mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-22 04:33:28 +00:00
GitBook: [master] one page modified
This commit is contained in:
parent
85e8cf8586
commit
a3b0b5a281
1 changed files with 2 additions and 2 deletions
|
@ -44,8 +44,8 @@ I think this course **isn't for web hacking beginners** \(there are other INE co
|
|||
|
||||
> The eLearnSecurity Web Application Penetration Tester eXtreme \(eWAPTX\) is our most advanced web application pentesting certification. The eWPTX exam requires students to perform an expert-level penetration test that is then assessed by INE’s cyber security instructors. Students are expected to provide a complete report of their findings as they would in the corporate sector in order to pass.
|
||||
|
||||
The exam was composed of a **few web applications full of vulnerabilities**. In order to pass the exam you will need at least to **read a "flag"** inside of one of the machines hosting a web, and **gain RCE** in at least 2 different ways in another machines. However, note that that's not enough to pass the exam, you need to **send a professional pentest report detailing** all the vulnerabilities discovered, how to exploit them and how to remediate them.
|
||||
**I reported more than 10 unique vulnerabilities** \(most of them high/critical and presented in different places of the webs\), including the read of the flag and 3 ways to gain RCE and I passed.
|
||||
The exam was composed of a **few web applications full of vulnerabilities**. In order to pass the exam you will need to compromise a few machines abusing web vulnerabilities. However, note that that's not enough to pass the exam, you need to **send a professional pentest report detailing** all the vulnerabilities discovered, how to exploit them and how to remediate them.
|
||||
**I reported more than 10 unique vulnerabilities** \(most of them high/critical and presented in different places of the webs\), including the read of the flag and several ways to gain RCE and I passed.
|
||||
|
||||
**All the vulnerabilities I reported could be found explained in the** [**Web Application Penetration Testing eXtreme course**](https://my.ine.com/CyberSecurity/courses/630a470a/web-application-penetration-testing-extreme)**.** However, order to pass this exam I think that you **don't only need to know about web vulnerabilities**, but you need to be **experienced exploiting them**. So, if you are doing the course, at least practice with the labs and potentially play with other platform where you can improve your skills exploiting web vulnerabilities.
|
||||
|
||||
|
|
Loading…
Reference in a new issue