-
KrisTeason replied to the topic Language order? in the forum Programming 6 years, 3 months ago
If you are new to programming, I would start with Python -> C -> ASM. Perl may not be necessary here. You should take a look at some of the courses Vivek has at Pentester Academy. There’s still promotional pricing available for a limited time. He has some ASM Material on there that is solid. In addition to Pentester Academy, Cybrary is a Library…[Read more]
-
KrisTeason replied to the topic [Article]-Winner of SANS vLive Instructor-Led Security Cours in the forum News Items and General Discussion About EH-Net 6 years, 3 months ago
Congrats SephStorm!
Very well deserved. You’ve won 2 of the 4 giveaways for 2014 π
You took SEC560 few weeks back and have your next SANS course picked out.
Which one will you be taking on next?
-
KrisTeason replied to the topic Is this vulnerable? in the forum Web Applications 6 years, 3 months ago
This looks vulnerable. How does the user’s input make it over to the $cmd variable? via a $_POST parameter? Try manipulating the request with a proxy and see if you can change it’s value to get a command executed. If you can break out of the quote, you can append (with &&) additional commands that can get executed.
This video will…[Read more]
-
KrisTeason replied to the topic Web Application Penetration Tester eXtreme (WAPTX) – eLS in the forum News from the Outside World 6 years, 3 months ago
There’s a WAPTX review up from the PrimalSecurity Team.
-
KrisTeason replied to the topic Web Application Penetration Tester eXtreme (WAPTX) – eLS in the forum News from the Outside World 6 years, 3 months ago
The Christmas coupon code is, ELS-XMAS-2014. You can get their full Penetration Testing Student v2 course for $49 when checking out with it.
-
KrisTeason replied to the topic Web Application Penetration Tester eXtreme (WAPTX) – eLS in the forum News from the Outside World 6 years, 3 months ago
Did anyone sign up for WAPTX? How do you like the content? If you missed the chance to enroll, eLearnSecurity currently has an all-access pass offer going through this month:
https://www.elearnsecurity.com/offers/all_access.phpFor $3999 you can get access to all 9 of their courses (elite version). Insane deal!
-
KrisTeason replied to the topic Starting OSCP journey | 23rd Nov π in the forum OSCP – Offensive Security Certified Professional 6 years, 4 months ago
A few differences that I noticed between PWB v3 and PWK:
-Ncat was introduced
–PBNJ has been removed
–Unicorn scan has been removed
-Module 5 on ARP Spoofing has been removed. Off Sec students won’t be performing ARP Spoofing in the labs.
-Some more useful information was added in under the Buffer Overflow Section of the course.
-PWK gets into…[Read more] -
KrisTeason replied to the topic Web Application Penetration Tester eXtreme (WAPTX) – eLS in the forum News from the Outside World 6 years, 4 months ago
Quick summary of yesterday’s webinar.
eLearnSecurity released their new Web Application Penetration Testing eXtreme course along with their new eWPTX Certification. Here is a look at the Syllabus.Through and up to November 30th, you can use the coupon code: WAPTX-NEW-30 during checkout to receive a 30% discount on the course. You’ll also be…[Read more]
-
KrisTeason replied to the topic Starting OSCP journey | 23rd Nov π in the forum OSCP – Offensive Security Certified Professional 6 years, 4 months ago
Look into:
The Basics of Web Hacking: Tools and Techniques to Attack the Web (Great introductory book)
-
KrisTeason replied to the topic Starting OSCP journey | 23rd Nov π in the forum OSCP – Offensive Security Certified Professional 6 years, 4 months ago
Hey SephStorm,
You are allowed to use Metasploit in the PWK Lab Environment. There are remote exploits out there that you can also pull down, compile and run. The course does a fine job teaching you how to compile/cross compile/port exploits and presents numerous ways how to get root. People out there have also coded their own point and click…[Read more]
-
KrisTeason replied to the topic Starting OSCP journey | 23rd Nov π in the forum OSCP – Offensive Security Certified Professional 6 years, 4 months ago
Hi mosunit90,
Welcome! PWK doesn’t go too far into Web Application Attacks. They saved their real content for their AWAE Course. To get an idea of what to look forward to check out their course syllabus (Check out Section 13). The OffSec guys developed a custom web app for you to play around with that’s provided on the Lab Machine your given…[Read more]
-
KrisTeason replied to the topic Beginners questions to OSCP in the forum OSCP – Offensive Security Certified Professional 6 years, 5 months ago
Hey bahr,
Great to see another programmer on here interested in penetration testing. While everyone is saying go for it, I was looking at your background along with how much time you have to study throughout the week. 2 hours each day throughout the week is going to be hard to progress in the lab environment.
I don’t look at PWK as an…[Read more]
-
KrisTeason replied to the topic Advice for 560 in the forum GPEN – GIAC Certified Penetration Tester 6 years, 5 months ago
Hey SephStorm,
I’m going to +1 Hayabusa here regarding indexing your materials. Everything on the GPEN Examination is straight out of the text books. While it’s not incredibly hands-on, be sure to be able to recognize the output of various tools (like how do scans appear while sniffing with TCP Dump, etc). Be comfortable with commands to…[Read more]
-
KrisTeason replied to the topic WAPT in the forum Web Applications 7 years, 1 month ago
Recently took the eWPT exam. Waiting on the results. The course content and labs are great. Plan on going through the Practical Web Defense material soon here.
-
KrisTeason replied to the topic eCPPT vs. GPEN in the forum Network Pen Testing 7 years, 4 months ago
The GPEN has more recognition over eLearnSecurity’s Certifications. Offensive Security’s courses are great and people have respect for OSCPs and OSCEs.
Having recently taken the eCPPT Gold Examination, eLS has really stepped up their Examination Challenge from their Silver Exam. Not only have they made it more hands-on, but they test you on more…[Read more]
-
KrisTeason replied to the topic Certification plans for 2014? in the forum General Certification 7 years, 4 months ago
GWAPT
OSWE if OffSec plans on releasing an Advanced Web Attacks Online.Considering WGU for my Bachelors. If I attend, I’ll be after the
OCJA, CIW Database Design Specialist, CIW Javascript Specialist, CCENT or CCNA Certifications.Fell short of my 2013 goals. Can only move forward.
-
KrisTeason replied to the topic Passed OSCP – Review Inside in the forum OSCP – Offensive Security Certified Professional 7 years, 11 months ago
Great work ! Congrats!
-
KrisTeason replied to the topic OSCP submission prior to exam in the forum OSCP – Offensive Security Certified Professional 7 years, 12 months ago
Hello,
If you managed to own all of the machines in the lab, your well prepared for the examination. The report is sent in after the examination challenge is taken.
Version 3 of Pentesting with BackTrack has been out since March 2010 (I know, I was one of the 1st people to enroll). After going through the course and finishing up about June 2010,…[Read more]
-
KrisTeason replied to the topic Passed OSCP! in the forum OSCP – Offensive Security Certified Professional 8 years ago
Congrats! What Certification is on your radar next?
-
KrisTeason replied to the topic Change is Coming to EH-Net!! in the forum News Items and General Discussion About EH-Net 8 years ago
1. With EH-NET all the way!
2. Not too extensively. Less than a handful of times a year am I messaging users.
3. Possible
4. I could also help you test.
5. Like a couple of the other members, I’ve been a consistent long-term member. I would love a moderator opportunity as long as we do not discount moderators winning the fabulous prizes.
6. Not my…[Read more] - Load More