+ Reply to Thread
Results 1 to 4 of 4
  1. Senior Member si20's Avatar
    Join Date
    May 2014
    Location
    UK
    Posts
    427

    Certifications
    MCDST, MCP, BSc Computer Forensics, MTA: 98-366, OSWP, OSCP, FJSE, ACE, PGCert, Linux+
    #1

    Default Question about Web Application Penetration Testing - WAPT

    Hi guys,

    I'm curious to know whether anyone can tell me more about the WAPT course that elearnsecurity offer? I did the OSCP in 2014 and honestly - it helped me get a job in a SOC, but did little to nothing for a pentesting job - purely because most pen-testing companies want web-app pentesters.

    So that leaves me with two choices: self-study and somehow learn web-app pentesting, or get a course that'll boost me right into what I need to be studying - although there's a cost to it.

    So I guess what i'm asking is this: Is the WAPT course worth it? Do you think it's realistic to pass it and become a junior pen-tester? If i'm wasting my time, don't be afraid to say. At this point in my career, pen-testing seems like the only thing that'll be an enjoyable job and if I can't get into that, then I think I need to re-assess my decision to work in IT.
    Plans for early 2018: CompTIA Security+
    Plans for 2018/Beyond: MTA Software Development Fundamentals and see where that takes me
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    433

    Certifications
    LFCS, GCIH, eJPT, CCNA, CAPM, Sec+, Net+, A+
    #2
    Wondering about this myself.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Jul 2015
    Posts
    457
    #3
    I can't speak to the course. But if you're looking for something to self-study web app pen testing, you could download Webgoat. It's basically a web-based version of Metasploitable. And they have "lessons" for you to go through. They don't really teach you anything, but they provide goals to accomplish. So as long as you already have a basic understanding of the tools (with an OSCP, you should), you can get some practice in that way.
    Reply With Quote Quote  

  5. Cyber Donkey slinuxuzer's Avatar
    Join Date
    Jul 2003
    Location
    East Texas
    Posts
    619

    Certifications
    VCDX:NV - A+ Net+ Sec+ MCSA08 CISSP CCNA B.S. IT/WGU
    #4
    Don't underestimate the power of leveraging your employer, first, start by coming up with a case for them to send you to instructor lead training - SANs has a top reputation and teaches web application pentesting. Also, take a look at your companies educational reimbursement policy, SANs.edu offers postgraduate certificates in Pentesting, and web app courses, so all that may be required is for you to leverage your company. I personally have had a lot of success over the years attaining training through my employer, its free to ask.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks