+ Reply to Thread
Results 1 to 22 of 22
  1. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #1

    Default eCTHP - eLearnSecurity Threat Hunting Professional

    Decided to start a thread regarding this certification. I was in the deep with some shellcoding for the eCPPT and decided since the THP course is shorter, to go ahead and start it. I am planning to finish it by the end of January and let you guys know how it is.

    Background:
    I do a lot of work with SIEM and vulnerability management in my current role. Also my team is focusing now on some hunting as part of our day to day. I went into the PenTesting route since it was something I never knew much about and I wanted to challenge myself. I went through the eJPT (eLearn Junior Pentest), did the GPEN, and have been working through the material with the eCPPT. It has been slower than I hoped since I am learning about a lot of new things I never knew about. I am interested in the red team stuff more our of curiosity than being a full fledged pentester. Would I take a job as a pentester, probably but not the priority. I am more interested in defense and since it has been more expensive to do some of the defensive courses with SANS (SEC555 and SEC511) this course came at the right time and right price.

    Day one:
    Downloaded all PDFs and will be starting the first module this week.

    More to follow...
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    May 2017
    Posts
    144
    #2
    hows the content so far?
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Feb 2015
    Location
    Moscow
    Posts
    6

    Certifications
    OSCP, MCTS, Sec+, Net+
    #3
    I'm thinking of buying this course before 31th December while discount is valid. Any feedback from you about this course would be great!
    Reply With Quote Quote  

  5. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #4
    The content is pretty good so far. Made it through the first two modules in the first section last night. Three sections total in that section. The information is broken up pretty well and it definitely builds on a base of a beginner. They also provide you a lot of the resources in where you should go to study deeper. I like that.

    It’s not a lot of content. I think the value comes the one stop place. With the discount and free upgrade I believe it extremely worth it. If you want to get into blue team topics and don’t have a lot of money to invest, getting this at full price it’s a better deal than waiting to get selected for a work study at SANS for one of their blue team courses.

    Haven’t done any lab yet.

    More to follow
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    May 2017
    Posts
    144
    #5
    Quote Originally Posted by supasecuritybro View Post
    The content is pretty good so far. Made it through the first two modules in the first section last night. Three sections total in that section. The information is broken up pretty well and it definitely builds on a base of a beginner. They also provide you a lot of the resources in where you should go to study deeper. I like that.

    It’s not a lot of content. I think the value comes the one stop place. With the discount and free upgrade I believe it extremely worth it. If you want to get into blue team topics and don’t have a lot of money to invest, getting this at full price it’s a better deal than waiting to get selected for a work study at SANS for one of their blue team courses.

    Haven’t done any lab yet.

    More to follow
    hows the video ? maybe you can give review 1 - 2 lab first ? since i think many people waiting for your review
    Reply With Quote Quote  

  7. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,694

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , LFCS, C|EH , PA ACE
    #6
    Hmmm I am on the fence on this one. Looks like you are a week and some into this course. How are you liking it so far? Have you applied anything to your daily job?
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), eCPPT (obtained), OSCP PWK (in progress), SpecterOps: Adversary Tactics Red Team OPS (Blackhat 2k18 ), OSCE CTP (Oct Start)
    Reply With Quote Quote  

  8. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #7
    A week into it and I am almost done with the first topic (done with 3 of 4 sections). I haven't been hitting it too hard since its been the holidays. The material is good. I have a ton of resources (websites / reports) to grow my knowledge in the current threat landscapes. I also learn how to use some of the threat intel out there to build my own.

    As far as usefulness for my job; I got some value so far with some of my goals for next year. We are building a threat hunting part to our list of things we do for next year. I am already seeing ways of implementing this into that program.

    Opinion: If you wanna do blue team and are getting a discount on it, buy it. If you company is paying for it, buy it. If you are going to pay full price, let it be bc you want to get into a security analyst job and you want some good skillsets for that.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Mar 2016
    Posts
    24

    Certifications
    GCIA, eJPT, eMAPT, ePWD Degrees: B.S. Computer Engineering UCSD
    #8

    Default Thanks for the review

    Thanks for providing your feedback, i've been on the fence for getting this course, but i think because of your review i will get it after all. with the 40% discount, and a credit card sign up bonus i think it's affordable enough. I think it too closely coincides with the things I am working on implementing in my work. I am still worried about the length of the material, how many hours of coursework would you say there is?
    Reply With Quote Quote  

  10. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,694

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , LFCS, C|EH , PA ACE
    #9
    I am going to wait on this course. Looks good, but I have to pass PTP4, ARES, and WAPT before I start getting off track onto more courses. Looks like there will be updates to some courses next year and hopefully WAPT is one of them. Since I currently hold a WAPT course I believe I can get the upgrade for $250 hopefully. There are also "new" courses coming out in 2018 as well. see below


    Towards the very bottom of this year in review page.

    You ain’t seen nothing yet!

    If you thought 2017 was good, watch out for the next one. We’re just getting started, and even more exciting things await us these coming months. Here are a few you should look out for:
    • a Hack.me overhaul;
    • updates to your favorite courses;
    • even more brand new training courses;
    • the return of the Ethical Hacker Network!
    Before the ball drops and the fireworks start, the team would like to thank each and everyone of you for being a part of our eLS community, and for helping us reach new heights, year in and year out.
    Have a Happy New Year, everybody!
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), eCPPT (obtained), OSCP PWK (in progress), SpecterOps: Adversary Tactics Red Team OPS (Blackhat 2k18 ), OSCE CTP (Oct Start)
    Reply With Quote Quote  

  11. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #10
    Quote Originally Posted by monkykap View Post
    Thanks for providing your feedback, i've been on the fence for getting this course, but i think because of your review i will get it after all. with the 40% discount, and a credit card sign up bonus i think it's affordable enough. I think it too closely coincides with the things I am working on implementing in my work. I am still worried about the length of the material, how many hours of coursework would you say there is?

    roughly 3 1/2 hours and I am still inthe first module. I am also taking some time to read over resources they provide. I am looking forward to the packet analysis.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  12. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #11
    Just finished the first portion. I can say it helped to start off with some of the new goals my team has for this year. I found some value in this first section since we are starting a hunting program at my job. I now feel a little better suited than just talking about the NIST 800-61 and I can now lean on a lot of other resources to build content.

    The lab was a little lacking. I felt it could have been a bit more involved but the directions didn't really should you much, you had to go into the solution to know what they wanted from you. They didn't really talk about YARA as much as I would have liked personally. They just covered it in passing and how to use it locally. Not sure if this will circle back when it gets to more of the endpoint portion.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Feb 2015
    Location
    Tampa, FL
    Posts
    304

    Certifications
    GPEN/GCIH/OSWP,CEH
    #12
    So lets get into the nuts and bolts. I was watching the launch webinar snippet and was left lacking. Does your organization have the capability to hunt as they mention in the course? Looking at memory of processes? Seems like something the forensics team might be able to do on a specific asset after something caused them to look at it, not something that could be hunted for across the environment. How much are they discussing hunting from a SIEM? Do they give methodologies and advice on how to find things to hunt, and what is needed in your SIEM before you can hunt them?
    Reply With Quote Quote  

  14. Junior Member Registered Member
    Join Date
    Oct 2012
    Posts
    6

    Certifications
    A+, Net+, Sec+, ITIL v3, C|EH, SSCP, CISSP
    #13
    I don't want to hijack supasecuritybro's thread but I think it would be easier to contain all reviews to one thread.

    I also purchased this course as it was fairly cheap compared to other courses(SANS) and offered some of the material I was looking to study. In addition, I've purchased the PTS and PTP courses from them in the past and was extremely satisfied. Up to this point I completed the first section, Threat Hunting, and the last section, Endpoint Analysis, and enjoyed the material for the most part. I was happy to see that Redline and Volatility were covered but I felt that they could have went into greater detail in the malware analysis section.

    Regarding SIEM, there is a section within Endpoint Analysis that reviews search methodologies and hunting techniques for specific attacks such as mimikatz, code injection and keyloggers. While it does provide specific details for specific attacks, it also provides a general overview on how you should conduct your hunts. The videos reviewed the concepts in better detail and the labs provided great practical experience.

    On to the last section, Network Analysis.
    Reply With Quote Quote  

  15. Member
    Join Date
    Jun 2015
    Posts
    50

    Certifications
    Security+ eJPT
    #14
    So I bought this course as well but I think I'm going to do it after I completed the eCPPT. I wish you guys the best of luck.
    Reply With Quote Quote  

  16. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #15
    Went through the network analysis slides and I really enjoyed them. Packet Analysis is a skill set that is extremely helpful in any aspect of IT but more importantly with Security. This really gets into some of the things that are a little confusing. I was very pleased with the details and videos. I am going to do the first lab in the section part of the module and from the lab manual, its pretty good.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  17. Junior Member
    Join Date
    Feb 2017
    Location
    Doha, Qatar
    Posts
    10

    Certifications
    GCIH | CFR | MCP | MCS | ITILv3 | EJPT(pending) | ECDFP(pending)
    #16
    So how was it so far? I'm planning to take buy this stuff but still conducting a survey on how good it was. And also, Digital Forensic is on it's way. Any feedback on those who took this THP course? Is it worth the penny?
    Reply With Quote Quote  

  18. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #17
    It is pretty good. If you want to be blue team, its a great starting course. I have a heart for blue team work since I am in the engineering space. I have gone into the Red Team bc of interest and I can see the value in my blue heart. I would recommend this course for intermediate people in the SOC space who want to be better at finding things and looking through logs for an actual incident.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  19. Junior Member
    Join Date
    Feb 2017
    Location
    Doha, Qatar
    Posts
    10

    Certifications
    GCIH | CFR | MCP | MCS | ITILv3 | EJPT(pending) | ECDFP(pending)
    #18
    How was it so far? Have you complete all the labs and the lecture? Trying to figure out what would be my first course since the digital forensic is on sale now. Have you taken the THP certificate exam?
    Reply With Quote Quote  

  20. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #19
    Sorry for the delay in posting about the course. We recently had a baby and I have been working on my GWAPT since I was selected for the work study program early January. I am finishing the endpoint part and then go through the labs again. If you want to learn some good basics and foundation to help with analyst work, this is a great course. I haven't done the exam yet but I will continue this thread once I resume in April.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  21. Member
    Join Date
    May 2013
    Location
    Singapore
    Posts
    58

    Certifications
    Network+, SSCP, CHFI, eJPT, GCIH
    #20
    Keep it up supa!

    I've paused my progress on the threat hunting course as well as I'm starting the GCIH next week!
    Reply With Quote Quote  

  22. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    201

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #21
    Update:

    Finished the GWAPT and I have some time between now and the July COHORT for CCNA CyberOps. I have decided to attempt to complete what I have left with the eTHP which is the endpoint section. This covers, windows process/malware/SIEM/hunting, so I believe I can get through most of it. I am going to update this post as I go further along. Hopefully I can do the exam before the next course starts.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: AWS Solutions Architect - Associate
    Five Year Plan:​ eCTHP (paused again), eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ AWS Material
    Reply With Quote Quote  

  23. Junior Member
    Join Date
    Feb 2017
    Location
    Doha, Qatar
    Posts
    10

    Certifications
    GCIH | CFR | MCP | MCS | ITILv3 | EJPT(pending) | ECDFP(pending)
    #22
    Great. I am waiting for your final review as I bought eJPT, eCDFP, and eCPPT course. Planning to take eJPT next next week on weekend and will finish the next one. Still looking at your eCTHP review as this is something I do on a daily basis at work. Congrats on GWAPT, how was it? Did you do the work study program of SANS?
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks