eLearn Security eWPT

Has anyone taken the exam? What can I expect? I just received an email from eLearn containing this phrase:

"Once you redeem your voucher you will have 7 days to perform your penetration test and
other 7 days to upload the exam (So total 14 days from the beginning of the process)."

Do you really have a full week for live testing in the exam environment? Seems like overkill to me.

Find more posts tagged with

Comments

xax

Hi.
This evening I'm sending eWPT final report.

Yes, the lab environment is available for 7 days, but you must not use it for 7 days, you can. For example, I've used it for only 3 or 4 days.
For me that I had no experience in pen testing the eWPT exam it was very nice and useful.

NovaHax

Good luck man...I assume if you are calling it after just a few days, you feel pretty confident then?

xax

Eh eh...yes

But as my first pen test I'm not really sure of anything.

P.S: One of the good things about eLearnSecurity is that the staff is very very helpful

NovaHax

Keep us posted man. I'll probably be throwing my thoughts up here in a month or so when I'm finished.

xax

Good luck!

eth0

How look eWPT exam in details?

NovaHax

eth0 wrote: »

How look eWPT exam in details?

1. Here's an App
2. Test the App
3. Gain Admin Access to App
4. Document all findings

...you have 7 days

eth0

NovaHax wrote: »

1. Here's an App
2. Test the App
3. Gain Admin Access to App
4. Document all findings

...you have 7 days

is possible to use tools like sqlmap etc? is hard to do this? for example on OSCP I even don't used Burp or ZAP, just all from browser without plugins lol...

xXxKrisxXx

You aren't restricted on any tools. We're not allowed to divulge much on the exam. NovaHax summed it up in those 4 steps. I'll add in the recommendation of completing all of the Labs before taking on the exam.

eth0

xXxKrisxXx wrote: »

You aren't restricted on any tools. We're not allowed to divulge much on the exam. NovaHax summed it up in those 4 steps. I'll add in the recommendation of completing all of the Labs before taking on the exam.

Hmm, so if I good understand there are no limits and I can use sqlmap, payloads from metasploit etc?

OK, is fine because I don't look for any solutions etc, just wanted know how it look

NovaHax

xXxKrisxXx wrote: »

I'll add in the recommendation of completing all of the Labs before taking on the exam.

I'll second this.

eth0

this course and labs are f* boring and unreal, some bug-logic that will never exist in real app etc like searching password on images after enumeration by next numbers in file name wtf

Mike7

eth0 wrote: »

this course and labs are f* boring and unreal, some bug-logic that will never exist in real app etc like searching password on images after enumeration by next numbers in file name wtf

eWPT is more for beginners. You may be more interested in the more advanced https://www.elearnsecurity.com/certification/ewptx/
It includes evasion techniques to bypass WAF and others filters.

There is a review at Course Review: eLearnSecurity WAPTX (WebApp PenTester Extreme) - InfoSec Daily News