eCPPT thread

veritas_libertas · July 2015

I finished off the eJPT last weekend and I'm now trying to move full steam along with the eCPPT. Anyone else studying for it?

JubeiYagaru · July 2015

I will be. How long roughly did it take you to do the eJPT studies ? I'm at the end of module 3 of the preliminary , but everything so far seems really straight forward. Due to doing the payment plan though, I'll only have access to a portion of the eCPPT material each month until its paid off. So when month 2 hits for example, I'll get the next section on top of what I already have, month 3 a newer section on top of the last 2, etc.

veritas_libertas · July 2015

Interesting. I didn't realize it worked that way.

eJPT took me too long. I purchased it around April. I could have completed it in month, but I wasn't in a hurry.

I'm currently in the web application section. Web Application is probably my weakest area since most of it is entirely new for me.

veritas_libertas · August 2015

Made it through through reading the WebApp and System Security sections. A lot of it is review for me with introductions to new tools. The System Security section brought up topics that are entirely new to me, Buffer Overflow and Shell Coding. I think this is what is going to be the hardest for me. I'm not a developer and I remember nearly zero from my C programming class in college.

UnixGuy · August 2015

Skimming through the objectives, I think buffer overflow might be one of the trickiest topics in pentesting in general!

veritas_libertas · August 2015

Started the Ruby section yesterday and should be finished with the first module this evening. The material is well written and I'm enjoying it. After I'm done with Ruby I'm going to turn back to turn around and start trying to digest the Buffer Overflow and Shell Coding sections.

SaSkiller · August 2015

Are there more videos in the Pro class? I know I wasn't a big fan of the slides in the student class.

veritas_libertas · August 2015

There are quite a few more videos. You have to keep in mind that there is a lot more content as well. If videos are your method of study then this is probably not for you.

Bodanel · August 2015

Hi guys

I've learned alot on this forum so it is my time to give something back. Here is my eCCPT exam review maybe someone will find something useful here.

About a month ago I've got the confirmation that I passed the exam.

Since the exam is 7 days long I took a week off just to focus on the exam. I've started sunday after lunch in order have have my head clear.

While my progress was good and manage to reach all the points without using all the days provided I failed my first attempt. Why ? Because I didnt do a good report. Guess what: I was so f$%^& thrilled that I managed to get all the objectives that I've neglected the reporting part. And the most frustrating part is that all those missing parts from the report were present inside the notes I've tooked during the pentest phase. You cant imagine the anger when I've seen the feedback and realize that it was correct.

Advice: before writing and AFTER finishing the report read another time the reporting guide included in the course. It will save you an attempt

Another advice: when you're blocked get a break. I was blocked on the buffer overflow section for a whole day (my bad and it was something so trivial that I've used some not very nice words when I realized what the problem was) - from 8am to 10 pm. I got to bed and in the morning went to the gym. I swam a few pools, stayed a little in the sauna and started again. In 2 hours I was able to finish what I could not the whole day before.

TAKE NOTES. This saved me alot of time both during the test and when I redid my report.

If an attack/exploit doesnt work for you read your notes again, they will point you in the right direction.

Stay calm, 7 days are more than enough. If you understood the material you cannot fail. You have been given everything needed to pass the exam.

The exam is great. It simulates a real penetration test and it was FUN.

Feel free to ask if you want to know something.

veritas_libertas · August 2015

@Bodanel: Thank you for taking the time to write about your eCPPT experience. May I ask what your background is and if any of your experience helped with this exam?

Bodanel · August 2015

@veritas_libertas

Hi

I have a bachelor in Computer Science, 11 years in the IT field (3 as support, 8 as sysadmin). Experience helped alot. I moved very fast over the basics of system and networking sections as I already knew lots of information presented there. I also ignored the Ruby section since I know some basic BASH and Python (i could use during the exam some of the code I developed for another course) so I could focus on other topics.

veritas_libertas · August 2015

Still going through Ruby. The stomach bug had me out of commission for most of the weekend. Getting back into PDFs and hitting it hard. I'm still enjoying Ruby and finding it to be a lot easier to digest than some languages I have to tried to pick up like C and Python.

veritas_libertas · September 2015

I've been digging into the Buffer Overflow section now for about a week. It's been slow going as I try to get use to to Assembly understanding the memory stack and getting at least a novice understanding of C. It's been rough going and a few things have really helped:

eCPPT forums are good. I wish there were more threads and active members, but that's not eLearnSecurity's fault.
Georgia Wiedman's section on exploit development on Cybrary is really clearing things up for me. Hearing the same thing explained differently helps and she does a great job breaking it down: https://www.cybrary.it/video/exploit-development-part-2/

Basically I'm being forced to learn multiple language and new concepts at once: Ruby, Python, Assembly and x86 memory architecture. Ugh!

fuz1on · September 2015

Fellow eLearnSecurity SRL student here! I'm about ready to take the certification exam! Good luck!

pstiva · September 2015

how did you find the course?

I'd like to sign up too but I'm still undecided between this and the oscp..

Mike-Mike · September 2015

Trying to get my work to pay for this

veritas_libertas · September 2015

Been slow going lately. Work and life sometimes just get in the way

fuz1on · September 2015

pstiva wrote: »

how did you find the course?

I think the course is great! Informative, in-depth and comprehensive. They also update course material which is refreshing. I haven't taken anything Offensive Security but I hear good things about them too. As for recognition, OSCP (and their partnership with Kali Linux) wins. It typically takes a long time for penetration testing certifications to get known to HR departments but eCPPT is well on its' way there (even OSCP took a couple years).

eth0 · September 2015

is there some reason to do eCPPT after OSCP? because I think about do eCPPT because syllabus looks good

chazb0t · December 2015

Veritas any updates?

I received my eJPT cert in September and took a bit of a break, I got pretty burned out from trying to earn eJPT as fast as possible. I did eJPT in about a month.

I started eCPPT and I was hoping to catch up to you, I'm on the shellcoding module right now. I have zero programming or infosec experience or background, so I definitely slowed down a lot once I hit the buffer overflow/shellcoding stuff.

Surrealalucard · December 2015

veritas_libertas wrote: »

Been slow going lately. Work and life sometimes just get in the way

I have been thinking about taking the eJPT and after the eCPPT. Did you have any prior experience going into the eJPT? Like working experience or previous certs that might have helped. I have been going through the prof messer vids for a+ net+ and working through net+ now to sec+ and its sooooo slow. I know quite a bit already but was just wondering if any of that is actually going to help me with pen testing.

veritas_libertas · December 2015

Hah... sorry everyone. I've been pretty busy and hadn't realized anyone had replied to this thread. I'll update it soon and give a status. Suffice to say I haven't given up on the course and exam.

fuz1on · December 2015

Same here. I plan on taking it ASAP! Keep you guys posted on my progress and anything else useful...

Good luck, veritas_libertas!

veritas_libertas · December 2015

chazb0t wrote: »

Veritas any updates?

I received my eJPT cert in September and took a bit of a break, I got pretty burned out from trying to earn eJPT as fast as possible. I did eJPT in about a month.

I started eCPPT and I was hoping to catch up to you, I'm on the shellcoding module right now. I have zero programming or infosec experience or background, so I definitely slowed down a lot once I hit the buffer overflow/shellcoding stuff.

This and the Web App section are going to be the hardest for me. Fun though. A book that's been helping me immensely is Georgia Wiedman's book, "Penetration Testing: A Hands-On Introduction to Hacking" Penetration Testing: A Hands-On Introduction to Hacking: Georgia Weidman: 9781593275648: Amazon.com: Books. The sections on shell scripting, buffer overflows and shell coding was worth the price of the book. It's hard to find a good introduction. I think eLearnSecurity's documentation is enough, but hearing it explained differently by someone else seems to fill in blanks for me.

These sites are nice for exploit development:

FuzzySecurity | Tutorials
https://www.cybrary.it/course/advanced-penetration-testing/

Surrealalucard wrote: »

I have been thinking about taking the eJPT and after the eCPPT. Did you have any prior experience going into the eJPT? Like working experience or previous certs that might have helped. I have been going through the prof messer vids for a+ net+ and working through net+ now to sec+ and its sooooo slow. I know quite a bit already but was just wondering if any of that is actually going to help me with pen testing.

I had done the GPEN/SANS560 before taking the eJPT. Work paid for it and it was excellent.

A+ and Network+ knowledge is important if you want to get into INFOSEC. It all builds on top of each other. VLANs, Operating Systems, Group Policy, File Permissions, etc. Don't be a tool guy/gal. You have to love learning and studying.

eth0 wrote: »

is there some reason to do eCPPT after OSCP? because I think about do eCPPT because syllabus looks good

Well I'm planning on doing the OSCP after the eCPPT.

I enjoy the challenge and want to do it to improve my skills and hopefully prove myself to my employer and future employers. I certainly don't think it would hurt you.

veritas_libertas · December 2015

I'm currently in the labbing, review, and note taking phase. Trying to grab any time I can to get ready between work and family. I'm nervous about the exam because I know it's gonna be long and to be honest the report writing is my worst fear

If anyone who has been through the eCPPT and OSCP has any advise on writing reports I'll gladly take it.

Surrealalucard · December 2015

veritas_libertas wrote: »

I had done the GPEN/SANS560 before taking the eJPT. Work paid for it and it was excellent.

A+ and Network+ knowledge is important if you want to get into INFOSEC. It all builds on top of each other. VLANs, Operating Systems, Group Policy, File Permissions, etc. Don't be a tool guy/gal. You have to love learning and studying.

Awesome, good to know they actually help. I will continue through the comptia videos/books then and work toward eJPT.
Thanks and good luck!

xXxKrisxXx · December 2015

veritas_libertas wrote: »

I'm currently in the labbing, review, and note taking phase. Trying to grab any time I can to get ready between work and family. I'm nervous about the exam because I know it's gonna be long and to be honest the report writing is my worst fear If anyone who has been through the eCPPT and OSCP has any advise on writing reports I'll gladly take it.

Be sure to take a good amount of screenshots and make sure they are clear and to the point. Include links to the applicable CWE, CVE, OWASP, WASC, Microsoft Security Bulletin vulnerabilities found. Don't be afraid to make your own charts to make your report look legitimate. I made 2 labeled, 'Vulnerabilities Found by Impact' and 'Attack Vectors by Type'. You'll see inconsistencies on the different graders with eLearnSecurity. To earn my eCPPT Gold and Silver Certifications, I didn't have to write out my steps to replicate the attacks. The individual who graded my eWPT Submission felt it necessary to fail me first go around and told me to include steps for replicating the attack.

veritas_libertas · February 2016

Thanks xXsKrisxXx, your comments are spot on.

I just received notice that I passed the exam. I'll update this thread later on today or tomorrow to give my review.

veritas_libertas · February 2016

The eCPPT is probably one of the most enjoyable and difficult courses I've taken. I can't compare it to the OSCP because I've taken that course, although it is on my radar for next year.

I started the course in March of last year and life got in the way. Nearly 365 days to complete

Anyhow, I'll break the course down to likes and dislikes:

Like:

Videos and PDFs are excellent
Although this course emphasizes network pen testing, it goes somewhat deep into web pen testing. More than the GPEN did.
Ruby, C and Assembly are covered. Not a deep dive, just enough to get you started on exploit development.
Labs are good! I really enjoyed the labs and I still have time left over.
Instructors are available and more than willing to help.
Forum has active members that are willing to answer your question if it's not outright ridiculous.

Dislike:

Forum members who show themselves to be unwilling to work. Some even like to ask questions about the exam!
Some of the software recommended for the web apps was seriously out of date.

Overall I really enjoyed the course.

The exam for me was challenging but not overwhelming. Most likely because I spent a long time preparing. Probably more than I needed to. Although I disliked it at first, the report writing proved be a good learning experience for me.

Advice if you are going to take this exam:

Read all the PDFs, watch all the videos and do all the labs.
Read Georgia Wiedman's book: http://www.amazon.com/Penetration-Testing-Hands-On-Introduction-Hacking/dp/1593275641. It was a good supplement.
When you get to the report writing phase of the exam, ask questions! Each instructor has their own approach to the reports from what I've found.
Know System Security portion of the exam. Learn to love Immunity Debugger. It's your friend

chazb0t · February 2016

Do they actually test you on the Ruby and Assembly stuff? Or is it just a longer and more in-depth eJPT exam?

veritas_libertas · February 2016

You're going to need have some understanding of programming. Not an expert, but at least a novice. You'll end up doing doing some exploit writing to pass the exam. Assembly and Ruby are not required. Know C++.

Comparing it to the eJPT is hard. It's much more difficult.

eCPPT thread

Comments