A couple of years ago, Armando Romeo, from eLearnSecurity, allowed me the privilege to review their initial course offering. Two years later, I was pleased to be asked to review the second generation of this course, and at no surprise to me, they've only improved upon what they'd offered in the earlier version. I spent my spare time, over the past few weeks (while also studying for another well-known certfication,) diving through the courseware, comparing and contrasting v2 to v1, as well as looking at much of the new information that was provided. My goal, not so much to compare against everything else on the market, but to really see what changed, in this new version. Along the way, though, I was happy to see that it STILL outdoes many of the competitors on the market, both in terms of information exposure, as well as in ease of learning, clear presentation and informational accuracy.
What was immediately apparent to me was a much cleaner interface and presentation, than in the previous version. While the organization of the materials was much the same, and it is still Flash-based presentation, the interface was easier to navigate, for me, and was even better 'put together,' from the presentation point of view. The links at the bottom of the pages, to references and videos, were a nice update, and made it easy to quickly reference outside information, also allowing me to watch video segments, etc, at times when the written material started to feel long, and I needed a mental diversion for a bit (not out of being bad material, but because I was going through at night, after some long work days, prior, so at times, after reading for a while, my mind started to wander.)
(Note - ironically, Andrew Johnson's review, http://www.ethicalhacker.net/content/view/420/1/, on ethicalhacker.net was posted today, as I was working to complete this, and many of his thoughts mirrored mine)
The individual Section titles from v2 are:
- Module 1: Introduction
- Module 2: Cryptography and Password Cracking
- Module 3: Buffer Overflow
- Module 4: Shellcoding
- Module 5: Malware
- Module 6: Rootkit coding
- Module 1: Information Gathering
- Module 2: Scanning
- Module 3: Enumeration
- Module 4: Sniffing and MITM attacks
- Module 5: Exploitation
- Module 6: Post-exploitation
- Module 7: Anonymity
- Module 8: Social Engineering
Web Application Security
- Module 1: Introduction
- Module 2: Information Gathering
- Module 3: Vulnerability assessment
- Module 4: Cross site scripting
- Module 5: SQL Injection
- Module 6: Advanced Web Attacks
With regard to the individual sections, I'm strongly in agreement with Andrew's review, on ethicalhacker.net. One of the the points I'd noted, when I originally reviewed v1, was that they did a good job of explaining topics like the stack, and buffer overflows. In the new version, I feel they made that even better, both through change in visual presentation, as well as the occasional quiz (there were a few self-quizes throughout the course,) in order to make sure you grasped the concept they were teaching you. As Andrew noted, it feels even less like you're being thrown into something, if it's a topic you previously didn't understand, or had been introduced to.
Added content was also a plus, such as the extra section, on Post Exploitation, that was added to the Network Security section. eLearnSecurity did a great job of expanding upon the modules, and presenting the student with more information than in the previous release. Even with the additional material, the modules continue to flow clearly, one to the next, through well-thought-out, organized processes, which align to the various penetration testing methodologies. Aside of my aforementioned need to occasionally step off the written page, and into the videos and side reference links, I felt it much easier to keep my head into the topics being presented, as this was eased by their organization of the course and materials.
The most notable additions to the course, however, are their labs. The course allots the student (it did me, anyway) 30 hours 30 minutes of time to spend in the Hera Labs, which are new to v2 (note this is NOT the extra, paid Coliseum labs, which are ALSO of great benefit to students, whether in study for the course, or just looking for general practice.) The Hera Lab exercises were aligned to specific sections of the course, and give you hands-on practice within the skillsets. Each lab has a PDF with instructions, as well as solutions for the tasks the student has been assigned to do.
The Hera Labs are:
Lab 1 - System Security - "Assembler", "Dev-C++", "Exploit Development" and "Fuzzing"
Lab 2 - Information Gathering - "Detect Live Hosts", "NMAP Scans", "DNS Enumeration" and "Zone Transfer and NSLookup"
Lab 3 - Scanning - "Port Scanning", "OS Fingerprinting", "Service Detection" and "Idle Scan"
Lab 4 - VA & Exploitation - "Vulnerability Assesment" and "MultiPlatform Remote Exploitation"
Lab 5 - Post Exploitation - "Privilege Escalation", "Maintaining Access", "Data Harvesting" and "Pivoting"
Lab 6 - Blind Penetration Test
Due largely to the fact that I've previewed this during another certification, I didn't spend time in the labs, right now, so I'm very thankful that the time will remain in my account, as I look forward to going through them, upon completion of my other certification. However, I did read through the lab exercises, over my lunch breaks, the past few days, and can assure the reader that they are both relevant to pentesting, and good / solid exercises to go through, especially for those new to pentesting, who really need the groundwork laid, and have never done many of the steps. Lab 1 deals more with the underlying system hacking concepts, such as exploits and the stack. Labs 2-3 deal more with the gathering of information and 'mapping out' the target(s). Lab 4 covers finding vulnerabilities, while Lab 5 deals with what to do after the initial exploit has succeeded. Finally, Lab 6 goes into other areas, such as web applications and web app enumeration / exploitation. So they give you a small dose of everything from the course, in their hands-on labs.
All in all, the course is a hands-down improvement over it's previous iteration. Still (and even moreso) the "CEH killer", as Jason Haddix (another ethicalhacker.net columnist) called it, in his v1 review, this course is considerably more informative and hands-on than the CEH, for those who don't just want to gain information, but to build their skills and get a more realistic approach on the fundamentals. Students get more 'bang for their buck', and due to the continued access to their course materials, will always be able to come back for review, without having to retake a bootcamp, or buy another CBT.
In the view of this pentester, the course is definitely a solid offering, and well worth the look and investment.
"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'
OSCE, OSCP , GPEN, C|EH