eCPPT journey
Comments
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Yea, https://www.elearnsecurity.com/resources/webinars/ptpv4-launch
I've been going through the Systems Security section, really slowly the past couple weeks though. Combine nice weather and cabin trips and makes it tough! Hoping to start kicking this courses butt this week though. -
jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□I'm gonna sign up for the v4 course at the end of the month. Atleast I'll get to save some money before signing up.Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not***** -
chazb0t Member Posts: 42 ■■□□□□□□□□My studies for this is on hold...working on something else (will post a new thread once I actually finish what I'm doing..) then I'll come back to this!
How's everyone progress going?
Finally finished all the slides and videos, going to practice on all the labs today and tomorrow. Looking to start the exam Friday. -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Wonder if it is going to a free upgrade to v4... I'm guessing no but will silently hope.
-
wd40 Member Posts: 1,017 ■■■■□□□□□□Mooseboost wrote: »Looks like the announcement was for PTPv4.
Thanks, I registered for the event ..
When eWPT upgrade was released last year I think they gave 20 or 30 % discounts to attendees . I signed up but did not get the time to start the course. hopefully will complete it this year. -
jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□I think that there is a fee for upgrading to the next version.Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not***** -
Mooseboost Member Posts: 778 ■■■■□□□□□□NetworkNewb wrote: »Wonder if it is going to a free upgrade to v4... I'm guessing no but will silently hope.
Based on what I have read on their forums and from members who have gone through the upgrades in this past - a major revision like this won't be a free upgrade. Of course, they may provide the upgrade for free - you never know! I will be attending the webinar, I think in the past they have given some free upgrades out to those who attend.
I originally wanted to hold off on the course until the update was released, but jumped the gun and got it. I will probably be upgrading either way. -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□Did anyone say how much the upgrade ended up costing them before in the past?
I'm assuming I'll end up purchasing the upgrade as well. They say they are giving out like 1000 prizes, hopefully alot of them are upgrades! -
JoJoCal19 Mod Posts: 2,835 ModI finished the PTSv3 a week ago and was going to jump into PTPv3 this fall, so I'll do the upgrade if it's reasonable or discounted. Waiting to see if I get picked to facilitate SEC560 in August.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
m0wgli Registered Users Posts: 2 ■□□□□□□□□□NetworkNewb wrote: »Did anyone say how much the upgrade ended up costing them before in the past?
I'm assuming I'll end up purchasing the upgrade as well. They say they are giving out like 1000 prizes, hopefully alot of them are upgrades!
When I upgraded PTPv2 to PTPv3 the discount was 40%, upgrading WAPTv1 to WAPTv2 was 75%. -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□When I upgraded PTPv2 to PTPv3 the discount was 40%, upgrading WAPTv1 to WAPTv2 was 75%.
ugh, still 60% of the original costs for the newer PTP. Not sure if I would be buying that or not, we'll see. Thanks for the info -
Mooseboost Member Posts: 778 ■■■■□□□□□□We will see what the upgrade cost is. I am hoping since they sold a LOT of PTP course during their anniversary sale they will give a steeper discount since that was fairly recent and all of those people have v3.
-
UnixGuy Mod Posts: 4,570 ModHope it's free otherwise i might stick to PTP3 (or not) who knows. Right now I can't touch the eCPPT till I finish what I'm working on
-
UnixGuy Mod Posts: 4,570 Modbloody webinar is at 3:00 am my local time.....I registered but I obviously can't login at that time...can I still win something ._.
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□bloody webinar is at 3:00 am my local time.....I registered but I obviously can't login at that time...can I still win something ._.
lol that sux, never know could be worth it! -
chrisone Member Posts: 2,278 ■■■■■■■■■□Hope it's free
yeah...no....so do us PTPv2 guys get the PTPv4 upgrade free too?
Someone mentioned a 30-40% discount for upgrading v2 to v3, which I honestly never saw when I wanted to upgrade from v2 to v3 last year. That equates to a $300-400 discount on a $1000 course. So to upgrade you will spend $600-700
Does that upgrade include lab time?
Original Purchase v3 (900-1100) + discounted upgrade price of (600-700) = Is this cert worth it to spend all that money and time?
OSCP upgrade policies.
Upgrade from PWB v.3.0 to PWK
USD 200.00
Upgrade from PWB v.2.0 to PWK
USD 300.00
Upgrade from PWB v.1.0 to PWK
USD 400.00
OSCP – Certification retake
USD 60.00
Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
chazb0t Member Posts: 42 ■■□□□□□□□□Started the exam 30 minutes ago, here we go!
Not waiting for PTPv4... I didn't spend the last 6 months working on this cert to only delay it further.
Luckily I have a whole week to work on the exam, it should be more than enough time. -
Hornswoggler Member Posts: 63 ■■□□□□□□□□A year later, how did this turn out for everybody? Did it turn out to be the right path? Any updates?2018: Linux+, eWPT/GWAPT
-
chazb0t Member Posts: 42 ■■□□□□□□□□Hornswoggler wrote: »A year later, how did this turn out for everybody? Did it turn out to be the right path? Any updates?
A lot of **** happened since I last posted in here. I failed my eCPPT first attempt in July 2016, I tore my left carotid artery the week after, possibly while working out. I had a low-grade headache like 1/10 pain that just wouldn't go away for a few days, and then suddenly one morning my right arm went numb so I called 911.
I had to spend a week in the Neuro-ICU on stroke-watch because I had a 4 inch blood clot/blockage and have a 4.5 hour surgery while I was awake to put 3 stents in my head and neck. $350k in parts and labor later (thankfully due to Obamacare I only owe $12k out of pocket) I'm fine now just have to take a baby aspirin every morning for the rest of my life.
Passed eCPPT second attempt earlier this year after upgrading to PTPv4 (the buffer overflow and assembly labs are so much better than v3), I signed up for 90 days of OSCP. I have 18 days left in OSCP labs, scheduled my exam for Wed Aug 2nd @ 11am.
I kind of want to buy more lab time even if I pass my first attempt, the OSCP labs are so addicting you get hooked on the challenge, and want to get all the boxes.
Then it's:
Step 1: Apply for pentesting/red team jobs
Step 2: ???
Step 3: Profit? -
wd40 Member Posts: 1,017 ■■■■□□□□□□I started
then stopped
then switched to eWPT because my lab time was going to expire.
then renewed my eWPT lab for 2 more years.
then switched back to eCPPT because I only have one year left for my lab time.
and right now I am doing this on Cybrary, surprisingly I finished more than 50% in one week, so there is hope that I will go back to eCPPT and finish it this time.
https://www.cybrary.it/course/ethical-hacking/
So Basically, no real progress for me.
As a note, I think using Kali as my main OS helped getting me in the mood to study. -
vynx Member Posts: 153 ■■□□□□□□□□I started
then stopped
then switched to eWPT because my lab time was going to expire.
then renewed my eWPT lab for 2 more years.
then switched back to eCPPT because I only have one year left for my lab time.
and right now I am doing this on Cybrary, surprisingly I finished more than 50% in one week, so there is hope that I will go back to eCPPT and finish it this time.
https://www.cybrary.it/course/ethical-hacking/
So Basically, no real progress for me.
As a note, I think using Kali as my main OS helped getting me in the mood to study.
can i know what the thing make you changes the course ? is because of the topic or ? -
jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□A lot of **** happened since I last posted in here. I failed my eCPPT first attempt in July 2016, I tore my left carotid artery the week after, possibly while working out. I had a low-grade headache like 1/10 pain that just wouldn't go away for a few days, and then suddenly one morning my right arm went numb so I called 911.
I had to spend a week in the Neuro-ICU on stroke-watch because I had a 4 inch blood clot/blockage and have a 4.5 hour surgery while I was awake to put 3 stents in my head and neck. $350k in parts and labor later (thankfully due to Obamacare I only owe $12k out of pocket) I'm fine now just have to take a baby aspirin every morning for the rest of my life.
Passed eCPPT second attempt earlier this year after upgrading to PTPv4 (the buffer overflow and assembly labs are so much better than v3), I signed up for 90 days of OSCP. I have 18 days left in OSCP labs, scheduled my exam for Wed Aug 2nd @ 11am.
I kind of want to buy more lab time even if I pass my first attempt, the OSCP labs are so addicting you get hooked on the challenge, and want to get all the boxes.
Then it's:
Step 1: Apply for pentesting/red team jobs
Step 2: ???
Step 3: Profit?
WOW!!! I'm glad that everything worked out for the best! I had to look up what the artery was and WOW! How do you think you messed it up while working out? I swear, when I work out... I'm worried about breaking something.
I'm glad that you were able to bounce back and pass the test.
BO is difficult for me and I really want to skip it and study everything else but I have a feeling that I'll need it for the test and the OSCP.Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not***** -
wd40 Member Posts: 1,017 ■■■■□□□□□□can i know what the thing make you changes the course ? is because of the topic or ?
Basically my job have nothing to do with pen-testing or IT Security, so I am finding it difficult to focus on either of the courses for a long period of time. -
vynx Member Posts: 153 ■■□□□□□□□□is there any whatsapp group / telegram group for eCPPT discussion ?
-
chazb0t Member Posts: 42 ■■□□□□□□□□jamesleecoleman wrote: »WOW!!! I'm glad that everything worked out for the best! I had to look up what the artery was and WOW! How do you think you messed it up while working out? I swear, when I work out... I'm worried about breaking something.
I'm glad that you were able to bounce back and pass the test.
BO is difficult for me and I really want to skip it and study everything else but I have a feeling that I'll need it for the test and the OSCP.
Thanks, and definitely don't skip Buffer Overflows, that was why I failed my first eCPPT exam attempt. I wasn't prepared enough and got stuck on the Buffer Overflow machine and spent my remaining time trying to get it.
But upgrading from v3 to v4 and practicing the Buffer Overflow labs and examples was what I needed to pass the second attempt. If I didn't overlook it I would have passed the first time no problem.
It's important in OSCP as well, there are labs machines that are vulnerable to it, and what I've read online from blogs is 1 of the 5 exam machines you need to modify a proof of concept buffer overflow to exploit the machine.
https://www.reddit.com/r/AskNetsec/comments/6ldxtf/for_those_that_have_taken_the_oscp_how_similar/
"be sure to do the Buffer Overflow until you can explain it to your grandmother." -
Hornswoggler Member Posts: 63 ■■□□□□□□□□A lot of **** happened since I last posted in here.
Yikes! Glad things are better!! That's some crazy stuff.2018: Linux+, eWPT/GWAPT -
jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□Thanks, and definitely don't skip Buffer Overflows, that was why I failed my first eCPPT exam attempt. I wasn't prepared enough and got stuck on the Buffer Overflow machine and spent my remaining time trying to get it.
But upgrading from v3 to v4 and practicing the Buffer Overflow labs and examples was what I needed to pass the second attempt. If I didn't overlook it I would have passed the first time no problem.
It's important in OSCP as well, there are labs machines that are vulnerable to it, and what I've read online from blogs is 1 of the 5 exam machines you need to modify a proof of concept buffer overflow to exploit the machine.
https://www.reddit.com/r/AskNetsec/comments/6ldxtf/for_those_that_have_taken_the_oscp_how_similar/
"be sure to do the Buffer Overflow until you can explain it to your grandmother."
I get the technical stuff for the most part but the hands on is different. Did you use any outside sources for BO? I'm just not getting what to do and ELS isn't the best with explaining it. It's not helpful when I don't have a few files or when stuff doesn't work the way they showed. I don't mind research but I just want to make sure I learn what I need to learn and if I need to do things a certain way, I can from the stuff I learned.Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not***** -
p@r0tuXus Member Posts: 532 ■■■■□□□□□□jamesleecoleman wrote: »I'm just not getting what to do and ELS isn't the best with explaining it.
James, I loved Hausec's write-up of the Trollv2 Vulnhub box in which he explains buffer-overflows pretty well. I suggest a read, if you haven't seen it:
https://hausec.com/vulnhub-write-ups/*****-2/Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE -
chazb0t Member Posts: 42 ■■□□□□□□□□jamesleecoleman wrote: »I get the technical stuff for the most part but the hands on is different. Did you use any outside sources for BO? I'm just not getting what to do and ELS isn't the best with explaining it. It's not helpful when I don't have a few files or when stuff doesn't work the way they showed. I don't mind research but I just want to make sure I learn what I need to learn and if I need to do things a certain way, I can from the stuff I learned.
I didn't use any outside sources but there are lots out there:
Simple Buffer Overflows
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
Stack Based Buffer Overflow Tutorial, part 1 - Introduction
0x0 Exploit Tutorial: Buffer Overflow – Vanilla EIP Overwrite
https://www.reddit.com/r/hacking/comments/1wy610/exploit_tutorial_buffer_overflow/
https://web.archive.org/web/20170617044840/http://www.madirish.net/142