eCPPT post OSCP/OSCE

Hi all,

So recently, I've taken the PTPv4 training and I'm nearly through it, exam is still ahead though.
Let me also add here that I'm not a professional pentester, I'm an InfoSec pro but rather on the defensive side.
Although, I massively enjoy the pentesting side and truly believe that one should understand/be fluent on both sides.

I'm posting this as a testimonials about things I've really liked about the training:

  • The training is using metasploit a lot and while at the OSCP i've stepped away of it as much as possible (due to the OSCP exam rules, don't know if this is still the case..).
  • So clearly i've learned alot of cool possible moves around metasploit and the whole framework.
  • The Post Exploitation part is really great and gives you loads of neat ideas on what to do next, a few extra miles and you reach very fun levels.
  • I wouldn't have thought so but having lab's solution gave me a way of seeing one possibility while still sharpening my own approach.
  • The Labs are pretty well done, always worked for me and are yours entirely. Which makes come back at it pretty fun.
  • All in all I'm very satisfied with the training. I could practice my rusty pentesting skills while learning some really neat new stuff.
  • Of course I'd have wished for slightly more up-to-date targets as always, but this applies as well on PWK/CTP. So I guess that such targets should be geared towards labs like "Hack the Box" or such.

I'll update this post once through the cert with some added info.

Thanks,
Cheers,
-m-

PS: admins, when will we have an SSL enabled version of this website?? it's 2018!

Comments

  • gphilipsgphilips Member Posts: 22 ■■■□□□□□□□
    mokaz,

    Out of curiosity, since you took the OSCP prior to PTP...

    Many here have suggested that PTP/eCCPT is a decent preparation for OSCP. Would you agree, or would you recommend doing OSCP prior to PTP/eCCPT?

    Best of luck on your upcoming exam!
  • mokazmokaz Member Posts: 172
    Hey there gphilips,

    Yes, i'd say so.. Although you might get "bad" habits so to say, I'm always "still" trying to pwn everything by hands and then confirm it's MSF doable as well. IMPOV yes it's really a good path, i'd say that PTPv4 is a great add on for me right because of the MSF emphasis.. But if you're targeting the OSCP i'd urge to do everything manually (without MSF).. Well, in fact to pwn the system manually, once you've got a meterpreter payload there, you're all allowed to move further with that although without the "autopwn" features (as I recall the OSCP rules...)

    Hope this helps.
    Cheers.
    M
  • yoba222yoba222 Member Posts: 1,237 ■■■■■■■■□□
    Hi mokaz,

    So if you could go back in time, which of the two would you have done first?
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • mokazmokaz Member Posts: 172
    yoba222 wrote: »
    Hi mokaz, So if you could go back in time, which of the two would you have done first?
    Can I? hehe, no seriously i wouldn't change my path. I wanted the OSCP/OSCE badly so I've learned the hard way. Which really works very good with me.. Though as said, i really enjoyed PTPv4.. great things there and a very neat refresh for me.. Cheers, m
  • gphilipsgphilips Member Posts: 22 ■■■□□□□□□□
    mokaz,

    Thanks for the input!

    From what I'm gathering, if one were to do eCCPT first, there'd be a heavy emphasis on using MSF and web based attacks, whereas since you went OSCP first it was far more manual in nature (as per the OSCP exam restrictions on using MSF) and less on the web attack?
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    Interesting! So just to clarify you hsve passed the oscp and osce and are ceritified, then went back to learn the PTP4 course?
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • mokazmokaz Member Posts: 172
    chrisone wrote: »
    Interesting! So just to clarify you hsve passed the oscp and osce and are ceritified, then went back to learn the PTP4 course?

    Yes indeed. One might think that this is weird, although as said i'm not a pro pentester and every years i'm looking at something to study in order to practice my skills. Also you know the whole "CPE" hunt don't you =)

    Let me also add the OSEE is pretty much out of reach (although if once possible i'll sure do it), SANS training's are in my point of view over priced. So we're left with a very few options =)

    Cheers,
    m.
  • MooseboostMooseboost Member Posts: 778 ■■■■□□□□□□
    Curious what your view will be once you do the exam. I kind of did a reverse-but-similar. I did the eJPT exam and then signed up for the PTPv4 because it had a discount when they released it. I had to step away from it due to work certification (work required) focus, but I didn't worry because I had the elite edition. Now work is paying for the OSCP so I am full course charted for that.
  • mokazmokaz Member Posts: 172
    Exam update:

    So I've scheduled and did the exam. The exam scenario was great, making you use all the learned methods and beyond.
    I thought although that it's been a little on the easy side, the pwn's aren't impressive and apart from one or two moves, i haven't' struggled really. It was good fun though because you've got to get every systems in a sequence which makes your quest funny...

    I think as well that i quiet liked to have more time on my side in order to conduct a closer to real life pentest than the OSCP/OSCE where you're pretty much under pressure to actually r00t every possible thing reachable. On the eCPPT, you've got your time although you're requested to find every possible flaws on your targets, which makes it slightly more challenging on the report side i'd say. So i literally took much time enumerating and scanning all over the place..

    One thing that bothered me though was that uploading your report would simply lock you out of your exam completely, thus properly ending your exam (no more exam lab VPN access). Info which i haven't found in the exam documents. So I've properly locked myself out after 4 days.. Believing that I'd already upload a v0.9 report in order for me to be safe.. So take note of that..

    I'll update you on the result.

    Meanwhile i've played a bit in the HackTheBox playground and honestly, i'm done with these certs, i'll from now on practice there. Targets are well uptodate and its really an amazingly done web site/community..
Sign In or Register to comment.