eLearnSecurity - PTPv4 - Journey journal??

supasecuritybro

Not sure how to title this since I am not big into blogging or writing too much in this time of my life since I am pretty busy with a lot of other things.

Any case just got approval for my company to take this course. I was able to get the better discount since I took the PTS and passed the eJPT (woohoo!) prior. I have been on the fence about doing this course or the OSCP (better recognition) since the price falls around the same. I want to be pretty clear when I say the following, I know that OSCP is the more recognized and highly sought out cert BUT I like the method of delivery from eLearn. If I may explain, they build up to the PenTest. Its not here is a concept and go find where it fits. That is awesome for anyone who has extremely a lot of time to give to it. I know a few people who have done the OSCP and are proud they did it but they all say the same thing, Unless you can devote all your time to this....

Also I learn through stages. When its an open concept I can easily obsess over a problem for weeks if I am able to. The eJPT was a great way to get started since it showed each phase without going to deep into the other. It was the hands on CEH I wish ECC would do. The exam was tough and it required to place all the parts together into a real pentest. Granted some of the exploits were extremely old, but being in the field now for a while I know that is real world in most markets. People do not patch for the life of them.

Any case, please join in the conversation/journey with me. I am not interested in hearing what is a better course. I have my reasons as others has their own. I have a CISSP and experience which is what gets me through most doors now.

Let the games begin!!!

g33k3r

Thanks for starting this thread. I was going to sign up for the new PTSv3 this week, but given the discount and inclusion of the PTSv3 material it seems like a great deal. I contacted support about upgrading the barebones to elite and they said there is a discounted option once enrolled. I debating pursing the eJPT first and then tackling the eCPPT. I too also prefer to learn in stages at the beginning.

supasecuritybro

g33k3r wrote: »

Thanks for starting this thread. I was going to sign up for the new PTSv3 this week, but given the discount and inclusion of the PTSv3 material it seems like a great deal. I contacted support about upgrading the barebones to elite and they said there is a discounted option once enrolled. I debating pursing the eJPT first and then tackling the eCPPT. I too also prefer to learn in stages at the beginning.

If you are looking to getting the skills started and learn what it takes (read, the work to research and work) then take the eJPT. If you have the skills already, then don't start it and go to the eCPPT. I didn't have the skills but I wanted to learn and the eJPT was a wonderful start.

MerkatPanda

I believe current offers with PTS FREE bundled. It is good enough, to start going. At last, i'm pumped to start eCPPT with new v4.

supasecuritybro

Started the material this weekend. This week was a bit hectic but I got started after some clarification on the order of the course. They recommend to start with WebApp portion of the course. The each section has been given an introduction area which I appreciate since it covers the must know before diving into the material. I am excited to get this going. I am seeing a little overlap with the eJPT course. I appreciated the amount of information I received in the eJPT course since it really got me on a good base. This is another thing I love about eLearnSecurity method of teaching. I saw on another post regard the OSCP vs eCPPT is that the OSCP is more CTF exercises than pentesting since its a free for all on a network more than building a methodology, which I agree. I haven't taken the OSCP but just seeing extensive reviews on the internet you get the sense that even though you are provided a good amount of information and teaching on how to exploit, when you get into the lab, its up to you to find what you can apply what you have learned to this environment. My experience with ELS method has been the opposite, here is a technique then here is a place to apply it. It builds throughout the entire experience until you hit the exam and then you are on your own.

I will post more as I go.

g33k3r

I'd have to agree with supasecuritybro, ELS likes to methodically ease you into the material. I am a little over a 3rd of the way through the PTSv3 course which has been mainly review except for C++. I am debating whether or not to take the eJPT exam or not since I'll need to spend a few hundred dollars more. I am taking both course (PTSv3 & PPTv4) to gain a better understanding of offensive security so I can better defend organizations. Most likely time will tell due to my work schedule, family, and summer events such as Defcon

bluesquirrel

@supasecuritybro

thanks for sharing this! I am also currently studying PTPv4 ... and I am supposed to start the OSCP in few months ... I do hope the material covered in PTPv4 will fill the gaps that apparently are in the OSCP study material

EngRob

Hey,
A few of us are starting eCPPT in August and are going to chat via slack. PM me your email if you'd like to join us.

bluesquirrel

@EngRob
thanks for the offer! sent you a pm.

supasecuritybro

Update -one month-

Sorry progress since I have new baby at the house but I have been enjoying the webapp section. Its been a little more in depth than the eJPT course with some similarities. I am glad it has been like that since I see the need for webapp pentest ability. I am joining some of the peeps for TE on a group to do this course with them so I will be pausing until they start up. In the meantime, I am going to go through Cybrary Penetration Testing course from Georgia Weidman to get the juices flowing. I wanted to read her book but this will probably be a better overview. Got to keep moving forward since our field is all about learning something new daily.

g33k3r

supasecuritybro, the cybrary course is almost identical to the book which I bought before I found the course. The course and book are great! It taught me that my weak areas are in Web App and Buffer Overflows. I've found a number of other courses through Pluralsight which as filled in some of the gaps. I still need more practice in these areas but I am further along than I was

luger

Hoping to start this one as from next Monday. I have LPIC1 102 exam tomorrow which I am hoping to pass so that i can get on with eCPPT. Very much looking forward to it.....

wd40

luger please join us, we are starting in August.

Please Send a PM to EngRob

And Good luck with your exam.

the_Grinch

Thinking about buying the upgrade for my old version ($350). But also need to finish the eJPT first. Why did they recommend going with the Web section first?

luger

I should be starting on the 24th July so thats just a week off August. Might as well join you and share in the fun Will send him a PM sometime tomorrow morning.

Thanks

g33k3r

I probably won't be able to start until after Defcon. Any idea how long this group will be working together?

BTW, is anyone else going to Defcon this year?

infoseclawyer

I started a couple weeks ago, but would love to be involved. The ECPPT forums are great, but everyone is progressing at their own pace and there isn't much real-time collaboration. I don't have PM privileges yet, but I would love to join up with the group.

jamesleecoleman

I would also like to join if that would be okay. I'm trying to get internet at the place that I'm moving into at the moment. I've done the first three parts of the course and I'm working my way though the wireless section. I'm gonna go back and go over the System and Web stuff more so I can actually understand it. I'll be starting the network labs soon. I hope that I can buy more hours for the lab.

wd40

the_Grinch : I think the web section is the easy part in the course .. join us maybe you will like the discussion and decide to upgrade now.

As of now we have 8 members in the group.