PaulDotCom mailing list archives
Appsec Training
From: 0xdarkfloyd at gmail.com (Dark Floyd (0xdf))
Date: Tue, 13 Apr 2010 11:15:37 +0800
Hi Chris, I believe your fellow could find the SEC542 course is useful. Even I have already done pentest for several years, the first 3 days of the materials focuses on beginner and tools manipulation. On day 4 and day 5, it is related to Python programming, exploit framework, etc, particularly training one to have more manual penetration test kungfu. The provided Ubuntu-based VM could allow your mate to practise the tools, carrying out the lab exercises. You could consider it is a good option indeed. Regards, Anthony Lai, Hong Kong On Mon, Apr 12, 2010 at 10:15 PM, Chris Merkel <cmerkel at gmail.com> wrote:
Looking for feedback on the relative value of the SANS Web App Sec 542. I have a fairly sharp analyst who is more familiar with the network / infrastructure side of things and does not have a development background (aside from CS in college ~6-7 years ago). I'd like some feedback from people who have taken the course, who also don't have strong development chops, and if you were able to apply that knowledge to successfully perform appsec assessments by way of black/grey/whitebox testing and/or code review. Thanks! -- - Chris Merkel _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Regards, Anthony LAI Founder & Security Researcher Valkyrie-X Security Research Group "Offensive . Creative . Fun" -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100413/183e6322/attachment.htm
Current thread:
- Appsec Training Chris Merkel (Apr 12)
- Appsec Training Owen Connolly (Apr 12)
- Appsec Training Dark Floyd (0xdf) (Apr 12)