Some awesome reviews and blogs that you should check out. www.offensive-security.com/offsec/attacking-the-web-offsec-way/ cyber-dragon.nl/2020/08/03/coding-tip-2/
Hello sir, Very informative video. I obtained an application security role for next year. I'm still a student, have a lot to learn. OSWE is definitely a goal I have in mind for the future. After I have more experience and obtained OSCP, eWAPT, etc. But I was going to ask you if you have any resources in mind to get more experience with the code reviewing and finding those vulnerabilities. I'm using Portswigger Academy, TryHackMe, DVWA etc etc. I'm just wondering if you had other resources especially for Java. Thanks.
That's a great goal to have. To begin with refer to source code review guide from OWASP. After that try to review source code of OWASP Juice Shop application which has number of vulnerabilities. That way you can practice your source code auditing skills prior to signing up for the OSWE course. Feel free to reach out if you have any further questions :)
Hey, good video. But I still have some questions. I hope this is OK 1. How many hosts were there in the lab? If you run out of lab time, would it be worth it to purchase more time? BTW not all exams are proctored, only OSCP, OSWE, and OSEE [of course it's live] 2. When you did Juice shop after your lab time, did you do white or black box approach? congrats on getting OSWE
Cheers mate. Sure you can ask questions :) Here is the response. 1. I am not sure if I am allowed to say how many boxes in the lab but check the course syllabus and you will get the idea. 2. Yes. I used White box approach for Juice Shop. I completed 80% of the app by doing source code. Was quite fun ;)
Thank you. I'd say go for eLearnSecurity as their web app courses are quite good. OSCP is good for infrastructure pentesting but they have also added more web app stuff in their latest OSCP version. But keep in mind Offsec cert is more popular in the market compared to rest.
Thank you for your detailed review . I just finished OSCP,I am planning to do some study prep on understanding the basics of the languages required then I will sign up for the course . Appreciate your time putting this together !
Thanks by the very good video! Just a question, comparing eWPTXv2 from eLS, do you think both is in the same level, or OSWE is more difficult? I saw the content is very similar on course syllabus, so I have this question in mind. > And the cost of be OSWE certificate is really higher hehehe
Thank you for the feedback. eWPTX and OSWE are completely different courses. eWPTX is fully focused on Blackbox web pentesting approach whereas OSWE is focused on source code auditing. You won't be spending any time doing source code audits in eWPTX but in OSWE that's what you will be doing. You will be reviewing source code and finding vulnerabilities and then will be writing your scripts to exploit these vulnerabilities in OSWE. I hope this helps and clarifies the differences between these two courses.
Some awesome reviews and blogs that you should check out.
www.offensive-security.com/offsec/attacking-the-web-offsec-way/
cyber-dragon.nl/2020/08/03/coding-tip-2/
Thanks for this. Not much information about this cert out there, so much appreciated!
You're welcome. Glad you found the video useful.
Adding all of these to my "Watch Later" - Can't wait to go through them!
Are there opportunities after the oswe. how easy is it to get a job
Hello sir,
Very informative video. I obtained an application security role for next year. I'm still a student, have a lot to learn. OSWE is definitely a goal I have in mind for the future. After I have more experience and obtained OSCP, eWAPT, etc.
But I was going to ask you if you have any resources in mind to get more experience with the code reviewing and finding those vulnerabilities.
I'm using Portswigger Academy, TryHackMe, DVWA etc etc.
I'm just wondering if you had other resources especially for Java.
Thanks.
That's a great goal to have. To begin with refer to source code review guide from OWASP. After that try to review source code of OWASP Juice Shop application which has number of vulnerabilities. That way you can practice your source code auditing skills prior to signing up for the OSWE course. Feel free to reach out if you have any further questions :)
Hey, good video. But I still have some questions. I hope this is OK
1. How many hosts were there in the lab? If you run out of lab time, would it be worth it to purchase more time? BTW not all exams are proctored, only OSCP, OSWE, and OSEE [of course it's live]
2. When you did Juice shop after your lab time, did you do white or black box approach?
congrats on getting OSWE
Cheers mate. Sure you can ask questions :)
Here is the response.
1. I am not sure if I am allowed to say how many boxes in the lab but check the course syllabus and you will get the idea.
2. Yes. I used White box approach for Juice Shop. I completed 80% of the app by doing source code. Was quite fun ;)
Can i postponed my exam for first attempt
Yes you can :)
Great video man. What's your best advice for someone getting into WAPT? Do you recommend elearning security ewapt vs OSCP ?
Thank you. I'd say go for eLearnSecurity as their web app courses are quite good. OSCP is good for infrastructure pentesting but they have also added more web app stuff in their latest OSCP version. But keep in mind Offsec cert is more popular in the market compared to rest.
@@WiseFoxSecurity thanks for that insight.
Nice voice thx for the video
Thank you :)
Thank you for your detailed review . I just finished OSCP,I am planning to do some study prep on understanding the basics of the languages required then I will sign up for the course . Appreciate your time putting this together !
Thanks by the very good video! Just a question, comparing eWPTXv2 from eLS, do you think both is in the same level, or OSWE is more difficult? I saw the content is very similar on course syllabus, so I have this question in mind.
> And the cost of be OSWE certificate is really higher hehehe
Thank you for the feedback. eWPTX and OSWE are completely different courses. eWPTX is fully focused on Blackbox web pentesting approach whereas OSWE is focused on source code auditing. You won't be spending any time doing source code audits in eWPTX but in OSWE that's what you will be doing. You will be reviewing source code and finding vulnerabilities and then will be writing your scripts to exploit these vulnerabilities in OSWE. I hope this helps and clarifies the differences between these two courses.
@@WiseFoxSecurity this response was very well written. Thank you sir!
23:55 I don't understand what do you mean by "try harder" in the context of the question?
Just found your channel and it’s great! Sad that you don’t post anymore, please post more! 😊
Glad you like it. I'm making another video on another course that I just completed. So stay tuned please.
Also, please subscribe if you haven't already. Cheers
Liked, Subscribed and notifications turned on!
Best reviews as always! ❤️
Please continue your Android Pentesting Course!
Thank you very much for the kind words. Yes I have new things planned.
@@WiseFoxSecurity
Is extra mile give points in exam?
That was great, thank you Sir!
You're welcome and I'm glad you found this video useful. Please stay tuned for more videos and subscribe if you haven't already 😊
Do we need to hold OSCP to take OSWE? any idea?
saw that you answered it at 13min : ua-cam.com/video/wDev3q8lADE/v-deo.html