ECSA ( EC-Council Security Analyst) v10 Review:
You can find official website of this course here:
This write-up describes my experience and not necessarily be the all parts. Let’s move to the pre-request of this course:
When you look to the syllabus of ECSA you will see the interesting topics such as cloud hacking, IOT hacking and Database Hacking, Internal and external penetration testing but the truth is different.
As EC-Council always does, their courses contain a lot of theoretical knowledge comparing to the practical phase and that’s what makes them not good enough to take their courses.
ECSA v10 has 16 modules + 10 of self-study, all of them is just slide show.
If you are looking for just deep information you can enroll it.
Ok, for now we learnt all the outline of the course, but we didn’t get my experience and recommendations of ECSA as well,
The course, as I mentioned, contains a lot of theoretical information regard to practical,So, if you are looking for Penetration testing practical course you shouldn’t be here.
The course repeats many labs from CEH which is bad for me. I expected more advanced techniques rather than just use old and expired tools and repeat exactly CEH labs and hacking with Metasploit.
The module contains some repeated labs if we investigate cloud you will apply XSS attack than was in web module.
If you look for Database lab you will re-use sql injection but here just to retrieve database table.
I faced a lot of issues in sql labs that does not working. In addition, when I contact lab-support they delayed replying and finally the answer is to forward the issue to the related department and that’s it.
The screenshots and results showing while I’m applying are very different,
In Wi-Fi hacking as we all now, the known scenario to break Access Point or even to penetrate router from outside to get into local network,
In version 10 they removed Report writing and hacking challenges and separated to other course they call it ECSA Practical for commercial reason.
After all I finished the lab and for my first time I am not satisfying with this course, so I don’t recommend any one who need advanced penetration testing course to enroll it.
I only recommend it for the manager or who need just knowledge to work with pen tester not to work penetrate.