+ Reply to Thread
Results 1 to 7 of 7
  1. Junior Member Registered Member
    Join Date
    Jul 2018
    Posts
    5

    Certifications
    OSCP, CISSP, Security+, SLAE
    #1

    Post Passed SecurityTube Linux Assembly Expert (SLAE)

    After passing the OSCP, much like many others here, I started eyeing the OSCE. Unfortunately, it was pretty clear to me that I was not ready to just immediately jump in as I paused at the second half of the sign up challenge as I had not ever done what they were asking me to do. However, researching other peoples experiences through blogs and thread posts (here on this very forum) I was quickly pointed in the direction of the SecurityTube Linux Assembly Expert (SLAE).


    It had been quite a while since I was actively writing any kind of assembly code, however this course really did a great job of bringing me back up to speed quickly and focusing on x86 shellcode. The self paced format was a welcomed change of pace after spending three months heads down on the OSCP, and the final exam format requiring blogging/github really forced me to dig deep into concepts in order to be able to properly explain them.


    I learned an absolute ton in this course and would recommend it to anyone who has any interest in learning more about shellcode! After completing it I went back to the OSCE signup page again and this time it took about five minutes to produce the value needed to proceed forward with registration, so this course provided me with exactly the outcome that I was hoping for! As soon as DefCon is over this year I am planning on signing up for the OSCE, but in the meantime I just wanted to give my two cents on why I thought the SLAE was such a good course!
    Reply With Quote Quote  

  2. SS
  3. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,695

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , LFCS, C|EH , PA ACE
    #2
    Very cool write up! how long did it take you to study and pass the SLAE? Did you use any other resources during your studies?
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), eCPPT (obtained), OSCP PWK (in progress), SpecterOps: Adversary Tactics Red Team OPS (Blackhat 2k18 ), OSCE CTP (Oct Start)
    Reply With Quote Quote  

  4. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,595

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #3
    Congrats on the pass! Glad to hear it gave you exactly the skills and knowledge needed to do the challenge for OSCE signup. Like chrisone, I'd like to get some more background on your study plan and time for SLAE, as well as any other resources used.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, AWS CCP, CEHv8, CHFIv8, ITIL-F, BSBA - UF, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning: Linux/CLI, Git, Python, Pentesting
    Next Up:​ eJPT, eCPPTv2, OSCP
    Studying:​ Code Academy (CLI, Git, Python), eLearnSecurity PTSv3
    Reply With Quote Quote  

  5. Junior Member Registered Member
    Join Date
    Jul 2018
    Posts
    5

    Certifications
    OSCP, CISSP, Security+, SLAE
    #4
    Thanks y'all, I have been lurking these forums for quite some time now so it is nice to be able to contribute back!


    For me the timeline was:
    --------
    May 5, 2018: Course Purchased
    May 6, 2018: Course materials arrived via email (7ish GB download)
    July 7, 2018: Sent in final exam (links to blog posts, github, exploit-db submission, etc)
    July 12, 2018: Received email congratulating me on passing
    --------


    The time I spent on this exam was around two months of my spare time, although this course ended up taking a lot more work than I was anticipating. Seven assignments does not really sound like a lot at first, but assignment five and six both had three parts so the exam really ended up being closer to eleven assignments. I also really wanted to understand the material so if I did not understand something I would generally spend as much time as it took to fully understand the instruction(s) (and why they were being used) line by line by line. If I couldn't explain it in detail then I would not move on to the next part.


    As for study materials, here is most of what I used:
    --------
    https://en.wikibooks.org/wiki/X86_Disassembly
    https://www.google.com/


    One of the main benefits of the SLAE is that every new student generates a new set of resources since it requires all code being written be open source and each blog post to be published online! While I tried to limit the amount of help I would give myself I did on occasion check out a previous students posts in order to get a better understanding of a concept if I was struggling with it. I found that by the SLAE asking the student to provide an in depth analysis to be published online in a blog it really pushed me to make sure I was publishing higher quality results.

    Going into this course I had never really stopped and thought much about shellcode, but by the end of it I was able to generate my own shellcode from assembly code that I had written myself and was even able to submit shellcode to the exploit-db that was accepted and added! All in all a wonderful course and was definitely worth the cost for me!
    Reply With Quote Quote  

  6. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    727

    Certifications
    CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #5
    I appreciate your sharing the positive securitytube experience. One of these days I'm going to have to invest the time into one of Vivek's courses.
    2018: CCNA Cyber Ops cohort 7
    2019: OSCP | CISSP or CISA
    Reply With Quote Quote  

  7. Stayed at a Holiday Inn.. the_Grinch's Avatar
    Join Date
    May 2007
    Posts
    3,979

    Certifications
    BS-CST MLS CISSP GMON MPSC Security+ XRY 1+2+3 XAMN AAA AA CMFF CCO CCPA
    #6
    Congrats! It's definitely on my long list of stuff to complete!
    WIP:
    Python
    Java
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Jul 2018
    Posts
    5

    Certifications
    OSCP, CISSP, Security+, SLAE
    #7
    I posted a fairly in depth reply yesterday but the forum flagged it as possible spam, not sure how to get an admins attention to have it unflagged, but as soon as that happens it should pop up! Also, thanks for the congrats!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks