.

First Post, Need Help Deciding on Training eLearn or Off Sec

<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Sun Oct 31, 2010 7:16 pm

First Post, Need Help Deciding on Training eLearn or Off Sec

Hi everyone, I've been viewing this site for a long time now, but decided to become an active member of the community, I really like all it has to offer.

I'm currently trying to decide between two training courses that have been talked about to death on here, so I don't expect an easy answer and am not sure how biased any responses will be, but any help is greaty appreciated.

Here is a quick summary/background of myself: I've been in the IT industry for 10+ years now, working for several companies and as a consultant doing everything from simple desktop installs/ repairs to datacenter work to deployment of Cisco networks (routers, switches, wifi etc.).  

I started my certification path in 2000 and currently have my A+, Network+, Security+ and CCNA.  A week ago I passed the Switching exam for the new CCNP track, but decided to take a Cisco break and concentrate on my 'passion', security (network security and pen testing).  I am currently studying for my CEH with Kimberly Graves newest Study guide, certflashcardsonline and careerademy cbt.  Almost being done with the book, I can see the CEH shouldn't be very difficult, especially compared to the Cisco exams I've taken.. Seems like just a lot of memorization of tools and their uses etc.  Multiple choice stuff.. I found that a lot that I studied in regards to security for my Cisco training has really helped and had to do with things on the CEH…

Anyways,  to not make my first post a novel, I’m trying to decide between eLearnSecurity’s training  and the online Offensive Security’s offering to get my OSCP.  They both seem very appealing and I know both have pro’s and cons.. Firstly, I don’t have programming skills.. I have good books on C, but know there’s much more necessary to become good in those respects.  Price wise, they are comparable, except for the payment plan by eLearn, which is very appealing.  I quickly looked through the free demo offered by eLearn, but nothing about it really grabbed me and said “this is the one”..

I’ve had BackTrack on a box for a while now as well as on a usb I use for my laptop.  I’m not gonna lie and say I know all the tools, but I do feel comfortable with the navigation although not a huge linux user at the CLI (I do have Ubuntu Linux Toolbox 100 Commands, to help me out other than web references).

To close this out, not that it would help in any way, but my current lab consists of the following.  Cisco 2600 series routers (4), with latest IOS, 4 Cisco 2950 Switches, a 3550 switch, Pix 515E firewall, couple of laptops and couple of desktops..
I know all say getting the OSCP is more difficult and I’m ready for the challenge, money wise payments seem very good these days for eLearn.. Just very confused with what decicion to make.  Thank you for all your help and I’ll try to keep future posts shorter lol ; )
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sun Oct 31, 2010 8:13 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Hey MindOverMatter,

Good to see you poked out of the darkness and made an account on the forum. Good first post and I think you'll get some good feedback from it. Personally, I've taken both of the courses, I'm in the eLearnSecurity course right now attempting the certification challenge (Have about 11 days left on it) - and I could say both are well rounded courses.

Personally, my preference in favorite was the Pentesting with Backtrack course because I liked the hands-on style. I liked being able to VPN into an environment filled with 4 subnets of machines (over 50 boxes just ready to get owned in some way). Not that eLearnSecurity isn't hands on at all, the current version of the course you could get hands-on going through the slides and downloading the attachments.

I don't want to come off like I'm ranting so I'll narrow it down to what I think the question is you should ask yourself before you take the course. How well do you know pen-testing? Are you currently comfortable with an arsenal of security tools? Looks like you've setup a nice lab. Programming isn't exactly required in either courses but it does help. In the off-sec course mainly a scripting language comes in handy, and in eLearnSecurity since your penetrating a Web Application for the examination, it's best to be able to look at web development languages and understand what's going on under the hood. Just even being able to look at the source codes of pages and knowing what's going on helps.

If you feel new to the pen-testing scene and want to get your feet dirty, I'd go with eLearnSecurity's course (definitely version 2 of the course, which I think will be featuring a VPN Lab for students to test their acquired skills in). You'd get a solid foundation of Web Application penetration testing in this course. If you feel the need to dig deeper and have a will to suffer, go with Penetration testing with BackTrack. Which ever route you choose, I'd suggest completing your CEH first. Don't want to get carried away too much in these courses to get you behind on getting your CEH cert. Hope this was somewhat helpful. If you have other questions, feel free to ask and I'll answer them!

-kris
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Sun Oct 31, 2010 8:55 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

From my experiences, I'd have to agree with xxxKrissxxx.

Both courses are excellent, and eLearn's definitely went a little more in the direction of the web-focused side (while still covering other).  eLearn's course covered their material well, and I was pretty impressed with how they covered / explained some topics, like buffer-overflows.  While I already understood that concept, for anyone who doesn't, already, they did an excellent job with how they put it together and explained it. 

That said, I did like the hands-on from OSCP a bit more, but that was simply due to my learning style, etc.  Also, I liked that OSCP made me self-study and research, for myself, a bit more, as in real-world pentests, you'll often hit those types of scenarios.  Either one (eLearn or OSCP)  is a good way to go. 

That said, like xxxKrissxxx said, as well, if you don't already have a decent fundamental on ethical hacking / pentesting, you MIGHT find value in getting CEH first, or one of the similar certifications.

Good luck, and let us know both WHAT you choose, and your experiences with it, when you get into the courses.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Sun Oct 31, 2010 9:04 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Great response Kris, thank you it is actually helpful.  I've always been a "self taught" type person and feel (in most cases) 5 day 5k boot camps just don't cut it... Too much too fast.. Over the last year I've gotten used to training with CBT such as Jermy Cioarra for CCNA CCNP as well as Chris Bryant and I really like that type of learning supplemented with books and experience of course.

What you said about having access to the network through a VPN and the ability to be able and just own whatever you can is awesome, just what I or many would want.  I also am a hands on person and love the CLI, whether Linux or just the Cisco IOS types..

However the question you said to ask myself is perfect.. How well do I know Pen Testing and 'how to use' the hundreds of programs/tools at my disposal.  Well, to be honest with myself I guess not very well.  I know many tools are redundant and I'd eventually have to find my own sweet spot arsenal.. So, maybe it is best I start off with eLearn, so I don't feel I got in over my head with Off-Sec... I PM'd with Armando a few nights ago and seems like a great guy and that maybe the extra support I'd get from eLearn would help prep me more for the Off-Sec PWB.


Like you said, don't get too carried away, because the actual CEH cert and others that make me look better on paper are what I need, but nothing like truely knowing which I feel I'll get out of both these courses.

By the way, I'm very curious, if you wouldn't mind sharing or know where I could find pictures of what the actual certifications these two courses can ultimately yield look like..

Thanks again Kris!
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Sun Oct 31, 2010 9:08 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

hayabusa, I was writing as you posted, but you hit it dead on and I agree with both Kris and yourself.

I plan to be ready to take my CEH within the next week or two, but I think maybe starting with eLearn first is my best bet.

I remember the site saying that price goes up to $699 after tonight, so I better hurry lol.. Although I wonder how that applies to the payment plan...

I'll definitely keep you posted on my progress as I think my decision may just have to be eLearn (at least first, not to say I'm not craving some Off-Sec!).
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sun Oct 31, 2010 9:29 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

hey,

glad my post was useful in someway. I'd recommend waiting for v2 of eLearnSecurity's Penetration Testing Pro course. It's suppose to be released soon and there's a ton of new features they're adding into the course including a VPN Lab. To get an idea of what they're working on check this out:
http://feedback.elearnsecurity.com/forums/50617-penetration-testing-course-pro

By the way, I'm very curious, if you wouldn't mind sharing or know where I could find pictures of what the actual certifications these two courses can ultimately yield look like..


Sure, I only know what the OSCP Certification looks like:
Image

The eCPPT certification I haven't seen yet but maybe one of the eCPPT certified members could post one for you  8)
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Sun Oct 31, 2010 9:49 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

That's awesome, thanks Kris!  I like the fact that there is a place for feedback, where they'll actually take the good feedback and implement into future upgrades/versions. 

I wonder when the 2.0 is slated for, although I would be able to have access to the revisions, it would probably feel like overkill going through the course more than a few times to view changes, but helpful indeed.  The learning never stops though, that's for sure!
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Wed Nov 03, 2010 2:50 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Good day to all!  So, I've had some great responses so far and after countless searches I know this subject has been in many posts as well as reviews, these two classes/courses in particular..

Anyways, last night I went through all the freebies or demos Off-Sec, eLearn and even looked into the Heorot and it's Dojo. This really put me back to a confused or indecisive state..

The PWB videos I saw were just awesome, straight to the point, very good full screen quality and more of the CLI style learning I like.
eLearn's free SQL Injection module had me a bit disappointed at first, because of the whole point and click... Having to click slide through slide etc. However at the end, after finishing the whole module I did learn and overall enjoyed it, so the downside is so many slides vs less video for me I suppose.

Heorot's video's looked good like Off-Sec's, though I hear that the methodologies are a bit different than the others and I don’t hear as much about them, although a Published book gives more credibility…

So, what initially drew me was seeing eLearn’s marketing all over the place, as well as a very nice website design that is appealing, not to mention the payment plan is a top consideration.

Now, let’s say money isn’t an object (yeah I wish lol), but I can go for any course and have two months of time to devote non-stop, 24/7  etc… I do have a couple of machines I could use to attach with different VM ISO’s loaded on them, on different Cisco switches, routed out into different subnets etc..

With that being said (not that it may be helpful), what would you recommend?  I know it’s hard, because I know they’re all good with plus’ and minus’ for each, but given my unlimited time for a couple of months, not putting into consideration the money factor (other than I can only choose one for maybe a good while)… Yeah I know, tough one maybe.. 

I just want to learn the most I can and have the most fun doing so (meaning less dry maybe boring material).  I know none have highly known certifications (by employers), so this is strictly to supplement my having the CEH and whatever else I pursue.  However I do see the OSCP being listed here under the certifications sections and most likely to be known out there…

Plus I really like BT4 and want to get the most out of using it too, but I guess all of these classes use it/ include it In some form or another.  So thanks again for any help clearing my indecisive mind!
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Wed Nov 03, 2010 3:12 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

I took heorot.net and eLearnseucirty; I learnt from both with different subjects. Both of them will give you a good introduction and OSCP will complete a lot of your training.

Money, value and job, that depennnnnnd of many factors.
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Thu Nov 04, 2010 11:54 am

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Just to interject in your thought process, people who sign up for the heorot.net courses also gain access to the hackingdojo.com classes during their enrollment. Although many people prefer (and have chosen) to *not* attend the hackingdojo.com classes (because of learning styles), there are others who have signed up specifically because they can attend both - that way they get both the heorot.net videos and the hackingdojo.com live classes.
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Thu Nov 04, 2010 4:31 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Thanks again for the replies.  Thanks for the info Grendel, I'm actually looking at your videos now, vey good stuff.  I know no matter what path I decide all offer great material, I suppose just a matter making up my mind and doing it!

It's great to know that you have access to both material through Heorot though, I'm going to do some more investigating as I'd like to get enrolled in something within the next couple of days.
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Thu Nov 04, 2010 6:33 pm

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

MindOverMatter wrote:It's great to know that you have access to both material through Heorot though, I'm going to do some more investigating as I'd like to get enrolled in something within the next couple of days.

Absolutely true - from what I've been told by attendees at the other offerings, anything you choose will be beneficial and educational - I haven't really heard or run across any training in this field that was sub-par... it is just a matter of what you want to learn and your own personal learning style.

Good luck with your future!
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

MindOverMatter

Jr. Member
Jr. Member

Posts: 62

Joined: Wed Oct 27, 2010 7:57 pm

Post Fri Nov 05, 2010 12:14 am

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Again, thanks for all your responses and help.  It gets kind of difficult when you speak to the different mentors / creators of the different online courses, because all are so great and really cool people.

Since the first person I had spoken to was Armando I decided to enroll in eLearn's class today.  It's like you don't want to go with one and not the other after so many great responses and help, but I figured I'd go with my initial instict before I started asking and exploring so much.

I know the ePPT course will be great and look forward to some Dojo action in the near future as well.  I believe both will give me the proper foundation to be most successful with the OSCP.

I've been waiting on the people from the "CEH" to be able to purchase my voucher for the EC0-312 and get that over with, but it's impossible to get emails returned or routed to the correct person when calling it seems.  Since over a week ago I emailed them all my credentials (certifications), work experience and a signed letter from a customer I did consulting for, for over 2 years (oh and of course my DL..). So hopefully that'll come sooner than later, but either way my current studies and time will only help for the exam.

Peace to all!
A+, Network+, Security+, CIW Associate, CCNA, C|EH
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Tue Nov 09, 2010 7:01 am

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

Hello everyone and thanks for all the nice words about us.

I wanted to clarify that v2 of our course is not so "soon-to-be-released".
So being honest with you guys trying to decide your certification path,
I'd recommend that you consider our v1, currently available, because v2 will not be released soon.

Moreover, v1.1 will contain a lot of bug fixes, suggestions and a new and 1 additional hour video on SET.
It is free for all our old and new students (so feel free to join) . Release is a matter of days.

If you are interested we are about to launch an Introduction course to pentesting  that will save you tons of money and will specially benefit new to the subject.

Hope this clarifies our plans on our v2
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Nov 09, 2010 8:03 am

Re: First Post, Need Help Deciding on Training eLearn or Off Sec

I'm a little late on this, but welcome to the forums MindOverMatter. :)
Let us know your thoughts on ePPT when you are done with it. It was one of the right decisions you could have made, out of many. From reading about your posts I'd have said, that OSCP might be too advanced for you at this point. Nevertheless, it will be still there when you have finished your current course and increased your knowledge. ;)

Return to Security

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software