+ Reply to Thread
Page 3 of 4 First 123 4 Last
Results 51 to 75 of 82

Thread: eLearn PTX

  1. Junior Member
    Join Date
    Feb 2016
    Posts
    22

    Certifications
    CEH, MCP, Qualys Certified Specialist
    #51
    It was a minor update, but it improved the original V2 eMAPT a lot.
    Module 1 PTX.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    May 2017
    Posts
    116
    #52
    Quote Originally Posted by ottucsak View Post
    It was a minor update, but it improved the original V2 eMAPT a lot.
    Module 1 PTX.
    can i know total duration of video ?
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Feb 2016
    Posts
    22

    Certifications
    CEH, MCP, Qualys Certified Specialist
    #53
    The total length of the videos is 2 hours 55 minutes roughly.
    Reply With Quote Quote  

  5. Junior Member
    Join Date
    Oct 2016
    Location
    Europe
    Posts
    23
    #54
    If you finished one module in 2 days then I would say that is bit too easy. I think a great social engineering book will do same.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    May 2017
    Posts
    116
    #55
    Quote Originally Posted by SleepCZ View Post
    If you finished one module in 2 days then I would say that is bit too easy. I think a great social engineering book will do same.
    can you give the example of the book that you mean ?
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Oct 2016
    Location
    Europe
    Posts
    23
    #56
    I would start with this one got recommended by a friend who based a master thesis on it. Then I found one more, brand new but would have to consult it with my desktop bookmarks, can provide later.

    https://www.amazon.com/Social-Engine.../dp/0470639539
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    May 2017
    Posts
    116
    #57
    social engineering is one part right ? how about another part ?
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Oct 2016
    Location
    Europe
    Posts
    23
    #58
    Well, I do not kboe everything. That's why u pay. For convenience. But another part is AD hacking and there tools out for that. https://github.com/BloodHoundAD/BloodHound and many more. I believe the course is bases on AD users enumeration with their privileges and its exploitation. + weak configuration like users.XML file which is stored in all hosts in domain and contains domain password.

    About SQL module and exchange module I have no clue. This is new for me and must do a research.
    Reply With Quote Quote  

  10. Junior Member
    Join Date
    Oct 2016
    Location
    Europe
    Posts
    23
    #59
    After my experience with PTP I believe that in AD module they just recompile public info and give it some extra value.

    https://byt3bl33d3r.github.io/automa...-a-button.html
    Reply With Quote Quote  

  11. Senior Member xxxkaliboyxxx's Avatar
    Join Date
    Dec 2013
    Location
    Austin, Texas
    Posts
    423

    Certifications
    GCIH, C|EH, Sec+, eJPT, SCCC
    #60
    Quote Originally Posted by ottucsak View Post
    I got the 2.5 eMAPT update for free, which included new updated chapters and better lab exercises. Nevertheless, they will probably not include any Linux or IoT, because that's not part of the scope.

    By the way, I just finished Module 1 and it's amazing as is. 300 slides of pure awesomeness, including hands-on examples, tips for obfuscation, etc. Looking forward to the video and the lab.
    Since there is only 4 labs for 6 modules, does that mean they want you to build your own Windows environment and follow along? I mean, the good thing about eLS is the labs. 300 slides and no lab? Is it just just a "slides of death" type of deal?
    Studying: LFCS
    Reading
    : Python Crash Course
    Upcoming Exam: GWAPT

    https://realworlditsecurity.wordpress.com
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Feb 2016
    Posts
    22

    Certifications
    CEH, MCP, Qualys Certified Specialist
    #61
    There are two labs in Module 1. One about getting a shell through Office macro malware and another about getting a shell through BeEF. There are two more labs, one about WSUS and another about escalating from SQL injection to getting domain admin access. I guess instead of several small labs, they went for a few big ones where you have to chain your exploits compromise multiple hosts/applications. Remember this is supposed to be an advanced course with less hand holding, but you are free to experiment with different payloads and exploitation techniques.

    SleepCZ: Please don't be a wiseguy. I read through Module 1, took notes, tried a few of the potential Office macros, but haven't watched the videos or completed the labs. Also I have read Chris Hadnagy's book before and it has nothing to do with the content of PTX. Module 1 contains a bucketload of information about spearphishing, Excel/Word/Powerpoint macros, obfuscation, client browser based exploitation, blue team and AV evasion etc but it doesn't deal with the basic piggybacking, lockpicking or shouldersurfing. Yes, most of the material is available online, but you have to hunt down dozens of blogposts from various authors, assemble your own labs, buy/steal licenses and configure everything. If somebody has the time to do that, that's great, I'm pretty sure most of the people who work 9-5 in security don't.
    Reply With Quote Quote  

  13. Junior Member
    Join Date
    Oct 2016
    Location
    Europe
    Posts
    23
    #62
    Well now we know what exactly is there thank you for that. I just think that the biggest income should be in the labs. And I was disappointed by previous content of labs from PTP therefore I do not expect that 4 labs now will make me as excited as OffSec. Still think that with limited budget one should focus on OSCP and OSCE.
    Reply With Quote Quote  

  14. Senior Member xxxkaliboyxxx's Avatar
    Join Date
    Dec 2013
    Location
    Austin, Texas
    Posts
    423

    Certifications
    GCIH, C|EH, Sec+, eJPT, SCCC
    #63
    Quote Originally Posted by ottucsak View Post
    There are two labs in Module 1. One about getting a shell through Office macro malware and another about getting a shell through BeEF. There are two more labs, one about WSUS and another about escalating from SQL injection to getting domain admin access. I guess instead of several small labs, they went for a few big ones where you have to chain your exploits compromise multiple hosts/applications. Remember this is supposed to be an advanced course with less hand holding, but you are free to experiment with different payloads and exploitation techniques.

    SleepCZ: Please don't be a wiseguy. I read through Module 1, took notes, tried a few of the potential Office macros, but haven't watched the videos or completed the labs. Also I have read Chris Hadnagy's book before and it has nothing to do with the content of PTX. Module 1 contains a bucketload of information about spearphishing, Excel/Word/Powerpoint macros, obfuscation, client browser based exploitation, blue team and AV evasion etc but it doesn't deal with the basic piggybacking, lockpicking or shouldersurfing. Yes, most of the material is available online, but you have to hunt down dozens of blogposts from various authors, assemble your own labs, buy/steal licenses and configure everything. If somebody has the time to do that, that's great, I'm pretty sure most of the people who work 9-5 in security don't.
    Thanks ottucsak for your reply. I'm on the fence right now and trying to decide before the 31st so if I do buy it, I can use the 50% coupon.
    Studying: LFCS
    Reading
    : Python Crash Course
    Upcoming Exam: GWAPT

    https://realworlditsecurity.wordpress.com
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Dec 2010
    Posts
    362

    Certifications
    VCA5-DCV, CEH, ECSA, CHFI, ITILv3, CND
    #64
    Quote Originally Posted by ottucsak View Post
    Module 1 PTX.
    That's fast!
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    May 2017
    Posts
    116
    #65
    can I use it towards adding value to the OSCP syllabus?
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Feb 2016
    Posts
    22

    Certifications
    CEH, MCP, Qualys Certified Specialist
    #66
    That's what I plan to do. PTP, PTX and try again OSCP after these. During my time in the OSCP labs, I know that I encountered an MSSQL->Admin vulnerability and my friend told me that he also used BeEF during his lab time, so this could be potentially useful. (Although it's a bit expensive if you just want to do that)
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    May 2017
    Posts
    116
    #67
    Quote Originally Posted by ottucsak View Post
    That's what I plan to do. PTP, PTX and try again OSCP after these. During my time in the OSCP labs, I know that I encountered an MSSQL->Admin vulnerability and my friend told me that he also used BeEF during his lab time, so this could be potentially useful. (Although it's a bit expensive if you just want to do that)
    so you mean PTX can use for OSCP preparation ?
    Reply With Quote Quote  

  19. Junior Member
    Join Date
    Feb 2016
    Posts
    22

    Certifications
    CEH, MCP, Qualys Certified Specialist
    #68
    I think you can easily pick up a few tips and tricks for the Windows exploit/post-exploit part of the lab, but it's not worth it/overkill if you only want to use it for that. Only buy it if you want to learn more about this specific aspect of red teaming, otherwise you can pick up the basic necessary skills during the OSCP lab time.

    By the way, I just finished the slides from module 6 and those who say that it sucks are totally right. No hands-on tips or tricks of any kind, just slides about what tool can be used for a specific task and reference links.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    May 2017
    Posts
    116
    #69
    Quote Originally Posted by ottucsak View Post
    I think you can easily pick up a few tips and tricks for the Windows exploit/post-exploit part of the lab, but it's not worth it/overkill if you only want to use it for that. Only buy it if you want to learn more about this specific aspect of red teaming, otherwise you can pick up the basic necessary skills during the OSCP lab time.

    By the way, I just finished the slides from module 6 and those who say that it sucks are totally right. No hands-on tips or tricks of any kind, just slides about what tool can be used for a specific task and reference links.
    so you finish PTX in less than 3 days ? can i know how long in hours estimate ?
    Reply With Quote Quote  

  21. Junior Member
    Join Date
    Oct 2016
    Location
    Europe
    Posts
    23
    #70
    Quote Originally Posted by vynx View Post
    so you finish PTX in less than 3 days ? can i know how long in hours estimate ?
    I think that he meant only 6th. module. Maybe it's not the greatest course ever but no one can graps it in such a short time.

    Could anyone describe briefly, the way how the modules are written? How much course is ;cd hacking; git clone; and how much is actually some advanced knowledge regarding developing something or actually describing really ;uber national-agency level hacking;?

    And I would love to know if anyone has passed OSCE and now looking into PTX, that could be an ultimate comparison as OSCE seems like a god-like level for me at the moment.
    Reply With Quote Quote  

  22. Junior Member
    Join Date
    Feb 2016
    Posts
    22

    Certifications
    CEH, MCP, Qualys Certified Specialist
    #71
    Check out the syllabus. As far as I heard from friends who did it, it's more about exploit development. It's something you do for fun or creds, but not something that you can use in your day-to-day job, so I guess it's comparing apples to oranges.
    Also eLearnSecurity courses will never be as recognized as OffSec, so if you are only going for the wow factor, it's pointless to go with eLearn.
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    May 2017
    Posts
    116
    #72
    we can understand it not fair compare apple with orange, but between oscp, osce and PTX, is PTX would help to prepare OSCP, or its between OSCP and OSCE, or its complement each other (OSCP,OSCE, PTX )?
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Dec 2010
    Posts
    362

    Certifications
    VCA5-DCV, CEH, ECSA, CHFI, ITILv3, CND
    #73
    I would say this is a very difficult course for non programmers. I need to learn VB.net, VBA first in order to better understand the first module. Work in progress.
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    May 2017
    Posts
    116
    #74
    Quote Originally Posted by chopsticks View Post
    I would say this is a very difficult course for non programmers. I need to learn VB.net, VBA first in order to better understand the first module. Work in progress.
    can you explain why need to learn VB.net / VBA?
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Jun 2011
    Location
    Maryland
    Posts
    186

    Certifications
    GWAPT, CISSP, eJPT, CEH, Sec+, ITIL-F, BS:IS
    #75
    Quote Originally Posted by monkykap View Post
    I would say PTP: hit, PWD: hit, PTS: miss, WPTX: miss, MASPT: miss, and now PTXP: miss
    Why do you feel that the PTS was a miss? I felt it was a good amount of web app and network pen testing. For only $300 I thought it was a huge hit for people that don't know much about pen testing and want some hands on. Fantastic intro course IMHO. In fact I landed my current pen testing job thanks to what I learned in eJPT. CISSP got me the money I wanted but the eJPT got me the job or in other words pass technical interview.

    I do agree from reading around the other classes appear to be miss including PTX. I plan to do PTP next if they end up having a thanksgiving sale otherwise will just jump to OSCP.
    Reply With Quote Quote  

+ Reply to Thread
Page 3 of 4 First 123 4 Last

Social Networking & Bookmarks