July 21, 2010 at 2:28 pm #5356
In my country there is no courses in PenTesting. We only have CEH and CIS.
If anyone knows about PenTest certification courses which will take place in August/September in any country in central Europe, I will be glad if he could publish more informations.
July 21, 2010 at 2:45 pm #33881
In what course/ area are you particularly interested? In which country are you located?
There are quite a few courses available which can be done from home, so no need to travel. E.g. you might take a look at the courses offered by Offensive Security.
July 21, 2010 at 3:11 pm #33882
I forgot to mention that I’m interested for “live” course with tutor in the room. I’m looking for course which will take place in Austria/Germany/Italy.
If I took a course from offensive-security online, I would take “PWN”. This one also looks good: http://www.ssr-i.com/courses/certified_penetration_testing_consultant.html
July 21, 2010 at 3:34 pm #33883
Well, so you are in the same area as I’m. 🙂
There are not that many courses available here, indeed, and those who are, are often just courses from third-party companies which should prepare for some of the well-known certs, such as CEH and similar ones. However, as I’ve read, they are often lacking in quality and are way too overpriced. Since I haven’t taken such a course here myself, I can’t give you a personal recommendation.
Therefore I would again give my recommendation to some of the available online courses, where a few ones offer also “live” training, such as SANS vLive. If you are interested in some courses from EC-Council, you will find a similar solution, called iClass. You will get into a audio/ video conference with your instructor and other students, whereas the instructor will go with you through the contents and is answering your questions. Usually the instructor will also share his Desktop with the students, so that they can follow what’s going on.
Regarding the courses from Offensive Security, their IRC-channel on freenode is recommended.
What you should note and keep in mind is the different timezones, which might be problematic.
July 22, 2010 at 9:31 am #33884
It looks like PWB-online from offensive security is the best option. I agree, courses in our area are overpriced. I would like to take one of available courses which could show me, how to made depth pentest on network with 20-30 hosts with fail/smtp server from start to end.
July 22, 2010 at 9:46 am #33885
July 22, 2010 at 1:54 pm #33886hayabusaParticipant
While I’m not in your area, so I can’t speak for what might be available ‘locally’ there, I’d have to agree with awesec.
PWB is definitely what you want, I think, based on your ‘requirements’ / requests from your earlier posts. It will challenge you, significantly, but will certainly get you used to scenarios where you’re put in the middle of a 30-40 host network, and are challenged to enumerate hosts, identify vulnerabilities and security risks, exploit and document those risks, and report on it all at the end, as well as making recommendations for security risk remediations, based upon what you’ve found. It’s an excellent course. As awesec said, it’s NOT ‘spoon fed’ and will require a lot of lab time and research hours of your own, but you do have access to instructors and others on IRC, forums, etc, if you’re hitting a stumbling block, and need to refocus, or get some advice, etc.
PWB also allows you the benefit of self-paced learning, so long as you keep the purchased amount of lab time in mind and don’t run out of time, so it works out well, if you need to do your everyday job while learning. This was nice, for me, as not only could I balance the two, but it wasn’t handed to me, bootcamp-style, where you’re only in the information for 3-5 days, take an exam, and are then turned loose on the world. This method allows you to stay in the material for a longer time, and thus, ‘stamps’ it a bit more into your brain, and pushes you to retain the knowledge, not just to do a week-long, ‘photographic memory’ deal, pass a test, then forget what you’ve learned. So I personally, found a lot of value in it. But I’d say, if you really feel the need to be sitting directly with an instructor, and don’t do well with even partial self-study, this method may or may not work well, for you. I’d think about your learning style very carefully, and decide, based on your needs and abilities.
Second to PWB, at least in afforability, I’d look into the course by elearnSecurity. While not the same, in terms of attacking a medium-sized subnet, with various hosts, it is a good learning reference, and from what I’ve seen so far (I’m currently a student,) it does a great job with the web server / services side of things, and compliments PWB nicely. Additionally, I had to compliment Armando and his team at eLearn, on their presentation of ‘buffer overflows.’ While it’s a topic I’m, personally, already very familiar with, I must say, for those who aren’t so familiar, Armando and his folks really put together a GREAT batch of lessons on it, and I applauded the way they put that portion of their material together, as a newcomer will likely follow it very easily.
Then, as awesec noted, you have SANS vLive and EC-Council iClass courses, so you DO have some excellent options, WITH instructors, even though said instructors aren’t sitting directly in a room with you. I can tell you, SANS 560 (and even some of the ones EH-net is giving away this month) is another one I’m planning on adding to my list, as time and budget permit.
July 25, 2010 at 2:15 pm #33887
Thank you both for advice.
I decided to take PWB online course. I have read some topics about PWB online course and all things were so positive. I haven’t had any experience with online learning. So it will be something new.
I have one basic question about pre-made Backtrack VMware image. Do I have to use it, or can I use my already installed Backtrack 4 Final Release on my computer?
July 25, 2010 at 2:33 pm #33888hayabusaParticipant
To my knowledge, you can use whatever you’d like. They did (although I don’t have a list handy) add some goodies and such to the PWB version, but I don’t recall having to use anything that wasn’t already included in the production release.
July 25, 2010 at 5:15 pm #33889
You should be able to use whatever you’d like. As already stated by hayabusa, you should get a slightly modified version of BackTrack when entering the course.
- You must be logged in to reply to this topic.