Update: elearnSecurity have recently launched their advanced Ethical hacking program, You can read more about it in the following post - elearnSecurity Penetration Testing Professional V2
There are thousands and thousands of people who want to become a penetration testers and Ethical hackers but most of them become after spending some time researching these topics get frustrated and quit, And I don't blame them for being frustrated as there is no proper information and guidance available on the internet and if there is some it is presented in the wrong way to the beginners.
When I started got interested in this field at the age of "14", there were no proper information available on the internet, Most of them were not available for Intermediates and were mostly targeted towards those who already have prior knowledge of Hacking and Penetration testing.
All the stuff I learned was by trial and error, Experimenting and experimenting and experimenting, As I reason of which went I managed to understand the inns and outs of this field, I wrote a book "A beginners Guide To Ethical Hacking" for beginners only, but it was more focused towards Ethical hacking rather then penetration testing.
Now a days Penetration testing is getting more focused and has got much more hype then Ethical hacking due to the tremendous amount of job opportunities. As a result of which there are several hundred's of people offering online training's to the newbie's. Recently I came across a wonderful course "Penetration testing - Student" by Elearnsecurity, The content outline was enough to impress me. So I contacted the CEO "Mr. Armando", I told him that your course is something which my readers would be really interested in. So therefore today I am reviewing "Penetration testing - Student" course by Elearn Academy. People note that the review is fully unbiased and is based on my personal opinion.
Editors Overall Rating: 8/10
The whole course is comprised of 647 slides and the course is divided in to two main sections:
1. Preliminary Section
2. Penetration Testing
Preliminary Section:The preliminary section is for absolute beginners, who have very little or no knowledge related to Ethical hacking and Penetration testing, The Preliminary section is furthur more divided in to two sections.
I have stressed lots of times in my previous articles related to the importance of networking, because in order to understand Layer 3 attacks i.e Network based attacks, You need to understand how networks work?. You need to understand how the network infrastructure is setup. Before understanding how to compromise the networks.
The second of section talks about the basics of webapplication security and attacks. Since past 3 or 4 years, The attacks have been more directed towards webapplication more than networks, And it makes sense, Because networks are more difficult to compromise than Webapplication themselves. The section talks about basics of HTTP protocol, which is the foundation of the webapplication, The instructor also talks about Cookies, Sessions and same origin policy which is really essential for understanding attacks like XSS (Cross Site Scripting) and Session Hijacking.
I believe that the Instructor has did a very great job in explaining the preliminary section, However I would have liked more if the instructor would have gone in much more depth of networking section.
Penetration Testing Section:Penetration testing section talks about the methodology of penetration testing more than the tools of Penetration testing, The section talks about both Network based penetration testing and Webapplication based penetration testing, But the instructor did not go in to much depth as I was expecting. The section talks about several attacks webapplication attacks such as XSS, SQL Injection and buffer overflow. However the section did not talk about other high risk vulnerabilities like LFI, RFI, Directory transversals etc.
Labs:For the Beginner course, eLearnSecurity provides two Labs solutions. The first is included in the package and is based on Metasploitable distro. Students are guided through the set-up of the lab environment and will be able test acquired skill on this freely available vulnerable virtual machine.
The second option is to add Coliseum Lab to the package. This is an online virtual lab on web application security where the student is give 14 different real world scenarios and valuable educational material during the lab. This further 100% hands on module costs $99 for 30 days access.
Presentation:The thing which I liked the most about the course is the presentation, The slides were presented in a superb way combined with flash based videos and other useful material. At the end of every topic there was a small quiz, which helped you test how much you have understood from the section.
OverallOverall the course was excellent for beginners and is highly recommended, It's not recommended for intermediates or those who have prior knowledge of Penetration testing.
Cost:The whole course costs about $349. Which is a very reasonable price as compared to other security related training companies. You can enroll your self for 7 days risk free trial, So if at the end of the day, You feel that this is not for me, They will refund your every single penny. You can enroll your self by clicking at the link mentioned below:
Click Here To Visit The Official Page For More Information