elearnSecurity Penetration Testing Professional V2 - Review
Few months back we reviewed elearnsecurity Penetration testing student course. We received tremendous amount from feedback from our readers who took the course. Therefore i decided to review elearnsecurity's newly launched Penetration Testing Course Professional v2. elearnsecurity offers one of the finest training related to Ethical hacking and Penetration testing in the market. Version 1 of the elearnsecurity training course has had over 2,000 students from 82 different countries in the world and professionals Military agencies and Fortune 50.
The whole course is divided in to following parts:
1. System Security
2. Networking Security
3. Web Application Security
Module 1 : Introduction
Module 2 : Cryptography and Password cracking
Module 3 : Buffer overflow
Module 4 : Shellcoding
Module 5 : Malware
Module 6 : Rootkit coding
The module starts by covering the basics of C++, ASM and x86 Architecture and than graudually starts moving towards advanced topics such as Cryptography, bufferoverflows, shellcoding etc. I must say that I was impressed the way they explained a complex topics like "Buffer Overflows" and "Shell coding". Module 4 "Shellcoding" is something you won't find in majority of courses on Penetration testing.
Just for your information if by looking at Module 5 "Malware" you probably think that this module will only cover script kiddie stuff such as Prorat, netbus etc usage. Then you are wrong. A thorough and detailed classification of types of malware is the introduction of a module featuring the most advanced and obscure techniques used by modern malwares.
Module 1: Information Gathering
Module 2: Scanning
Module 3: Enumeration
Module 4: Sniffing and MITM attacks
Module 5: Exploitation
Module 6: Post-exploitation
Module 7: Anonymity
Module 8: Social Engineering
Network security section covers wide variety of attacks related to Network penetration testing. Talking about exploitation module, The version 1's exploitation module really disappointed me as it just contained introduction to metasploit and other exploitation tools. However, I have seen some dramatic changes with exploitation module.
Module 1: Introduction
Module 2: Information Gathering
Module 3: Vulnerability assessment
Module 4: Cross site scripting
Module 5: SQL Injection
Module 6: Advanced Web Attacks
Since past few years attacks have gravitated towards layer 7. Since it's really easily to exploit then networks where you have to bypass tons of security mechanisms such as IDS, IPS, firewall etc. elearnsecurity's V2 makes a great coverage of webapplication security.
The section starts by introducing the students to basics of webapplications such as basics of http protocol, cookies etc. Then it dives into information gathering, which include tons of tips and trcks in order to gather information about the target which will be used to exploit the webapplication later.
The "SQL Injection" module is one of the best and offers wide variety of knowledge related to different techniques and tools used to exploit different type of SQL Injection vulnerabilities such as blind sql injection, time based, error based sql injection etc.
After "XSS" and "SQL Injection" the webapplication section takes you to "Advance Web Application attacks such as CSRF, Remote file inclusion, restricted file uploads etc.
There is also an availability of colliseum lab where you can practice all kinds of attacks you learned in this section, which makes the section even more interesting.
Userfreindly Design And FormatThe whole course is presented in a very user-friendly format. I have personally reviewed tons and tons of courses related to Ethical hacking and penetration testing here on RHA and found elearnsecurity design and format to be one of the best and easy to learn format.
CertificationOn submitting the exam report, You will receive an eCPPT certification. The eCPPT designation stands for "eLearnSecurity Certified Professional Penetration Tester". eCPPT is a highly respected Ethical Hacking and Penetration Testing Professional certification.
What Should Be Improved?elearnsecurity team has made a great job in providing intermediate level Penetration testing course, However I personally would like to see more stuff in Network security section.
Conclusionelearnsecurity's team certainly have made some dramatic changes with it's version 2. It's highly recommended to any one who wish to improve their concepts and knowledge related to Ethical hacking and Penetration testing.
Click Here To Visit The Official Website For The eCPPT Course