on multiple fronts. 

      So it depends on who you are, how you learn, and what your end goals are.  If you’re emphasizing web app security, eLearn went out of their way to put some good training together.  If you’re looking for a much more rounded approach, with more lab and hands-on time, at least from what I’ve seen so far, PWB wins that comparison.

      But both courses are well worth the time and money that are involved with them.  And both are a step (or more  😉 ) above and beyond the CEH.

      My 2 cents, anyway,,,

    • #31507
      impelse
      Participant

      I am taking the eLearnsecurity right now (I did not take the offensive security jet), I feel the eLearnsecurity gives you a good base to begin to build your pentest career, I am fixing this training with the CEH (I am bad momorizing) so I see eLearnsecurity like the practice of the CEH.

    • #31508
      KrisTeason
      Participant

      D’oh – this kind’ve sucks. I had about 5 paragraphs typed out stating the comparisons between the two when I hit the post button I was timed out and lost everything I wrote. Having taken both (and currently still in eLearnSecurity’s PTP course), I’ll bullet out their main differences:

      -Offensive-Security’s Penetration Testing with Backtrack 3 course offers a vpn lab for you to test your newly acquired skills on expanding across 4 subnets.

      -In the eLearnSecurity course, you download slide attachments and pretty much replicate what’s on the slides to get the hands-on approach.

      -Offensive-Security has an IRC Channel for students where ops are around almost 24/7 to provide basic help. Don’t expect to be spoon fed answers, expect “Try harder” as their main responses regarding questions that your capable of doing yourself.

      -eLearnSecurity doesn’t offer an IRC Channel but has a ‘Chat with Tech’ support feature which isn’t available 24/7.

      -Both have an e-mail support line and both of these support areas you get responses pretty quick.

      -Offensive-Security has a support account on MSN that you can add and talk to 1 on 1 just in case you need a quick response on something.

      -Offensive-Security’s videos are more than twice as long eLearnSecurity’s video footage in the course.

      Regarding the above, eLearnSecurity’s videos tend to be on more point-n-click tools versus in the offsec course your learning more command-line kung fu techniques

      -eLearnSecurity’s Web Application Attack section is the strongest section.

      -Offensive-Security’s Web Application Attack section isn’t as detailed as eLearnSecurity’s (For example, eLearnSecurity’s course covers introductory stuff like basics of HTTP, cookies and sessions, in the OffSec course it’s mainly talking about exploitation of attack vectors XSS, RFI/LFI, SQL Injection, etc).

      -eLearnSecurity’s video demonstrations are pretty basic compared to offensive-securitys. In the eLearnSecurity course I’ve noticed a lot of point and click fundamental tool usage type stuff versus in the offsec class your focusing on your command-line kung fu.
      Overall I think the 2 courses are in a different league of their own but similar because you do a report and a practical pentest to obtain the certification. I’d say choose the course based on your experience level – are you new to the field and don’t know much regarding penetration testing? Go with eLearnSecurity’s course. Are you someone who’s comfortable with BackTrack as a pentesting platform, know the basics and ready to take it a step further with a more hands on approach? Take Pentesting with BackTrack.

    • #31509
      impelse
      Participant

      @xXxKrisxXx wrote:

      I’d say choose the course based on your experience level – are you new to the field and don’t know much regarding penetration testing? Go with eLearnSecurity’s course. Are you someone who’s comfortable with BackTrack as a pentesting platform, know the basics and ready to take it a step further with a more hands on approach? Take Pentesting with BackTrack.

      This is the real possition between these two training.

    • #31510
      dynamik
      Participant

      @xXxKrisxXx wrote:

      -Offensive-Security’s Penetration Testing with Backtrack 3 course offers a vpn lab for you to test your newly acquired skills on expanding across 4 subnets.

      This has been updated to BT4, and from what I hear, the labs are much larger this time around.

    • #31511
      recon
      Participant

      Hi hayabusa, impelse, xXxKrisxXx, dynamik and All:

      First, I’d like to thank you for the fast replies! 🙂 These were all great and in depth comparisons among the OCSP and eLearnSecurity classes. Since I do not have as much experience with Backtrack and would like a good overview again of the web application testing (others said is was strong in this), I’m going to pursue the eLearnSecurity class first since you have access to this class permanently. I think I would learn new things and this would also be great review for me. After that, maybe prepare and study for the CEH or do the Wifu from Offensive Computing. After all of this, I would really have to familiarize myself and be strong with Backtrack before I do the PWB from Offensive Security.

      Has anyone here done the Wifu class by Offensive Security?

      Thx,
      Recon

      @recon wrote:

      Hi All:

      I’m considering taking this class before the price increases again.

      For those who are currently or have taken this class, could you let me know what were your thoughts about taking this online class and certification?

      What were the differences between this class and the Pentesting with Backtrack offerred by Offensive Security?

      Also, I’ve already read the course syllabus and reviews on here but wanted to get a feel of what ppl though of both courses.

      Thanks,
      recon

    • #31512
      UNIX
      Participant

      pizza1337 took Wifu and did a short write-up on it.

    • #31513
      recon
      Participant

      Thx awesec.

      @awesec wrote:

      pizza1337 took Wifu and did a short write-up on it.

    • #31514
      hungrymind
      Participant

      Hi everyone,

      I am thinking of taking an online course in order to learn the fundamentals of penetration testing (and hopefully then some).

      I have been considering Wayne Burke’s offerings (not sure now due to the high price tag, but they look good), Offsec (very interested), and eLearnSecurity (also very interested due to the good reviews and the even better price point).

      So this is more of a follow-up post to see who has started the eLearnSecurity course and their satisfaction level with it thus far, what to expect, the exam itself, etc.

      Thanks guys.

      hungrymind

    • #31515
      Xen
      Participant

      Hello, hungrymind!

      I am  eLearnsecuirty’s PTP course student. xXxKrisxXx and I did a small post comparing PWB and PTP. You can find it here
      http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,5938.msg31605/#msg31605

      Let me know if you’ve more questions, I’ll be happy to help =)

    • #168827
      Don Donzal
      Keymaster

      Hard to believe this review of PTP v1 was over 8 years ago. With the recent release of PTP v5, I’m curious what our old-timers think of the massive improvements made to this course over the years. Would also be nice to hear from from newer students and their perspectives on this detailed course with hands-on labs and practical exam.

      https://www.elearnsecurity.com/course/penetration_testing/

      Don

    • #169234
      zunine-t
      Participant

      Great read! Thank you for sharing about penetration testing. I have come across a website infosecaddicts. Do you think http://www.infosecaddicts.com is worth to look at? Or am I jut wasting my time!

Viewing 39 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?