The first module is "hacking fundamentals" which as you can tell is going to be a basic overview. I initially thought to skip this section because I already knew the basics about the career, certs, blah blah..but I decided to watch the videos and I am glad I did. Yes I knew 90% of what was on the videos but the 10% I didnt know made it worth while. It was about hackers who have made the news and others interesting things about getting into the field (plus the videos are anywhere from 5-20 mins, why not watch everyone?)
Along with every video is a lab, and they are actually pretty solid (I thought I was going to skip most of them and just watch the videos, but I have learned alot more through the labs). The labs for the 1st module are a little light and blah, but its a section about the very very basics..what do you expect?
Module #2: Reconnaissance
This module was all about gathering information you could find on the internet about your victim.
looking up locations, servers, employees, physical and logical addresses
finding detailed information about the victims servers
learning how to use google the right way and getting better search results
The tools you will use in this module include but not limited too: WHOIS, ARIN, google, bing, yahoo, dig(unix/linux), nslookup(linux/unix), FOCA, maltego.
I have never tried pentesting before so I really liked this section..researching about a company and trying to find flaws through documents was pretty fun
I completed 6 of the 8 sections in the Network Penetration module. This is when I started to have mixed feelings about THA.
So here's how it works..There's a video between 5-30ish minutes, sometimes the video explains the material pretty well and sometimes..mm not so well. A couple videos made me wonder "why did they even make this video?". There are also a couple videos where they begin saying "we debated about even making a video about this section but we went ahead and made it anyways"..then the video is like 4-5 mins long and doesn't really give any information.
After the videos are over, the instructor tells you to complete the lab. During some of the labs, you can get confused or maybe you don't even know what the hell is going on because the video didn't really help and the lab instructions were a little shallow. When you listen to one of the first videos, they do state "we are not here to hold your hand"..and the mean it. I've never used most of these tools before and sometimes I can get lost in the lab..so I end up googling, watching youtube videos, and security tube. After doing my own research, I realized there are so many videos out there for free and that will walk you step by step through each and every tool. So I'm beginning to watch these other videos and putting THA on the back burner.
I don't want people to think I'm bashing THA because I really like their set-up but I wish they would "hold you hand" a little bit more. Some people may say, oh you can just email them if you have questions..and to that I say....if youre doing the module right now, I wouldnt want to stop and wait 24-48 hrs before I can continue.
After I got a little frustarted with the course, I started to look at random modules and see what they had to offer. I really wish they gave more information in their videos..
From what I have seen so far, I would say if you are beginning in pentesting and have never used backtrack or most of the pentesting tools...I don't know if you would like THA as much as someone who has a little bit more experience with the platform and tools. Beginners would be best off buying backtrack 4(book), metasploit, and other pentesting books...read the chapters and once you get to a tool or concept you dont know...just google and watch videos about the concept or tool. Its been working really well for me the past couple of days. Especially if you want to learn ASM or metasploit, check out Welcome to SecurityTube!. The founder has a whole course about both of them.