I completed my SecurityTube Linux Assembly Expert (SLAE) course about a year ago and a lot of people have since asked me whether the course was worth taking, so I thought I'd do a very brief review on the SLAE course. The course is very cheap at just $149 US dollars and the course culminates in a certification which has more in common with writing a research paper than an exam. The certification is the most valuable part of this course and it is where the student will learn most.
I have documented all 7 of my SLAE assignments which make up my certification "research paper" here:
"Is this course worth $149 US dollars?": Hell yeah! Especially if you are thinking of doing Offensive Security's "Cracking the Perimeter" course (I'll refer to it as "OSCE"), then this course will teach you the required knowledge which you will need both in the course exercises and the exam. I can tell you that if I had not completed SLAE before I started the OSCE course, I would have failed the exam. Turns out that I completed the OSCE exam in less than half the time that I was allowed for the exam and doing the SLAE certification played a major part in that achievement (700 hours of study for OSCE were the other part).
I did not keep track of the total time I spent on completing SLAE, but I estimate I spent about 300 hours in total on SLAE - this includes the time to listen to the videos, to do extra research on the course topics, and to complete all 7 certification exercises. I'd say about 80% of my time was spent on the certification exercises. I learned most while doing the exercises.
The SLAE course videos are easy to follow and it quickly becomes apparent that Vivek is an excellent teacher with a very thorough understanding of the materials covered in the course. It doesn't matter that the video's are taken on a webcam in Vivek's living room, I think it adds to the charm of the course. The SLAE is perfect for people who have little or zero experience with the Assembly language. Even Linux experience is not required although having some experience with basic Linux commands will allow a student to navigate through the course slightly faster. The course focuses on Linux 32-bit Assembly in a security context. I found that the knowledge I learned also applies to a certain degree to Windows systems, but if SecurityTube release a Windows focused Assembly course (SWAE?) then I will immediately purchase it if it comes out at a similar price. During SLAE, the student will learn all the basics of Assembly to the point that they will be comfortable with Assembly language, even if they haven't used it before. They will then move on to code their own shell codes and will be taught how to analyze other people's shellcode. They will also learn how to polymorph shellcode and to hide shellcode from anti-virus. The methods taught are still very applicable and I'm glad I did the 32-bit SLAE certification. If a 64-bit version is released I will sign up for it.
After completing the SLAE certification, the student will end up with their own personal shellcodes and more importantly they will have the tools to code more shellcodes if they require them. My shellcodes came in very handy during the OSCE course where I had to evade antivirus.
For anyone thinking of doing OSCP or OSCE, I advise starting with SLAE, then doing OSCP, and finally OSCE.