Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: gwapt

GWAPT / SEC542

5 Comments Posted by ChrisJohnRiley on November 9, 2009

After almost a year I’ve finally managed to take the GWAPT (Web Application Penetration Tester) exam, just in time to head to SANS London and the Security Essentials class. I have mixed feelings on the exam. Even though I passed with a good mark (96.67%), the 5 that I got wrong were (in my opinion) a little questionable. Still, I’m sure I’ll hit the holy grail (100%) sooner or later 😉 It will just take time, and patience.

For a little history on this, I first attended the 4-day version of the SEC-542 back in December last year. The course was good, and I wrote about the contents on the blog (day-1, day-2 ,day-3. day-4). The 6-day version of the class has incorporated a number of welcome additions and helps the course really grow. I always felt that the 4-day version lacked a certain something, and the new version really fills the gaps with new sections on Flash, WebServices (WSDL, UDDI, SOAP…) and nice coverage of Python, JavaScript and PHP for Penetration Testers. The last day is also now a Capture the Flag event which will really help to solidify the knowledge and let people get a hands-on approach to testing.

I can’t finish this post without saying a little something about the OnDemand program. The new OnDemand system is certainly a step in the right direction. As SEC-542 is one of the first on the BETA OnDemand it lacks the additional links that will come with maturity. I think that the OnDemand option of training has become more of an option than previously. The support you get is also great, especially as Kevin is very approachable. If all else fails you can shoot me an email and I’ll see if I can help. Hopefully this will be the class I’ll be Mentoring in Vienna next year (given the chance).

Overall I’d give the class 95/100 –> There’s room for some additional coverage of things like JBoss, Coldfusion and Tomcat. Still you can’t fit everything into 6 days 😉 I can’t wait for SEC-642, for some advanced WebApp fu.

GWAPT Certified Professionals –> LISTING

GWAPT Exam Coverage –> Coverage

Security, Study GIAC, gwapt, SANS, training

RSS feed

Don't forget to tune in to episode 2 of Might & Mercy #13thage #TTRPG youtu.be/2QUVlHQQ1x0 Would love to hear your feedback. 1 week ago
That thing we did, yeah episode 1 is out now. Watch "Might & Mercy - S1E1 - When Trouble finds you…" on YouTube… twitter.com/i/web/status/1… 2 weeks ago
RT @FIRSTdotOrg: It's #FIRSTFriday and there's a new #FIRSTImpressions episode to stream! This interview features #DNSAbuse #SIG co-chair,… 2 weeks ago
Some music to see you through the dark times… c22 Sessions 2023 Vol.1 mixcloud.com/C22DnB/c22-ses… #DnB #djmixes 3 weeks ago
#Soon Get ready to watch "Might & Mercy - D&D Campaign - Trailer" on YouTube youtu.be/TqNyc055fyU 2 months ago
RT @ConSelfOwns: https://t.co/jV4qUr4NdX 3 months ago

The contents of this personal blog are solely my own opinions and comments, as such they do not reflect the opinions of my employer(s) past, present or future. No legal liability is accepted for anything you do, think, or consider fact as the basis of articles and links posted on this blog.

"Three to one...two...one...probability factor of one to one...we have normality, I repeat we have normality. Anything you still can’t cope with is therefore your own problem."

Note: A large portion of content I post on my blog comes from "live blogging" of security conferences. These posts are in notes form and are written live during a talk. As such errors and emissions are expected. I'm only human after all!

Cатсн²² (in)sесuяitу / ChrisJohnRiley

Tag Archives: gwapt

GWAPT / SEC542

Recent Posts

Archives

@ChrisJohnRiley

Links

Disclaimer