Options

Passed the eCPPT first time!

Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
So I have completed the eCPPT training and test. Passed the whole thing the first time through and thoroughly enjoyed the material.

I will say the web portion was good for me in particular because that was a weaker area for me prior to the certification training and test. The Hera Labs and Coliseum are absolutely worth it if not just to play with, besides you cannot beat that price.
Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology

Comments

  • Options
    the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Congrats!!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • Options
    ipchainipchain Member Posts: 297
    Chris:/* wrote: »
    So I have completed the eCPPT training and test. Passed the whole thing the first time through and thoroughly enjoyed the material.
    .

    Congratulations on a job well done, Chris:/* . What is next for you? Any plans?
    Every day hurts, the last one kills.
  • Options
    jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    Congratulations on the pass.

    I'm trying to work on the certification right now.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • Options
    Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    ipchain wrote: »
    Congratulations on a job well done, Chris:/* . What is next for you? Any plans?

    Thanks for the congrats from everyone.

    I am changing locations right now so I will get back into the swing when I get settled with my new job. I plan on starting the OSCP followed by GCIH, GCIA and then GPEN. I plan to continue to grow in the Penetration Testing arena and expand my knowledge with the GSE track. I hope to be ready to start my DSc in 2014.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Options
    SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
  • Options
    the_hutchthe_hutch Banned Posts: 827
    I might do this before hitting OSCP as well. What was the price for the program? And how much lab access do you get?
  • Options
    Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    It took me 120 days to finish the training because I was completing it with my M.S. and a Gold Paper for SANS. I took the full 30 days for the certification portion to make sure that I found and documented everything. I spent just under a thousand for the course and all the labs.

    You get 30 days of access to each set of labs with the package I paid for. The Hera Labs are based on network based exploitation and the Coliseum labs are based on web exploitation.

    I had plenty of network exploitation knowledge so I probably could have skipped it but I was hopping to see if there was anything in the course that I did not know. That being said the labs were very good overall especially if you have limited engagement experience.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Options
    SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    im looking for a course to beef up my hands on experience before starting OSCP Personally I am concerned, I havent found a course that supposedly has a good course on programming. I understand the ELS Pro course has some ASM requirements, and the OSCP has required knowledge of Python, and maybe some others. While i'm sure there may be a module on basics in the PWB course, that is not the time for me to hear "try harder".

    But anyway, after the CCNA/CCNA Security next month, i'll start looking for options.
  • Options
    the_hutchthe_hutch Banned Posts: 827
    SephStorm wrote: »
    im looking for a course to beef up my hands on experience before starting OSCP Personally I am concerned, I havent found a course that supposedly has a good course on programming. the OSCP has required knowledge of Python, and maybe some others.


    I've been pretty happy with my SecurityTube Python Scripting Expert Course.
  • Options
    the_hutchthe_hutch Banned Posts: 827
    Chris:/* wrote: »
    It took me 120 days to finish the training because I was completing it with my M.S. and a Gold Paper for SANS. I took the full 30 days for the certification portion to make sure that I found and documented everything. I spent just under a thousand for the course and all the labs.

    You get 30 days of access to each set of labs with the package I paid for. The Hera Labs are based on network based exploitation and the Coliseum labs are based on web exploitation.

    I had plenty of network exploitation knowledge so I probably could have skipped it but I was hopping to see if there was anything in the course that I did not know. That being said the labs were very good overall especially if you have limited engagement experiencetyle.

    I might take this. Having reviewed both the sample material for both OSCP and eCPPT courses, I was surprised to find that I liked the presentation style for eCPPT better.
  • Options
    Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    When I was going through the course the designers of the course were talking about adding a coding section to the course in the future. I recommend picking up a couple of O'reily books and download the interpreter then go from there.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Options
    SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    "Scripting Expert"= scary. lol Well Ive done some bash scripting in preparation for the OSCP, but I doubt im ready to proceed to python or another real language. I think i'll need some hand-holding through that process. Although there was a programming book I was looking at that seemed to be written in English. Sams Teach Yourself Python in 24 Hours (Teach Yourself -- 24 Hours): Ivan Van Laningham,Ivan Van Laningham: 9780672317354: Amazon.com: Books

    Now that I look at it, I only read the first chapter in the store, looks like it goes to hell after that. :o

    One issue I fear is that I have no real interest in programming outside of hacking. The programming for dummies books says that I should think of something id like to do and think of the steps... "hack system. produce shell..."
  • Options
    Chris:/*Chris:/* Member Posts: 658 ■■■■■■■■□□
    You have to walk before you can run, if you do not understand variable scoping you cannot understand how to properly produce buffer overflow exploits. Avoid the Dummies and Sams books they teach you how to code in a fast but sloppy manner that will allow your code to be exploited.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • Options
    the_hutchthe_hutch Banned Posts: 827
    SephStorm wrote: »
    "Scripting Expert"= scary. lol Well Ive done some bash scripting in preparation for the OSCP, but I doubt im ready to proceed to python or another real language. I think i'll need some hand-holding through that process.

    In my experience, there is no such thing as hand-holding when it comes to programming. You don't learn to code by having someone teach it to you. You learn it by someone giving you the general concepts and then you working through your own mistakes. You learn by diving in head first, making a large number of really dysfunctional scripts/programs and then figuring out where you went wrong. I personally think SPSE is a really good place to start coding...even if you have no former experience. It gives you all the basics you need (the general concepts). Once you start using some of the more complex libraries for security purposes, things do get hard and he does kinda throw you in the deep end. So it definitely takes some persistence, but its an awesome feeling each time you get a legit security tool working. I just recently created a script that uses Scapy to perform a MITM attack. Then sniffs for DNS query packets and then poisons DNS with a modified response from the gateway. Anytime a user on the victim machine attempts to access facebook, they are routed to a malicious duplicate under my control (created with SET - Social Engineering Toolkit). Enter your username and password...that information is passed to a backend database. And then re-routes them back to the legit facebook site so no foul play is suspected.
    SephStorm wrote: »
    One issue I fear is that I have no real interest in programming outside of hacking. The programming for dummies books says that I should think of something id like to do and think of the steps... "hack system. produce shell..."

    This was exactly how I felt at first. But you might find that once you start getting into it, you actually really enjoy it. I went from only being interested in exploit code, to regretting that I did my bachelors in info systems instead of compsci.
  • Options
    goharnaseemgoharnaseem Registered Users Posts: 1 ■□□□□□□□□□
    Hi...my name is Gohar Naseem (University of Birmingham).....i need very badly the password for admin ... a requirement to pass the eCPPT exam... i would be very thankful to you if you provide me with password for admin ....waiting for a positive response...thanks in advance...and please give me your skype id or any other detail so that i can contact you...
Sign In or Register to comment.