iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (2)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
[Question]Which online security course should i take?
  • bl4ckb3ard
    Posts: 5
    Well i guess title says it all.I have been searching around for a good online course but i have found quite many and i cant make out if they are any good or if their certification has any recognition.This one caught my eye http://www.elearnsecurity.com .Anyone have a good advice for me?

    Thanks in advance.
  • Sh3llc0d3
    Posts: 1,910
    elearnsecurity only really has recognition on ethicalhacker and another site really... because they reviewed them and have advertising deals with those sites. If you want a pentesting course online then I'd go with the Offensive Security Courses, Pentest With Backtrack [PWB] being one. Their courses are not cheap by any standard, however your better off forking out for a course that at least is heard of in the INFOSEC community. I was considering doing the elearnsecurity one myself but i'm saving up for the OSCP (offensive security certified professional) now. I'm tempted to say stay away from the CEH exam because it's had a bad reputation from people I know that have taken it. I can't deny though that it's the industry leader in ethical hacking.
  • bl4ckb3ard
    Posts: 5
    said:


    elearnsecurity only really has recognition on ethicalhacker and another site really... because they reviewed them and have advertising deals with those sites. If you want a pentesting course online then I'd go with the Offensive Security Courses, Pentest With Backtrack [PWB] being one. Their courses are not cheap by any standard, however your better off forking out for a course that at least is heard of in the INFOSEC community. I was considering doing the elearnsecurity one myself but i'm saving up for the OSCP (offensive security certified professional) now. I'm tempted to say stay away from the CEH exam because it's had a bad reputation from people I know that have taken it. I can't deny though that it's the industry leader in ethical hacking.



    Well Offensive Security Courses are really expensive but it seems like the real deal(so damn expensive!!!).Seems i ll have to save money for it too.i have the cracked version of PWB and i have to say that it is great but because its an older one its quite hard to follow(mostly at writing exploit due to the lack of the software for testing).

    Thanks for reply btw:)
  • m0rph
    Posts: 332
    said:


    If you want a pentesting course online then I'd go with the Offensive Security Courses, Pentest With Backtrack [PWB] being one. Their courses are not cheap by any standard, however your better off forking out for a course that at least is heard of in the INFOSEC community. I was considering doing the elearnsecurity one myself but i'm saving up for the OSCP (offensive security certified professional) now.


    I have no complaints with PWB other than I don't dedicate enough time to it.

    If you want to get the OSCP you will need to work hard for it. I've had to extend my lab time once already, and I really don't plan on doing it again.

    In the end, it all comes down to how much effort you want to put into it.
    while( !(succeed = try() ) );
  • Sh3llc0d3
    Posts: 1,910
    said:


    said:


    If you want a pentesting course online then I'd go with the Offensive Security Courses, Pentest With Backtrack [PWB] being one. Their courses are not cheap by any standard, however your better off forking out for a course that at least is heard of in the INFOSEC community. I was considering doing the elearnsecurity one myself but i'm saving up for the OSCP (offensive security certified professional) now.


    I have no complaints with PWB other than I don't dedicate enough time to it.

    If you want to get the OSCP you will need to work hard for it. I've had to extend my lab time once already, and I really don't plan on doing it again.

    In the end, it all comes down to how much effort you want to put into it.



    I was gonna pay for the 30day access, is it realistic to do it in 30days? I've got a pentest lab at home, would that do as a supplement? Good luck with it m0rph
  • m0rph
    Posts: 332
    honestly, if you have 5+ years of professional IT experience, then yes 30 days might be enough. I originally went 60, of course I haven't been hacking for very long, and I also work 12 hours everyday.

    90 days will be plenty of time no matter what your skill level, or experience; granted you don't screw around or become lazy. I don't think that a home pentest lab can compare to the offsec labs. No offense, or anything, but they have multiple subnets and they have like 200+ vm's spread throughout. Obviously mixed between windows and linux, all with varying levels of difficulty.

    The topics that they cover, they cover like hardcore in-depth with exercises. It is definitely a think outside-the-box course, and very challenging, but also very rewarding (not just the cert).

    The only advice I can give at this point, and I've already said it, is don't get comfortable with the amount of time you have. 60 days goes by quick, especially if you don't accomplish alot.
    while( !(succeed = try() ) );
  • Sh3llc0d3
    Posts: 1,910
    Thanks for the advice and feedback, really good luck with the course though, especially as you've spent so much $$$ on it. I'd heard it's very think outside the box as opposed to other courses, I like things like that. I've got a lot of spare time over the summer and starting Uni in september so I might try and squeeze it in if I land any good contracts that give me the cash for it.
  • Xin
    Posts: 3,251
    I would definately go for the Offsec ones if your serious about it.
    Xin
  • Se7enisLucky
    Posts: 34
    said:


    ...I can't deny though that it's the industry leader in ethical hacking....



    Erm - I think it'd be more CISSP? Or is that on a higher level then ethical hacking?
    Just curious.
    To OP: Go for the Offensive Security ones, but if this is *the first* time you're using linux/programming stuff I'd recommend doing some learning before. From what I've heard the course is very programming intensive and from my personal experience of other cert.'s, I'd recommend learning some about networking(TCP/IP, Port #'s[extrusion detection], NAT, DMZ, other basic stuff.)
  • m0rph
    Posts: 332
    said:


    Erm - I think it'd be more CISSP? Or is that on a higher level then ethical hacking?
    Just curious.
    To OP: Go for the Offensive Security ones, but if this is *the first* time you're using linux/programming stuff I'd recommend doing some learning before. From what I've heard the course is very programming intensive and from my personal experience of other cert.'s, I'd recommend learning some about networking(TCP/IP, Port #'s[extrusion detection], NAT, DMZ, other basic stuff.)


    CISSP is not all it's cracked up to be. It's more on policies and guidelines/standards to follow more than it is on actual attacking. If you were going to become a consultant then yeah, CISSP would be a great cert to have. But I've met a CISSP here who didn't know what the TCP three-way handshake was.
    while( !(succeed = try() ) );
  • Sh3llc0d3
    Posts: 1,910
    said:


    said:


    ...I can't deny though that it's the industry leader in ethical hacking....



    Erm - I think it'd be more CISSP? Or is that on a higher level then ethical hacking?
    Just curious.
    To OP: Go for the Offensive Security ones, but if this is *the first* time you're using linux/programming stuff I'd recommend doing some learning before. From what I've heard the course is very programming intensive and from my personal experience of other cert.'s, I'd recommend learning some about networking(TCP/IP, Port #'s[extrusion detection], NAT, DMZ, other basic stuff.)



    CISSP to my way of looking at it is the business/management side of it. I wouldn't class it as an ethical hacking cert, more a security professional's/managers cert. There is a slight difference to my way of thinking.

    For anyone interested the prerequisites for the OffSec certs are:

    Pentesting with BackTrack is an entry-level course but still requires students to have certain knowledge prior to attending the class. A solid understanding of TCP/IP, networking, and reasonable Linux skills are required. This course is not for the faint of heart, it requires practice, testing, and the ability to want to learn in a manner that will grow your career in the information security field and defeat learning plateau’s. Offensive Security challenges you to rise above the rest, dive into the fine arts of advanced penetration testing, and “Try Harder”.

  • nu11byte
    Posts: 53
    You wont magically learn how to be a 'pro-hacker' from any of these courses. All of these courses teach the same things, such as:
    Web-application hacking such as XSS, RFI, LFI, SQLi and Auth bypass (just to name a few).
    They will also teach you a whole bunch of crap you already should know if you want to enter the security field (such as TCP/IP and simple C to understand BOF attacks).
    To become a average - advanced hacker, all the information is available to you for free, with just a little time and dedication.
  • Xin
    Posts: 3,251
    said:


    You wont magically learn how to be a 'pro-hacker' from any of these courses. All of these courses teach the same things, such as:
    Web-application hacking such as XSS, RFI, LFI, SQLi and Auth bypass (just to name a few).
    They will also teach you a whole bunch of crap you already should know if you want to enter the security field (such as TCP/IP and simple C to understand BOF attacks).
    To become a average - advanced hacker, all the information is available to you for free, with just a little time and dedication.



    I'd like to see your references lol as thats not correct in the slightest. What courses are you refering to ? elearnsecurity lol?
    Xin
Add a Comment