eLearn Security eWPT

Has anyone taken the exam? What can I expect? I just received an email from eLearn containing this phrase:

"Once you redeem your voucher you will have 7 days to perform your penetration test and
other 7 days to upload the exam (So total 14 days from the beginning of the process)."

Do you really have a full week for live testing in the exam environment? Seems like overkill to me.

Comments

  • xaxxax Posts: 41Member ■■□□□□□□□□
    Hi.
    This evening I'm sending eWPT final report.

    Yes, the lab environment is available for 7 days, but you must not use it for 7 days, you can. For example, I've used it for only 3 or 4 days.
    For me that I had no experience in pen testing the eWPT exam it was very nice and useful.
  • NovaHaxNovaHax Posts: 502Member
    Good luck man...I assume if you are calling it after just a few days, you feel pretty confident then?
  • xaxxax Posts: 41Member ■■□□□□□□□□
    Eh eh...yes :) But as my first pen test I'm not really sure of anything.


    P.S: One of the good things about eLearnSecurity is that the staff is very very helpful
  • NovaHaxNovaHax Posts: 502Member
    Keep us posted man. I'll probably be throwing my thoughts up here in a month or so when I'm finished.
  • xaxxax Posts: 41Member ■■□□□□□□□□
    Good luck!
  • eth0eth0 Posts: 86Member ■■□□□□□□□□
    How look eWPT exam in details?
  • NovaHaxNovaHax Posts: 502Member
    eth0 wrote: »
    How look eWPT exam in details?

    1. Here's an App
    2. Test the App
    3. Gain Admin Access to App
    4. Document all findings

    ...you have 7 days
  • eth0eth0 Posts: 86Member ■■□□□□□□□□
    NovaHax wrote: »
    1. Here's an App
    2. Test the App
    3. Gain Admin Access to App
    4. Document all findings

    ...you have 7 days

    is possible to use tools like sqlmap etc? is hard to do this? for example on OSCP I even don't used Burp or ZAP, just all from browser without plugins lol...
  • xXxKrisxXxxXxKrisxXx Posts: 72Member ■■■■□□□□□□
    You aren't restricted on any tools. We're not allowed to divulge much on the exam. NovaHax summed it up in those 4 steps. I'll add in the recommendation of completing all of the Labs before taking on the exam.
  • eth0eth0 Posts: 86Member ■■□□□□□□□□
    xXxKrisxXx wrote: »
    You aren't restricted on any tools. We're not allowed to divulge much on the exam. NovaHax summed it up in those 4 steps. I'll add in the recommendation of completing all of the Labs before taking on the exam.

    Hmm, so if I good understand there are no limits and I can use sqlmap, payloads from metasploit etc?

    OK, is fine because I don't look for any solutions etc, just wanted know how it look :).
  • NovaHaxNovaHax Posts: 502Member
    xXxKrisxXx wrote: »
    I'll add in the recommendation of completing all of the Labs before taking on the exam.

    I'll second this.
  • eth0eth0 Posts: 86Member ■■□□□□□□□□
    this course and labs are f* boring and unreal, some bug-logic that will never exist in real app etc like searching password on images after enumeration by next numbers in file name wtf :)
  • Mike7Mike7 Posts: 1,052Member ■■■■□□□□□□
    eth0 wrote: »
    this course and labs are f* boring and unreal, some bug-logic that will never exist in real app etc like searching password on images after enumeration by next numbers in file name wtf :)

    eWPT is more for beginners. You may be more interested in the more advanced https://www.elearnsecurity.com/certification/ewptx/
    It includes evasion techniques to bypass WAF and others filters.

    There is a review at Course Review: eLearnSecurity WAPTX (WebApp PenTester Extreme) - InfoSec Daily News
Sign In or Register to comment.