Just signed up for eCPPT!!

so i was studying for the C|EH and the Network+ but i realized i wasn't learning anything new in the C|EH, and the only reason im doing the network+ is to help me achieve my goal (OSCP), so i decided to just drop it and sign up for the elearnsecurity professional V2 course. i will update as i go along and post a review at the end!

Let the hacking begin

-N

Find more posts tagged with

Comments

cgrimaldo

Keep this thread updated!

Hypntick

Yeah i'm taking the C|EH on the 9th next month for WGU, however i'm also looking at the eCPPT as well. I'm not 100% certain I know enough to take it, but i'm really considering it right now. Good luck on the studies, i'd like to see updates on it!

naftalir

so Far the course is really good they have very well presented slides and videos (once in a while i catch a typo, but no big deal).
i really enjoyed my first lab (they made a fake website/company and i had to gather info on the employees and such and turn all of it into a visual graph (using freemind)).

there is only 1 con i saw so far and that is:
in the recommended pre-requisites it does not mention that you need to know linux (not really a problom since i assume most people taking this course have some experience in linux/backtrack) but for those who do not have any experience in linux/backtrack i would strongly advise you at least get semi-comfortable with the shell/terminal before you start the course.

i will keep updating

the_hutch

I'll be interested to see how your feeling towards then end of the first month. I am plannning on taking either OSCP or eCPPT starting next month. Still up in the air.

naftalir

so i finished the network security section (didn't do the labs yet since i have a home lab set up so for now thats all i used i will active my hera labs later on), i thought the material was good but not very advanced i have experience with network security so i didnt think much of the network security part but i did learn some neat tricks in metasploit that i did not know about or use before (i really liked the pivoting section).

currently i am in the 5th module of the web application security and i really am loving this part(sub-course) of the course since i never really had any web-app security experience and i was really looking forward to this part, the intro was a nice short intro about cookies,session ids,and the http protocol (nothing really new here but still nice), the info gathering section was really long and i was dieing to start the XSS section already so i didnt really study it so well (i will return to that section and review it sometime in the near future) but it was nice and showed some cool stuff like mapping out a website and what web-apps are being used in its different sections and some other stuff, the 3rd module (vulnerability assessment) was basicly showing how to use nikto & nessus i was a bit disappointed they didnt explain how to use w3af but in the course forums someone posted a nice tutorial and you can find a bunch on youtube, the section i just finished was the XSS section which i really really loved, but be warned DO NOT start if you do not know HTML and some javascript, i was pretty confused at times about whats going on since i didnt really know JS but you can find a nice course on http://www.codecademy.com that is completely free, im still working on it and improving my JS skills i would also really recommend taking the HTML course on the codecademy.com website and downloading "learn php offline" app from the android market (if you have a android phone

) and the "learn HTML-CSS-Javascript" app as well (android market) i went threw the whole "learn php offline" app (i think it was excellent) and i am currently finishing up the javascript section in the "learn HTML-CSS-Javascript" app (also excellent), as for the XSS section, at first i was a bit disappointed that the section was only 144 slides + 2 videos (what can i say i wanted more) and i didnt feel i knew it that well but then i went to the labs and i practiced and i got alot better (there are 2 labs on reflected XSS and 1 on persistent XSS), also my friend who took a 8 month course on web development and now has a job developing websites just made a new website, so i asked him if i could try to hack his website, he said i could try but i wouldnt be able to since he put input validation and some security measures on his forms,etc. ,after around 10 minutes i found a persistent XSS vulnrability (in the course they teach you a really neat method to bypass certain input validation methods) and a short while after, i injected so many scripts & junk on 2 his site that you would get a error(DOS) if you went to that subdomain and if you had Noscript then you could see it was defaced(I KNOW!!!!!), so he fixed it up and again today i was able to Deface it (my JS is getting better and i didnt crash it this time) again. so i summery im really loving the course so far (and the customer service there is really great!).

on 2 finishing my JS then learning SQL and then SQL INJECTIONS!!