eJPT or eCPPT?

I have search everywhere on the net and always find "eJPT or OCSP" or "eCPPT vs OSCP" etc, but I cannot find anything on "eJPT or eCPPT." I am wondering if the eCPPT includes most (if not all) of the eJPT materials. The eLearning pages link funny, so if you click on eJPT and then try to find education, pricing, demos, etc. it will try to throw you towards the eCPPT page. I see on other forms that the eCPPT is for the very basic beginner and requires no prior experience, but eLearn wants you to do the eJPT first.

Thoughts?

Find more posts tagged with

Comments

wd40

If you are new to IT security I think you should go for eJPT first, there are free alternatives on Cybrary but they will not give you the same environment provided by eLearnSecurity.

I passed eJPT 3 years ago, it was a good (and relatively easy) practical introduction.

You can get the Penetration Testing Student course PDFs for free by subscribing to The Ethical Hacker Network and upgrade to the full course if you like later.

https://www.ethicalhacker.net/

You can download the Syllabus for both certificates and compare them.

https://www.elearnsecurity.com/course/penetration_testing_student/

https://www.elearnsecurity.com/course/penetration_testing/

greengeek

Sorry to Necro this post, but it is exactly what I am wondering as well. I have a similar background mvparish cert wise and am looking into specializing somewhat in pentesting and going more redteam. I've worked in IT for over 15 years and in security for over 5 (blue team, information security). I passed the CEH, which was really easy, but I don't feel that other than the name, it had really much to do with hacking. I passed the pentest+, but barely, as that was a much harder and more technical test.

I am looking to go for the OSCP at some point, but want to practice and study before doing so. Both cert studying and the CTF route. Has anyone taken both the eJPT and eCPPT? I am curious as well if the eJPT test being the much cheaper one, is covered within the eCPPT or if there is a lot of value to do both seperately.

NetworkNewb

My opinion would just to go straight for the OSCP and not waste your time and money with the smaller certs. No need to delay your end goal further. If you hit a roadblock, study/lab that area more. I don't think you would be doing yourself any favor going for other certifications. Just my 2 cents

greengeek

Thank you for your reply NetworkNewb. I am not interested in the elearningsecurity certs for cert sake. I am more interested in the learning side of it. I hear their training is really good. While OSCP would be more as a end goal of getting it just for cert sake, and not necessarily for the learning, as it sounds like their class is more of a just try harder type thing. While the cert appears to be the end game for the HR gatekeepers for red teaming and pentesting.

Another option would be to use online resources I already have access to through work and school, like pluralsight and lynda and then try some CTFs. I learn best by watching videos and doing labs. Just not sure if that will give me both the basics and the more intermediate training I could use for work as well as what is needed to eventually take the OSCP. It would definitely be cheaper, but would it cover as much as if I went the elearningsecurity route?

yoba222

If my eCPPT request gets approved at work, I'll let you know. Might be 2 or 3 weeks before I find out though. I don't know the overlap at all between the two.

I don't love CTFs because I find them to be more gameified in their goal rather than to get practice pentesting in a lab-like environment. I mean they're okay. Some of the labs were excellent in eJPT though and nicely polished. This was in 2016, but for example there was a MiTM lab where you ARP spoof and actually grab credentials like this. They must have some kind of bot that simulates user activity every few minutes. Not going to get this kind of attention to detail downloading Kioptrix Levels 1-5. I should redo the labs. I still have access to them and a few hours of lab time left, three years later.

If you scroll to the bottom of each, you can compare the labs. They look different to me, though I wish they'd describe the PTP labs:
https://www.elearnsecurity.com/course/penetration_testing_student/
https://www.elearnsecurity.com/course/penetration_testing/

NetworkNewb

greengeek said:

Thank you for your reply NetworkNewb. I am not interested in the elearningsecurity certs for cert sake. I am more interested in the learning side of it. I hear their training is really good. While OSCP would be more as a end goal of getting it just for cert sake, and not necessarily for the learning, as it sounds like their class is more of a just try harder type thing. While the cert appears to be the end game for the HR gatekeepers for red teaming and pentesting.

I still stand by just going for OSCP and learning things you need as you go. Saving a lot of time and money. I've gone through some of the eCCPT material (I actually bought the course) and personally wasn't super impressed with it and it was a lot of going through power point slides and some labs. So many just reading power point slides... Maybe it has changed though since that was like over a year ago. Definitely wasn't the current version of it they are on.

Feel ALOT of people seem to avoid the bigger certs and think lower certs/material will help them to start off. Which from my experience just wastes time and money towards the end goal... And believe most would learn a lot more by building a lab and getting a book on topics (or watching videos...). Instead of just logging into someone else's lab and going through the motions already that have been setup.

Ive heard your argument over and over from people taking some small steps beforehand will help them learn the material better... Been on this forum for awhile and believe that argument will never die. But one common thing I see on here is people who don't shy away and go right after and achieve those harder certifications, is they usually have some story of them moving up quickly in their careers as well.

If you want to just learn the material you should just build a lab and learn the topics you are interested in learning. The course your planning on buying is geared toward a broad area of things and will only go into areas as far as that certification needs you to know... Which probably isn't that deep. Then there will be a ton of things they will teach for your cert that you will never touch again and would be a waste of your time... Sounds like you have your mind set on trying out elearningsecurity and my opinion won't change that, but this just my experience of being on here for a long time and trying a lot of things out myself.

greengeek

Thank you NetworkNewb and yoba222 for your replies. I haven't made my mind up yet. I don't mind going for the bigger certs. I am fairly top heavy on the blue team side of it with CISSP, CISM, CISA, CASP etc. Not sure I would necessarily call them harder certs though. Unfortunately I only have CEH (which I wouldn't really call a red team cert) and pentest+ on the offensive side of it. All the tests seem very similar, study the material, learn it, then take the test. I seem to do really well on traditional style of tests. I am just a little concerned about the whole OSCP style of test. I feel I need to at least practice hands on with what type of topics it will cover to feel like I would be comfortable taking the test. I guess what worries me is those that claim that everyone they know has to do the test at least a few times to pass it. Being that this will all be out of my own pocket, I am hoping to reduce having to do retakes. I typically pass all the other tests on the first try as I tend to over prepare.

I do have my own home lab. Are there any guides on what to setup to best practice? I currently have metasploitable and dvwa in my lab along with a few random vulnhub images. Does anyone know of any good other / additional good studying materials for the OSCP? If I have to take the OSCP class to take the test, I rather take just the bare minimum to keep the cost down.

Net@NetworkNewb do you have the OSCP? If so, what type of background do you have in regards to the materials that were on the OSCP and what did you do to prepare for it?

greengeek

yoba222 the PTS labs look very similar to the stuff I already either do for work currently or had to do to study for the other certs. The PTP looks interesting, but I also agree that I wish they were a bit more detailed on their description to know if it is something that would fit into ones studying.

LonerVamp

Are you comfortable in Linux? Have you popped a root shell on anything before? If yes, you're ready for OSCP. If not, you can continue riding the fence.

(And by that I mean, if you answered yes to the first question and no to the second, go OSCP as well.)

greengeek

Haha, thanks LonerVamp. I am decent with Linux. Maintain a few servers for my work and a few at home that are running projects or that I just mess around with containers on. I think I will take yours and NetworkNewbs advice and glance over all the key objective bullet points and focus my self study on any that I am not familiar with and then jump right into the OSCP training and exam.