germinalx 0 Report post Posted August 19, 2019 Hi all.., I am interested in buying one of them, wapt or waptx ... I've seen both programs, WAPT seems to be more complete in different areas of the web application, but WAPTX seems to be deeper in sql, xss and just csrf and evasion techniques. What I want? learn more complex and real web pentesting .. I mean real life and real scenarios, is Waptx outdated since 2015? but it is really interesting waptx evasion techniques ... I don't know where to go. I work as a pentester, so I know how owasp typically works, I appreciate your experiences and comments Share this post Link to post
dimitrios 537 Report post Posted August 19, 2019 It depends on your web app pentesting experience. WAPT will make you a better all rounder, WAPTX is more specialized and oriented towards evasion. Share this post Link to post
daudt.parker 64 Report post Posted August 20, 2019 Hi @germinalx having enrolled and completed both the WAPT and WAPTX course, I can say they are both incredibly beneficial to take. WAPT provides a lot of useful information regarding tools, techniques, and testing scenarios that are still relevant and useful in today's landscape. WAPT covers things from Burp Suite, SQLi and XSS exploitation (both manual and automated) as well as many other topics that contribute to a successful penetration test and report. WAPTX goes more in-depth on advanced XSS and SQLi by focusing on advanced payloads and filter evasion, Cross-Site Request Forgery, XML Injection Attacks (XXE and XEE) as well as other more-advanced techniques. If you feel comfortable with the topics outlined in the WAPT syllabus and have prior penetration testing experience, I'd say enrolling directly in WAPTX is fine. However, if you have any hesitations, I'd recommend enrolling in WAPT or refreshing your knowledge with other resources before jumping straight into WAPTX. Personally, I found the WAPTX material more challenging than those in WAPT. While it's obviously possible to pass, it may just require more time and effort to repeatedly review the material, practice the labs multiple times, and prepare for the exam. Both courses are incredibly valuable regardless of prior experience, and the lab environments provided by eLS are incredibly useful, even if you come back and use them to practice other topics later. 2 Share this post Link to post
germinalx 0 Report post Posted August 20, 2019 5 hours ago, daudt.parker said: Hi @germinalx having enrolled and completed both the WAPT and WAPTX course, I can say they are both incredibly beneficial to take. WAPT provides a lot of useful information regarding tools, techniques, and testing scenarios that are still relevant and useful in today's landscape. WAPT covers things from Burp Suite, SQLi and XSS exploitation (both manual and automated) as well as many other topics that contribute to a successful penetration test and report. WAPTX goes more in-depth on advanced XSS and SQLi by focusing on advanced payloads and filter evasion, Cross-Site Request Forgery, XML Injection Attacks (XXE and XEE) as well as other more-advanced techniques. If you feel comfortable with the topics outlined in the WAPT syllabus and have prior penetration testing experience, I'd say enrolling directly in WAPTX is fine. However, if you have any hesitations, I'd recommend enrolling in WAPT or refreshing your knowledge with other resources before jumping straight into WAPTX. Personally, I found the WAPTX material more challenging than those in WAPT. While it's obviously possible to pass, it may just require more time and effort to repeatedly review the material, practice the labs multiple times, and prepare for the exam. Both courses are incredibly valuable regardless of prior experience, and the lab environments provided by eLS are incredibly useful, even if you come back and use them to practice other topics later. Great! Thanks @daudt.parker Share this post Link to post