supasecuritybro wrote: » MAJOR difference between the two is that the eCPPT goes into a lot more detail about treating as a PenTest and not just breaking into machines.
hal9k2 wrote: » Thanks for the answer What do you mean by that?
yoba222 wrote: » Hi supasecuritybro, I see you have GPEN. How did it compare to how the eCPPT is? Do you favor one over the other? Do you feel that you're getting less out of the eCPPT now? I ponder self-studying for the GPEN using their course books. Value of the cert on the resume aside, I wonder if I should just skip GPEN and do eCPPT because of the value from doing all the labs.
supasecuritybro wrote: » Still have some time left on my labs and I am really stopping to get some concepts in my mind before going to the next topic. Doing some research on my own and such. I was wondering, do any of you do that? OR are you pushing through topics and circling back later? I am just wondering if I am wasting time doing that or should I just move through the material and circle back.
TimBaker wrote: » How long do you guys reckon is required to complete studying for eCPPT and then taking the exam? It would be nice if we can start a study group at least to keep us motivated.
supasecuritybro wrote: » Tried it with a group but most of them jumped towards the OSCP and others (like me started slow stepping). I think about three months at the most to get all the information in, research, lab and do the exam (7 days, most people say it takes less). So are you planning on it? T
supasecuritybro wrote: » Two completely different animals. I would say that the GPEN is more introductory, building of the framework for anyone who really wants to learn how to be a pentester. The real benefit is going to the class I would say. Ed Skoudis shares so much real world knowledge that I still am processing some of the MP3s and I took the class in in April. The eCPPT is way more in depth. The web app section is completely a school house of information regarding not just breaking in but how things work on web apps. In the GPEN it’s not that deep. The hands on and research I am putting in now is where not having recognition on resumes I am valuing. Most interviews will happen if you have a cert to get you in, you have a GCIH you are getting in. But what happens afterwards… can you explain in plain english how to do what you do? Do you know how application works and how to break them?? I am trying my best to learn those things so I can be a value not just a cert holder.
globalenjoi said: supasecuritybro wrote: » Two completely different animals. I would say that the GPEN is more introductory, building of the framework for anyone who really wants to learn how to be a pentester. The real benefit is going to the class I would say. Ed Skoudis shares so much real world knowledge that I still am processing some of the MP3s and I took the class in in April. The eCPPT is way more in depth. The web app section is completely a school house of information regarding not just breaking in but how things work on web apps. In the GPEN it’s not that deep. The hands on and research I am putting in now is where not having recognition on resumes I am valuing. Most interviews will happen if you have a cert to get you in, you have a GCIH you are getting in. But what happens afterwards… can you explain in plain english how to do what you do? Do you know how application works and how to break them?? I am trying my best to learn those things so I can be a value not just a cert holder. Actually glad to hear this. I paid for the PTP course last December, but haven't had the chance to focus on it until very recently (after my GCIH). I'll be going to the SANS Hackfest Summit next month for the GPEN course and was curious where it would fall in relation to the eCPPT.
