Penetration Testing Student Course Review - eLearnSecurity.com
Status: Review complete. Certification passed.
Notice: This article will be updated as I progress through the course until I’ve completed it. The information contained herein was written based off of this course’s offerings in March/April of 2016. It may or may not be the same whenever you’re reading this review.
Company site: eLearnSecurity.com
As part of my on-going information security training and effort to eventually get into this industry, I decided to start taking courses and going for certificates. While the certificates may or may not help professionally, they will be a joy to do as a hobby, so it’s win-win for me.
When I was at BSidesLV2015 I spent most of my time silently observing the patterns of others and their conversations. For me, it was an intelligence-gathering operation. I discovered two training sites that I hadn’t really heard much about before. One of those was eLearnSecurity.com.
Having heard good things about their training, I put them on my map and in March 2016, I finally got around to trying them out. As of this writing they offer a handful of courses (I plan to do a few of them).
I decided to start at the very beginning, which meant taking their Penetration Testing Student v3 course. While there is an invite-only free version, I paid for the full version. There is an elite version as well, but for this particular course, I didn’t think I’d need the lab time (partly because I have a lab setup and because I’ve at least lightly used the tooling they will introduce in the course).
Their courses offer certificates, which I liked. While it’s likely it won’t be recognized much, I’ll gladly take it. For me, it shows that I took the time (and money) to display my passion and knowledge toward something I care about.
From here out, I’ll keep adding notes via segment updates.
If you plan on buying a course from eLearnSecurity.com (or just have), you’ll most likely have to go through an ID verification protocol, which they do to help deter fraud. When I purchased the course, it took a couple days to get access, but this may be due to the weekend. First thing on Monday, I was ready to go.
The course is laid out in major segments with each segment having various sections. So far I’ve went through almost the first half of segment one. There was been slides, a couple videos and a couple labs.
A quick point about the labs (boy do I love labs). Don’t worry about being stuck. Each lab comes with a guide that talks about what you’re trying to do and also a solution section at the end just in case. I’d recommend completely exhausting yourself before you even think of looking at the solution.
I think the course is doing a nice job of laying out the foundation.
The only thing that’s bothered my thus far is the Flash requirement. I was forced to install it to view the slides. I found a security training site requiring Flash to use said training rather comical.
Aside from the Flash nonsense, I’m pretty pleased thus far. This is a starter course (at a start price) and it’s delivering thus far.
I recommend doing the following to get the most out of this course:
Create folder called eLearnSecurity with a subfolder called PTSv3. You’ll put everything into this folder.
For each section you do, open up a text file and take notes. Save them with a name like “Web-Attacks-Notes”
When you’re going through the slides of a lesson, take screen shots of anything that interesting (perhaps a diagram or piece of code). Reference it in your notes.
Go to each reference the course lists. Save any PDFs to this folder (reference in notes). If it’s a page or pages of documentation, such as NMAP, save them all to a PDF file and put them in your folder.
When you’re finished, you’ll have a lot of files to go back and study. I recommend copying this folder to a external drive or two as well. I have a SECURITY folder that is replicated on various drives. It’s my “offline” Internet. Anytime I find anything interesting or useful, I copy it and put it here so I have it regardless of a lack of connectivity or if the item is taken offline for any reason.
First Major Update: Up Until Now & Web Attacks
Being about 50% complete, I feel this is a good spot to give my impressions since I’ve been through all the various types of content the course offers.
Let me just say that if you’re completely new or perhaps new-ish, this is a great course to get up to speed.
One of the things I like about the course is they tend to teach “to the point” and then provide resources for more research. To me, this is the best approach. On one hand, you get clarity in that you’re not being overwhelmed with a mountain of information, so that you can enjoy that burst of satisfaction as you do one or two streamlined tasks. And on the other hand, you now have a clearer path to go deeper and expand your knowledge.
Also, I like how they are building up your skills according to the process. For example, one section will talk about how to discover hosts on a network. From then on, the next lessons will always require you to use that skill, which helps ingrain it into your memory.
Now, is this course going to prepare you to be elite or something. Of course not. What it will do is make sure you understand some fundamentals and have a working set of basic skills to expand.
I still have 50% to go, but when I complete this course, I will be taking the next logical step, which is their Penetration Testing Professional course. On their forums, I see some people going from here to OSCP (Offensive Security Professional, from Offensive-Security.com). To me this is kind of like learning to throw a football then trying to get drafted in the NFL (ok, maybe not as dramatic, but still…).
The labs have been very enjoyable (I always love a good lab). As one might expect, the videos that prep you for the upcoming lab focus around Kali Linux.
I should point out that you don’t need to use this distro, but if you’re newer to Linux, using Kali is recommended. For example, I’m using Arch Linux as it’s my main distro for my machines.
A little side note: At some point in the course, you’ll get into fuzzing and they will mention Dirbuster. This program is no longer actively developed. While you can get it, I recommend downloading OWASP ZAP instead and learning how to use that.
If you go to YouTube and search for “OWASP ZAP directory fuzzing” or something similar, you should see some videos to get you up and running in minutes. And of course, continue to read the ZAP page for lots of great information on using it.
Second Major Update: System Attacks
I’ve completed much of the course and just have the Network Attacks section left. Most recently, I’ve finished up the System Attacks. Overall that section was good, however, there were no labs (I love labs).
The System Attacks section was split up into a couple main sections:
- Descriptions of various types of Malware.
- What backdoors are and how to do them with NCAT. They also touched on Metasploit some, but it looks like they won’t get into any real meat with it in this course (expected since this is a basic course).
- Explanation of Keylogger types, password cracking and buffer overflows. You’re also introduced to John the Ripper and Ophcrack here.
While there are no labs, you will be doing some password cracking with John the Ripper and Hydra in the Network Attacks section (I’m cracking as I write this).
Overall, I’m please with the section. If you’re brand-new, I think it’s a solid flyover of the landscape. I also think they are doing a nice job with references as the course moves along. For instance, they link to Daniel Miessler’s GitHub for SecLists.
Third Major Update: Network Attacks
Once you start this section, you have four labs remaining. The first lab is taken almost right away (once you’re introduced to Hydra and why brute-forcing network attacks isn’t the best option).
The remaining three labs are: Null Session, ARP Poisoning and Metasploit. Then it’s on to the final exam!
One of the things I liked most about this section was the attention to Metasploit. I had been wanting to get into using it and this section definitely helped with that. You just have to love a good meterpreter shell. :)
The ARP poisoning section was great too. Overall, this was another great part of the course.
And with all of the coursework completed, I was ready to take the exam!
Certification: I Passed
I don’t want to say too much about the certification (wouldn’t be ethical). I can tell you that I was very pleased with how it was set up.
If you make it this far, you’ll need to penetrate a corporate network (lab) and answer questions based on that.
Here are some bullets about my experience and a couple general tips:
- You’re give three days to complete the exam and IMHO this is enough time.
- You must understand what you’ve learned in the course to pass.
- It took me about 13 hours or so for this test, however, I wasted some hours over-thinking things. There were two major blocks of time where I was just scanning and thinking. If you took these away, you’re talking about 4-5 hours. Still, I had 3 days and didn’t need the time.
- My advice (as with any learning/engagement) is to take notes and diagram things. I’m on Linux, so I’m using KeepNote. It’s pretty great.
- When you finish the exam, you’re given your results instantly.
- Double and triple check your answers. Don’t rush. There’s no special bonus for being quick.
- I used my main machine (Arch Linux) for the exam. I only point this out so that newer folks know that you don’t have to use any specific OS distro. Kali Linux, which is nice, is often mentioned since it’s a distro that’s ready to rock. If you start with something else, like Arch Linux, you’ll need to spend time building it up.
I enjoyed this course a lot and I feel that it’s a great introduction into penetration testing. The labs were fun and the final exam was a blast to do.
It’s easy for me to recommend this to those just getting started or with limited information. The course is much cheaper than their other offerings and it will give you a nice foundation to build upon.
And to prove that I like eLearnSecurity’s training offerings, I signed up for and started their course: Penetration Testing Professional. Click that link to see my review of the PTPv3 course.