diff --git a/courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md b/courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md index e6487bc1a..2c4c9a30f 100644 --- a/courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md +++ b/courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md @@ -44,8 +44,8 @@ I think this course **isn't for web hacking beginners** \(there are other INE co > The eLearnSecurity Web Application Penetration Tester eXtreme \(eWAPTX\) is our most advanced web application pentesting certification. The eWPTX exam requires students to perform an expert-level penetration test that is then assessed by INE’s cyber security instructors. Students are expected to provide a complete report of their findings as they would in the corporate sector in order to pass. -The exam was composed of a **few web applications full of vulnerabilities**. In order to pass the exam you will need at least to **read a "flag"** inside of one of the machines hosting a web, and **gain RCE** in at least 2 different ways in another machines. However, note that that's not enough to pass the exam, you need to **send a professional pentest report detailing** all the vulnerabilities discovered, how to exploit them and how to remediate them. -**I reported more than 10 unique vulnerabilities** \(most of them high/critical and presented in different places of the webs\), including the read of the flag and 3 ways to gain RCE and I passed. +The exam was composed of a **few web applications full of vulnerabilities**. In order to pass the exam you will need to compromise a few machines abusing web vulnerabilities. However, note that that's not enough to pass the exam, you need to **send a professional pentest report detailing** all the vulnerabilities discovered, how to exploit them and how to remediate them. +**I reported more than 10 unique vulnerabilities** \(most of them high/critical and presented in different places of the webs\), including the read of the flag and several ways to gain RCE and I passed. **All the vulnerabilities I reported could be found explained in the** [**Web Application Penetration Testing eXtreme course**](https://my.ine.com/CyberSecurity/courses/630a470a/web-application-penetration-testing-extreme)**.** However, order to pass this exam I think that you **don't only need to know about web vulnerabilities**, but you need to be **experienced exploiting them**. So, if you are doing the course, at least practice with the labs and potentially play with other platform where you can improve your skills exploiting web vulnerabilities.