[Review] eLearnSecurity – Professional Penetration Testing course

Filed under Reviews

I finally completed the eLearnSecurity Professional course. Before I go into the review let me outline for you how the course looks, and the context from which I will review it:

The course consists of three sections: Web Application, Network, and System. Each section is taught by a different instructor/instructors who have background in the area. Although they follow a similar presentation, I was surprised at how different the learning experience would be in each section. Based on what I took from the class, as well as what I have read from their marketing and discussed with their owner, here are the things that the eLearnSecurity Professional course tries to provide for their students:

  1. Real world penetration testing skills (Fantastic)
  2. Penetration testing process (So so)
  3. Up-to-date information (Great)
  4. CEH level of depth (Superb)

I would say that the course measured up to about 90% of that, which is pretty dang good when you consider a lot of the hacking courses out there. Now, my experience with most of my certifications involved a curriculum book and a review book. From there I would take the test and hoped I part. So when I review this course I am assuming that the user is in a similar situation and is looking at eLearnSecurity as an alternative.

Web Application

In my opinion this was the best section. I really started my pen testing at the web app level.

  • Pros: I felt like the instructor did a great job at presenting the information in a clear to understand manner. The information took me deeper into the technology than traditional CEH level training, which tends to keep you at a “script kiddie” level of complexity. Although the instructor took time to explain some underlying technology, he also did not overwhelm you with it. While most trainings take you as far as XSS and SQLI, eLearnSecurity then presses you into CSRF, HTTP Header Injection, RFI, and more. I was even more impressed when he explained about exploit chaining. As with their Student course, they did a fantastic job at not overwhelming you with tools, but helped you focus on one or two key tools that are prominent in the field today; not some antiquated script from the 90’s. The interactive slides made it easy to follow along and easy to understand the anatomy of the payloads. In addition to that, the instructor teaches the student how to completely case a web application and record findings that could be organized enough for a team of testers and eventually help create a test report.
  • Cons: I dont have any real qualms with the content. However, I do wish that a more exercise based approach could have been done. I need to be fair and state that there were quite a few exercises involving Burp Suite and Wireshark, however the other tools were neglected. I can understand the difficulty of setting up a virtual lab environment and distributing it on an iso. By no means did I feel like my learning experience was wasted without such a lab, but at the same time I can imagine a less-informed student struggling a bit more without a hands on walkthrough available. Thats my only gripe about the web app section. Other than that is was fantastic!

[EDIT] The eLearnSecurity guys provide a free two week access pass to their Web Application Coliseum which provides a mission oriented lab to try out your web application hacking skills [/EDIT]


  • Pros: Network penetration testing is a hard thing to teach. It usually requires a fairly extensive lab environment with simulated networking equipment and systems in order to do justice to the possibilities out there. The instructor of this section did a very nice job presenting some of the basic principles of network hacking. He mostly covered the enumeration and exploitation of windows and NetBIOS related technologies. He also explained about host discovery, port scanning and SNMP. I felt like the information that was presented was done so clearly and concise enough to help less network savvy individuals keep on target. The nature of network attacks also made it easy for the instructor to outline the basic hacking process from information gathering to establishing persistence.
  • Cons: I guess I was pretty spoiled after the other two sections, but I was expecting this section to give me an extra zing like the System and Web App sections did. Dont get me wrong, he covered pretty much everything that is talked about in the CEH. I guess I was just spoiled by the rest of the course ūüėČ (thats a good thing, right?). I really wanted to see some more depth here. I understand the difficulty of going too deep too quickly when it comes to networks, but perhaps some more content could be added in a few other ways? For instance, going over the ICMP protocol in details is actually a very helpful thing to know.


  • Pros: You can¬†definitely¬†tell that the instructors of this section know what they are talking about. Although my background in system hacking (Buffer Overflows, ASM, etc) should be considered only fair, I feel like I can give a fairly good assessment of this section as being quite helpful. I have watched and read many “intro” guides to these complex topics, but I felt that the eLearnSecurity instructions were some of the easiest to understand. To top it off, this section has amazing hands on examples and exercises that I had been really wanting in this course. I became even more blown away when the instructors took us into Shellcode creation, malware techniques, and rootkit development. I was getting a little worried that some of the basics of systems hacking were being ignored (like ADS), but sure enough they came up. This section was quite superb and is sure to be a section I would refer to often.
  • Cons: Due to the nature of the topic im not sure it would be fair to call it a con, however I guess it should be said. There were some points during the more advanced sections where I felt very lost. But like I said, how can I expect them to teach a student all of the subtleties of the Windows kernel and APIs? So with that being said, I wouldn’t say its a con, just more of a steep learning curve that would require outside reading to fully understand. Maybe they could provide some good resources?


Overall this course was very good. How does it compare to the CEH? Well, it covers pretty much everything the CEH intends to cover. Some little things were left out (like the before mentioned ICMP stuff, etc), but I felt this course does a much better job at teaching you the skills used in penetration testing. One let down was that the pen testing methodology was only covered weakly. One thing the CEH did do well was ensure your understanding of the stages of hacking. After that the ECSA then helped with more organizational aspects of conducting a penetration test. However, if you were to take both the Student and the Professional course, you would get a very thorough understanding of the pen test process, as well as techniques that would get you on your way to becoming a skilled tester. I would still would like to see a lab VM shipped with the course that came loaded with tools and services to test the Web App and Network type stuff on.

In conclusion, I very much enjoyed these courses. They were quite informative. They did have some grammatical issues and some of the slides were a bit mundane, but try reading the “ISC2¬†Official¬†Guide to the CISSP CBK” and then you can talk to me about mundane reading. Although the courses were not perfect and the price could be hard for some, I would have to agree that eLearnSecurity better provides the skill set that you would hope to get from many other ethical hacking courses out there, specifically the CEH. Remember, these courses are not meant to be In-Class trainings so dont expect them to be. Also, a certification is included in the course (and the cost, which usually is like 250$ for any other cert), and although I have not taken it, I anticipate that its reality based test wont let you down. So bravo to the guys at eLearnSecurity. Keep up the good work, I am eager to see how even better the course turns out to be in a few years.

Post a Comment

You must be logged in to post a comment.

Read previous post:
ModSecurity Demo Projects: VirusTotal of WAF

For those looking for a place to test their Web App payloads, check out the ModSecurity demo pages. They offer...