eCPPT over here, even though everyone I know is doing the OSCP
supasecuritybro
Member Posts: 206 ■■■■□□□□□□
Good morning everyone. I wanted to start a thread for some eCPPT from eLearn folks. I have been working through the material a lot slower than I have seen my peers doing so and moving on to the OSCP. I have seen that the motivation is a little different since I am not technically on a time limit at this time. Still have some time left on my labs and I am really stopping to get some concepts in my mind before going to the next topic. Doing some research on my own and such. I was wondering, do any of you do that? OR are you pushing through topics and circling back later?
I am just wondering if I am wasting time doing that or should I just move through the material and circle back.
I am just wondering if I am wasting time doing that or should I just move through the material and circle back.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
Comments
-
hal9k2 Member Posts: 77 ■■■□□□□□□□Hey
I am myself considering buying eCPPT but I am thinking about this like a step to OSCP as I am not so confident for the last one.
Regarding your question. During eJPT I moved trough the material quite fast (you can't memorize everything) I was also doing a lot of notes (in OneNote) especially from exercises and labs. Stuff like commands used etc... It was a good strategy when attempted exam, as they saved my ... I think this is will be for eCPPT as well
Can you say why you decided to go for eCPPT instead of OSCP? As I am still undecided... -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Going to the eCPPT was a financial decision for me. I was able to save some money going to the v4 when they launched so I went for it. Also my company paid for it. I would have done the OSCP if that would have not been the case. I like the method they teach and also the MAJOR difference between the two is that the eCPPT goes into a lot more detail about treating as a PenTest and not just breaking into machines. I would prefer the fun of breaking in but I want to be able to make a business out of it.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
hal9k2 Member Posts: 77 ■■■□□□□□□□Thanks for the answersupasecuritybro wrote: »MAJOR difference between the two is that the eCPPT goes into a lot more detail about treating as a PenTest and not just breaking into machines.
What do you mean by that? -
yoba222 Member Posts: 1,237 ■■■■■■■■□□Hi supasecuritybro,
I see you have GPEN. How did it compare to how the eCPPT is? Do you favor one over the other? Do you feel that you're getting less out of the eCPPT now? I ponder self-studying for the GPEN using their course books. Value of the cert on the resume aside, I wonder if I should just skip GPEN and do eCPPT because of the value from doing all the labs.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
mokaz Member Posts: 172Hey there, i've done OSCP/OSCE and will do eCPPT as well. So nothing wrong really!! Go search knowledge
-
supasecuritybro Member Posts: 206 ■■■■□□□□□□Thanks for the answer
What do you mean by that?
From the looks of the post people do on these forums, the OSCP is enumerate, pillage, show proof and write up a report of findings. With the eCPPT, you will be given Rules of Engagement and you have to complete those requirements and provide a report. It is also a longer period of time. So it will be like an actual PenTest engagement.
I want to be clear before anyone puts my head on a pike, I completely respect anyone who has done the OSCP and will want to complete it next year. I am not bashing one over the other. Its just an observation made over the information provided. Also I have a few friends who have the OSCP and they mention its about getting in and knowing your way around. I will circle back to this theory when I have completed both.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
supasecuritybro Member Posts: 206 ■■■■□□□□□□Hi supasecuritybro,
I see you have GPEN. How did it compare to how the eCPPT is? Do you favor one over the other? Do you feel that you're getting less out of the eCPPT now? I ponder self-studying for the GPEN using their course books. Value of the cert on the resume aside, I wonder if I should just skip GPEN and do eCPPT because of the value from doing all the labs.
Two completely different animals. I would say that the GPEN is more introductory, building of the framework for anyone who really wants to learn how to be a pentester. The real benefit is going to the class I would say. Ed Skoudis shares so much real world knowledge that I still am processing some of the MP3s and I took the class in in April. The eCPPT is way more in depth. The web app section is completely a school house of information regarding not just breaking in but how things work on web apps. In the GPEN it’s not that deep. The hands on and research I am putting in now is where not having recognition on resumes I am valuing. Most interviews will happen if you have a cert to get you in, you have a GCIH you are getting in. But what happens afterwards… can you explain in plain english how to do what you do? Do you know how application works and how to break them?? I am trying my best to learn those things so I can be a value not just a cert holder.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
tedjames Member Posts: 1,182 ■■■■■■■■□□supasecuritybro wrote: »Still have some time left on my labs and I am really stopping to get some concepts in my mind before going to the next topic. Doing some research on my own and such. I was wondering, do any of you do that? OR are you pushing through topics and circling back later?
I am just wondering if I am wasting time doing that or should I just move through the material and circle back.
I'm working on eJPT. I've been through the material once, and now I'm going through it again in more detail. After following each tutorial, I'm following them up with outside training to reinforce the topics. I'm almost finished with Bucky Roberts' Burp Suite course. It's much more detailed than the eJPT material, and I'm retaining more. I'm going to do the same with his nmap, Wireshark, and Metasploit courses. It's free, and it's excellent as far as I'm concerned. Check it out: https://thenewboston.com/ -
Khohezion Member Posts: 57 ■■■□□□□□□□Hey, I'm starting the eCPPT as well since my CSA+ was a fail... but for myself I plan on understanding each topic thoroughly before I go onto the next topic.
I got the bundle with the eWPT because I though prices were going to go up... also I've attempted the OSCP before and it did not end well, I think that the format of eLearnSec's courses holds you hand and walks you through concepts which is good stepping stone towards the OSCP. -
TimBaker Registered Users Posts: 14 ■■■□□□□□□□How long do you guys reckon is required to complete studying for eCPPT and then taking the exam?
It would be nice if we can start a study group at least to keep us motivated. -
supasecuritybro Member Posts: 206 ■■■■□□□□□□How long do you guys reckon is required to complete studying for eCPPT and then taking the exam?
It would be nice if we can start a study group at least to keep us motivated.
Tried it with a group but most of them jumped towards the OSCP and others (like me started slow stepping). I think about three months at the most to get all the information in, research, lab and do the exam (7 days, most people say it takes less). So are you planning on it?
TCompleted: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
TimBaker Registered Users Posts: 14 ■■■□□□□□□□supasecuritybro wrote: »Tried it with a group but most of them jumped towards the OSCP and others (like me started slow stepping). I think about three months at the most to get all the information in, research, lab and do the exam (7 days, most people say it takes less). So are you planning on it?
T
Hahaha, about jumping to OSCP. I actually plan on OSCP but not yet. I bought the PTPv4 material last year but stalled due to work and lack of discipline.
I'm hoping i can take the exam by end of March 2018, I've got CCNA Security exam in about a month so I just want to get into the eCPPT material slowly.
When do you plan on taking the exam? -
supasecuritybro Member Posts: 206 ■■■■□□□□□□I’d like to be done with it no later than Jan 2018. I have a 1 year old and another coming in March. I’d like to be done with the OSCP before he shows up but it may be after.Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power -
globalenjoi Member Posts: 104 ■■■□□□□□□□supasecuritybro wrote: »Two completely different animals. I would say that the GPEN is more introductory, building of the framework for anyone who really wants to learn how to be a pentester. The real benefit is going to the class I would say. Ed Skoudis shares so much real world knowledge that I still am processing some of the MP3s and I took the class in in April. The eCPPT is way more in depth. The web app section is completely a school house of information regarding not just breaking in but how things work on web apps. In the GPEN it’s not that deep. The hands on and research I am putting in now is where not having recognition on resumes I am valuing. Most interviews will happen if you have a cert to get you in, you have a GCIH you are getting in. But what happens afterwards… can you explain in plain english how to do what you do? Do you know how application works and how to break them?? I am trying my best to learn those things so I can be a value not just a cert holder.
Actually glad to hear this. I paid for the PTP course last December, but haven't had the chance to focus on it until very recently (after my GCIH). I'll be going to the SANS Hackfest Summit next month for the GPEN course and was curious where it would fall in relation to the eCPPT. -
TimBaker Registered Users Posts: 14 ■■■□□□□□□□globalenjoi said:supasecuritybro wrote: »Two completely different animals. I would say that the GPEN is more introductory, building of the framework for anyone who really wants to learn how to be a pentester. The real benefit is going to the class I would say. Ed Skoudis shares so much real world knowledge that I still am processing some of the MP3s and I took the class in in April. The eCPPT is way more in depth. The web app section is completely a school house of information regarding not just breaking in but how things work on web apps. In the GPEN it’s not that deep. The hands on and research I am putting in now is where not having recognition on resumes I am valuing. Most interviews will happen if you have a cert to get you in, you have a GCIH you are getting in. But what happens afterwards… can you explain in plain english how to do what you do? Do you know how application works and how to break them?? I am trying my best to learn those things so I can be a value not just a cert holder.
Actually glad to hear this. I paid for the PTP course last December, but haven't had the chance to focus on it until very recently (after my GCIH). I'll be going to the SANS Hackfest Summit next month for the GPEN course and was curious where it would fall in relation to the eCPPT. -
supasecuritybro Member Posts: 206 ■■■■□□□□□□I have paused the course since I got selected for the GREM course as a work study and my job wanted me to do some work related security tool course work. I am going to back to the eCPPT afterwards and just get it done. It has a lot of great material in it. I would have like to upgrade the coursework to the newest version that came up recently but I am good with what I have. I will follow up with more info as it comes up.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power