+ Reply to Thread
Results 1 to 10 of 10

Thread: Passed GWAPT

  1. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    1,022

    Certifications
    C****, C***, C**
    #1

    Default Passed GWAPT

    Finally took the exam this Monday morning just before voucher expires tomorrow end July. I took SANS 542 course in March. My practice test scores were 79% and 86% respectively. First practice test was taken closed book, i.e. I did not refer to my course materials. Spent about 1:10 hours and passed with 94%


    To be honest, the exam was not difficult if you know HTML, JavaScript and SQL; i.e. you have programming background. Which I did due to past experience as database admin writing stored procedures and optimizing SQL queries; and as a web application developer writing server code and more importantly writing and troubleshooting client script code. There were questions about tools, which you can easily find the answers to from the course materials.

    Overall SEC542 is a good course to get web developers trained on security. Don't think I can be a web penetration tester yet. Think I will try eWPT next.
    Reply With Quote Quote  

  2. SS
  3. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    941

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #2
    Agreed. I walked away with my GWAPT saying it's a great course to introduce someone to hacking web apps, but I'd never take the class thinking it's going to set me up to be a l33t hax0r. a starting point if you're looking to move into web app testing - definitely, but nothing that's going to make you an expert by any stretch of the imagination.
    Reply With Quote Quote  

  4. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,628

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security, MSISA, BSBA
    #3
    Congrats on the pass man! GWAPT is one I'd love to do.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CCSK, AWS CCP, CEHv8, CHFIv8, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: eJPT, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    1,022

    Certifications
    C****, C***, C**
    #4
    Thanks! Got my GWAPT digital badge within an hour of passing, GIAC Advisory Board invitation before 9 am EST Monday morning, and Advisory Board badge before 5 pm EST. 2 badges to add to my LinkedIn within 24 hours after passing.
    Reply With Quote Quote  

  6. Senior Member Jasiono's Avatar
    Join Date
    Feb 2012
    Location
    Horsham, PA
    Posts
    834

    Certifications
    Several
    #5
    Ok, question for you in regards to your skill set now post cert.
    Do you feel as though you have learned enough to be able to assess a web application if your employer came to you and asked you to test a web app that they developed?
    How heavily, if at all, was Burp Suite used?
    WGU Progress: In Progress | Finishing Bachelors Degree in IT-Security
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    May 2018
    Posts
    8

    Certifications
    CISSP, CCSP, GWAPT, GCIH, MCSE: Cloud Platform and Infrastructure, MCSE: Mobility, MCP Windows Internals and many more
    #6
    You use Burp Suite in the class quite a bit. I think you would have a good base to do what you want to do.
    Reply With Quote Quote  

  8. Senior Member Jasiono's Avatar
    Join Date
    Feb 2012
    Location
    Horsham, PA
    Posts
    834

    Certifications
    Several
    #7
    Very nice, thank you!

    To the OP - My apologies, where are my manners! Congrats on the pass!
    WGU Progress: In Progress | Finishing Bachelors Degree in IT-Security
    Reply With Quote Quote  

  9. Senior Member MalwareMike's Avatar
    Join Date
    May 2018
    Location
    Rocky Mountains
    Posts
    108

    Certifications
    GSEC, GCIH, RHCSA, WCNA
    #8
    I take the test on August 18th, thanks for the good info.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    1,022

    Certifications
    C****, C***, C**
    #9
    What markmorow said. I would ask employer to purchase Professional license for Burp Suite as the community edition has certain limitations with regards to speed and features. And just to add, my trainer Hassan El Hadary demonstrated bug bounties where he was able to find vulnerabilities using professional features of Burp Suite.
    Reply With Quote Quote  

  11. Senior Member Jasiono's Avatar
    Join Date
    Feb 2012
    Location
    Horsham, PA
    Posts
    834

    Certifications
    Several
    #10
    Yeah, we use Burp Suite Pro at work now, among 2 other tools, so I was curious. This will help me immensely.
    WGU Progress: In Progress | Finishing Bachelors Degree in IT-Security
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks