New eCPPT GOLD certification

YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
Hey guys, it looks like elearnsecurity came out with a new certification this week. Take a look ECPPT GOLD - Practical Penetration Testing Certification .

I know a lot of people here are fans of the OSCP but I think this certifications deserves some attention.

I spoke to elearnsecurity regarding the certifications and found some interesting information.

*This is the 1st "real" pentest certifications because you will need to find every vulnerability in the network and also create your own exploit regarding an in house application..and of course turning in a detailed report. I really think these two main points of the new certification are intriguing.

Comments

  • dbrinkdbrink Member Posts: 180
    Interesting, definitely something to check out.
    Currently Reading: Learn Python The Hard Way
    http://defendyoursystems.blogspot.com/
  • HypntickHypntick Member Posts: 1,451 ■■■■■■□□□□
    Thanks for the info YuckTheFankies, i'm seriously considering going through the student course when i'm done with my MS. Luckily it seems like i've got management buy-in for my aspirations at work, so hopefully they'll be willing to foot the bill.
    WGU BS:IT Completed June 30th 2012.
    WGU MS:ISA Completed October 30th 2013.
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    And they are coming out with 4 new courses by July 2013, this should be interesting.
  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    This should be interesting. Seems similar to OSCP. I'm waiting though on a few reviews before signing up.
  • coty24coty24 Member Posts: 263 ■□□□□□□□□□
    Man this is great, I can't wait to hear some reviews as well. I need to do the student course :)
    Passed LOT2 :)Working on FMV2(CHFI v8 ) Done!
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    I would probably skip the student course. I would get the Professional v2 course and do outside research to learn topics you do not understand..save the $300-400.
  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    I've used the form on their website and asked them a few questions about the course. No answer after 2 weeks.
    Not very promising.
  • webgeekwebgeek Member Posts: 495 ■■■■□□□□□□
    I would probably skip the student course. I would get the Professional v2 course and do outside research to learn topics you do not understand..save the $300-400.

    I am probably going to start at the student level to learn python and c++. Also it states lifetime access to the course materials. Very tempting......
    BS in IT: Information Assurance and Security (Capella) CISSP, GIAC GSEC, Net+, A+
  • dbrinkdbrink Member Posts: 180
    webgeek wrote: »
    I am probably going to start at the student level to learn python and c++. Also it states lifetime access to the course materials. Very tempting......

    I wouldn't take the student course just for the c++ and python modules, there are free resources on the Internet that go more in depth.
    Currently Reading: Learn Python The Hard Way
    http://defendyoursystems.blogspot.com/
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    I agree with dbrink.

    @bodanel,

    They are usually quick on their responses but I havent received an email back either, from a message I sent last week. I do know they are in the middle of deploying two certifications this month and another two in July icon_silent.gif...it's possible they are using all their resources on that? Still, they do need to be more available in my opinion.
  • elearnsecurityelearnsecurity Inactive Imported Users Posts: 8 ■□□□□□□□□□
    Here we are. Please feel free to ask any question you may have here so that answers can benefit all.

    -Armando
  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    1. For an experienced sys admin or network admin with no previous knowledge of C++ or Python do you recomend the Professional course directly or they should do the student course first ?
    2. After you activate the lab there is a time frame in which you should use your lab hours?
    3. The labs are shared between students or each student has it's own lab?

    Thks
  • elearnsecurityelearnsecurity Inactive Imported Users Posts: 8 ■□□□□□□□□□
    Hi
    Good questions. Let's answer each.
    Bodanel wrote: »
    1. For an experienced sys admin or network admin with no previous knowledge of C++ or Python do you recomend the Professional course directly or they should do the student course first ?

    During the training course (and also part of the exam) you will be exposed to source code. Languages? PHP/C++/ASM/Python.
    Do you need to be a developer? No. You should be able to read what the code does. You are not required to produce your own code.

    As you can understand this is a highly practical course and 100% practical exam as well so in some parts this kind of knowledge is recommended. (Buffer overflow, Shellcoding modules, Rookit coding modules for example).

    The Student course can help with that. It has lots of samples about C++ and Python and also starts from the very basics.
    Bodanel wrote: »
    2. After you activate the lab there is a time frame in which you should use your lab hours?

    We have 2 kind of lab access: Flat and On-Demand.
    Flat means 30 or 60 days. That is 30 consecutive days from the moment you activate your lab time. You can activate your lab time within 90 days from purchase.

    On-demand means 30 or 60 hours to use at any time in the future with no expiration.
    If you spend 20 minutes on the lab you will only be accounted for 20 minutes. If you spend 5 minutes, only 5 minutes.
    Time starts once your VPN connection is established. We also give additional 30 minutes for any seconds wasted during VPN connection (if any, let's consider it a gift)


    Bodanel wrote: »
    3. The labs are shared between students or each student has it's own lab?

    Sharing is nice but not in this case.
    You are given completely isolated access to every and each lab scenario you will want to use.
    So if you want to use lab #7, click Start, few seconds and a new environment is deployed only for you.
    No one else on the machines or in the VPN tunnel. So it's fully dedicated to you.



    Hope this answers your questions.
    If you have more, feel free to ask.

    Regards
  • ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    Good questions. Let's answer each.
    Nice to see questions being addressed by Armando himself right on this forum
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less
    - discounted vouchers for certs
  • r0ckm4nr0ckm4n Member Posts: 63 ■■□□□□□□□□
    Has anyone on this message board taken both the OSCP course and the eCPPT GOLD course? If so would you recommend this course to someone that has been through the OSCP course? I passed my OSCP exam and was thinking about this course.
  • qasimchadharqasimchadhar Member Posts: 17 ■□□□□□□□□□
    Armando, thanks for detailed FAQ. I'm studying for eCPPT gold and wanted to know how much of system security module is covered in exam? I found it a bit difficult for me since I do not have much knowledge of C++ and shell coding.
  • TK1799_stTK1799_st Member Posts: 111
    I'm doing eCPPT next....seems to be more secure platform and professional compared to OSCP VPN.
    Having finished OSCP 90 day lab course - I found that most (if not all) machines were old and outdated...and that if you stay connected to the VPN too long, I got 3 different root, password crackers, and a log tool installed on my host laptop through the KALI VM.... I lost week wiping those tools off my machine and then monitoring what they could have stolen -- all within weeks of logging on to OSCP Labs... not good...

    Someone on here has taken both the OSCP and eCPPT -- stated you learn the same skill set. Also, speaking to certain US govt red teams - they use both - one or the other -- it's relevant to the Pen Test being performed. So don't think that OSCP is it -- after completing it - I wished I had skipped altogether and just save my time and $$$ and took the eCPPT... just my two cents...
Sign In or Register to comment.