Review Pentester Academy and AttackDefense Labs

Hello All, this is a review of Pentest Academy and AttackDefense Labs. The content is really huge:

Screenshot from: https://www.pentesteracademy.com/

So it is not possible to review all of it, this post is just meant to give a rough overview and some examples.

Pentester Academy

As said before, in the courses sections are 40+ courses available. The topics include for example (all from a security perspective, but some are also from a defenders viewpoint): Python, ADS, shellcoding (I made SLAE 2015, helped me also with my OSCE certification), Javascript, web app pentesting, some forensics topics, WiFi and network pentesting, exploitation and much more.

For a complete overview have a look here.

Currently I started the course Traffic Analysis: Tshark unleashed, so this is the short example for this post.

Screenshot from the Tshark course.

What comes really handy is that you can just start the labs in the AttackDefense labs, so you don’t need to setup own VMs only for following the courses:

Screenshot from one of the Traffic Analysis: Tshark unleashed course

What is also great, you can download the videos, so you can also watch them later.

As far as I can say, all the videos are suitable more or less for beginners.

AttackDefense Labs

The labs include a huge amount of topics, including: Webapps, MSF, Pivilege Escalation, Eploiting, Wi-Fi, Forensincs, Reversing, Cracking, Python and so on. Some labs include a small task, but others include for example full blown webapps like juiceshop.

Some examples from the Wab Apps labs.

In this case there was a small issue (for me), the labs are timing out after some time, which might be a bit annoying when having a full web app. For the smaller labs I never had problems.

As advanced labs there are also some CTF style labs available.

Verifiable Badges

With verifiable badges it is possible to verfiy your knowlege to an external source, as I did here:

“The holder of this badge has successfully completed the Network Pentesting challenge exercises in Pentester Academy’s AttackDefense labs. These challenge exercises test a practical understanding of how to perform remote network reconnaissance of various infrastructure components.”
(https://www.credential.net/b5050be1-05c9-41fa-93a9-ea0b5cd8825f#.Xg8KBMQX5XM.twitter)

As far as I could see all badges have three small challenges where you have to find flags (like a small CTF), badges are available for lot’s of topics (19 badges are available at the time of this writing) and most of them can be done after you viewed and worked through the courses.

Certifications

It is also possible to take certification exams (like the SLAE): https://www.pentesteracademy.com/exam

This way it is possible to take exams from pentestacademy (if you subscribed) without buying the whole course.

Pricing at time of this writing

Conclusion

My conclusion after using it for myself and speaking to some folks who also using it:

  • it is affordable
  • the content is huge
  • the courses are a great resource espeacially for beginners
  • courses and labs suite for attackers and defenders
  • I like the badges

For me Pentester Academy and AttackDefense Labs is highly recommended.

Links

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.