Passed the eCPPT first time!

So I have completed the eCPPT training and test. Passed the whole thing the first time through and thoroughly enjoyed the material.
I will say the web portion was good for me in particular because that was a weaker area for me prior to the certification training and test. The Hera Labs and Coliseum are absolutely worth it if not just to play with, besides you cannot beat that price.
I will say the web portion was good for me in particular because that was a weaker area for me prior to the certification training and test. The Hera Labs and Coliseum are absolutely worth it if not just to play with, besides you cannot beat that price.
Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
Comments
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
Congratulations on a job well done, Chris:/* . What is next for you? Any plans?
I'm trying to work on the certification right now.
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
Thanks for the congrats from everyone.
I am changing locations right now so I will get back into the swing when I get settled with my new job. I plan on starting the OSCP followed by GCIH, GCIA and then GPEN. I plan to continue to grow in the Penetration Testing arena and expand my knowledge with the GSE track. I hope to be ready to start my DSc in 2014.
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
You get 30 days of access to each set of labs with the package I paid for. The Hera Labs are based on network based exploitation and the Coliseum labs are based on web exploitation.
I had plenty of network exploitation knowledge so I probably could have skipped it but I was hopping to see if there was anything in the course that I did not know. That being said the labs were very good overall especially if you have limited engagement experience.
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
But anyway, after the CCNA/CCNA Security next month, i'll start looking for options.
I've been pretty happy with my SecurityTube Python Scripting Expert Course.
I might take this. Having reviewed both the sample material for both OSCP and eCPPT courses, I was surprised to find that I liked the presentation style for eCPPT better.
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
Now that I look at it, I only read the first chapter in the store, looks like it goes to hell after that.
One issue I fear is that I have no real interest in programming outside of hacking. The programming for dummies books says that I should think of something id like to do and think of the steps... "hack system. produce shell..."
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
In my experience, there is no such thing as hand-holding when it comes to programming. You don't learn to code by having someone teach it to you. You learn it by someone giving you the general concepts and then you working through your own mistakes. You learn by diving in head first, making a large number of really dysfunctional scripts/programs and then figuring out where you went wrong. I personally think SPSE is a really good place to start coding...even if you have no former experience. It gives you all the basics you need (the general concepts). Once you start using some of the more complex libraries for security purposes, things do get hard and he does kinda throw you in the deep end. So it definitely takes some persistence, but its an awesome feeling each time you get a legit security tool working. I just recently created a script that uses Scapy to perform a MITM attack. Then sniffs for DNS query packets and then poisons DNS with a modified response from the gateway. Anytime a user on the victim machine attempts to access facebook, they are routed to a malicious duplicate under my control (created with SET - Social Engineering Toolkit). Enter your username and password...that information is passed to a backend database. And then re-routes them back to the legit facebook site so no foul play is suspected.
This was exactly how I felt at first. But you might find that once you start getting into it, you actually really enjoy it. I went from only being interested in exploit code, to regretting that I did my bachelors in info systems instead of compsci.