0x22bb
/
hacktricks
mirror of https://github.com/carlospolop/hacktricks.git
1
2
Fork 0
Code Releases Activity

GitBook: [master] one page modified

This commit is contained in:
CPol 2021-07-06 11:42:13 +00:00 committed by gitbook-bot
parent 85e8cf8586
commit a3b0b5a281
No known key found for this signature in database
GPG Key ID: 07D2180C7B12D0FF
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md
View File

@ -44,8 +44,8 @@ I think this course **isn't for web hacking beginners** \(there are other INE co
> The eLearnSecurity Web Application Penetration Tester eXtreme \(eWAPTX\) is our most advanced web application pentesting certification. The eWPTX exam requires students to perform an expert-level penetration test that is then assessed by INEs cyber security instructors. Students are expected to provide a complete report of their findings as they would in the corporate sector in order to pass.
The exam was composed of a **few web applications full of vulnerabilities**. In order to pass the exam you will need at least to **read a "flag"** inside of one of the machines hosting a web, and **gain RCE** in at least 2 different ways in another machines. However, note that that's not enough to pass the exam, you need to **send a professional pentest report detailing** all the vulnerabilities discovered, how to exploit them and how to remediate them.
**I reported more than 10 unique vulnerabilities** \(most of them high/critical and presented in different places of the webs\), including the read of the flag and 3 ways to gain RCE and I passed.
The exam was composed of a **few web applications full of vulnerabilities**. In order to pass the exam you will need to compromise a few machines abusing web vulnerabilities. However, note that that's not enough to pass the exam, you need to **send a professional pentest report detailing** all the vulnerabilities discovered, how to exploit them and how to remediate them.
**I reported more than 10 unique vulnerabilities** \(most of them high/critical and presented in different places of the webs\), including the read of the flag and several ways to gain RCE and I passed.
**All the vulnerabilities I reported could be found explained in the** [**Web Application Penetration Testing eXtreme course**](https://my.ine.com/CyberSecurity/courses/630a470a/web-application-penetration-testing-extreme)**.** However, order to pass this exam I think that you **don't only need to know about web vulnerabilities**, but you need to be **experienced exploiting them**. So, if you are doing the course, at least practice with the labs and potentially play with other platform where you can improve your skills exploiting web vulnerabilities.