ECSA ( EC-Council Security Analyst) v10 Review:
Hi there,
Today I will write about ECSA it’s an advanced penetration testing course (EC-Council Security Analyst),
You can find official website of this course here:
www.eccouncil.org/programs/certified-security-analyst-ecsa/
This write-up describes my experience and not necessarily be the all parts. Let’s move to the pre-request of this course:
You need CEH (course and practical course) in the new version 10,
I had CEHv9 on Dec/2017,
The Course:
This course extends your knowledge from just knowing the information and tools to use the information that you learnt in CEH and reuse the tool with some advanced technique.
When you look to the syllabus of ECSA you will see the interesting topics such as cloud hacking, IOT hacking and Database Hacking, Internal and external penetration testing but the truth is different.
The Benefits:
To be honest the gold key in this course is to teach you how to get engaged with security industry and how to apply for Pen Test project and complete all business papers pre and post proposal.
As EC-Council always does, their courses contain a lot of theoretical knowledge comparing to the practical phase and that’s what makes them not good enough to take their courses.
ECSA v10 has 16 modules + 10 of self-study, all of them is just slide show.
If you are looking for just deep information you can enroll it.
The practical section contains a website named iLab,
iLab is a virtual environment has windows (server / 8 / 10) and kali – ubuntu – backtrack divided as company departments to apply all the labs.
My Experience:
Ok, for now we learnt all the outline of the course, but we didn’t get my experience and recommendations of ECSA as well,
I am planning to take OSCP but I didn’t feel my PenTest skills as advanced enough after CEH to go for OSCP and that’s why I took ECSA to improve my current Penetration Test experience.
The course, as I mentioned, contains a lot of theoretical information regard to practical,So, if you are looking for Penetration testing practical course you shouldn’t be here.
The course repeats many labs from CEH which is bad for me. I expected more advanced techniques rather than just use old and expired tools and repeat exactly CEH labs and hacking with Metasploit.
To mention some detailed example the Nmap has one more bash script to scan which is new for me and one exploit editing.
The module contains some repeated labs if we investigate cloud you will apply XSS attack than was in web module.
If you look for Database lab you will re-use sql injection but here just to retrieve database table.
I faced a lot of issues in sql labs that does not working. In addition, when I contact lab-support they delayed replying and finally the answer is to forward the issue to the related department and that’s it.
The screenshots and results showing while I’m applying are very different,
In Wi-Fi hacking as we all now, the known scenario to break Access Point or even to penetrate router from outside to get into local network,
But the truth is, making virus for old android devices and then break 4-way hand-shaking but the truth is too far from just WIFI hacking!
In version 10 they removed Report writing and hacking challenges and separated to other course they call it ECSA Practical for commercial reason.
After all I finished the lab and for my first time I am not satisfying with this course, so I don’t recommend any one who need advanced penetration testing course to enroll it.
I only recommend it for the manager or who need just knowledge to work with pen tester not to work penetrate.
When I evaluate the training course they forward all the notes to training center instead to read it and investigate the reason and try to fix it.
Ghani Geek 