eLearn Security eWPT
NovaHax
Member Posts: 502 ■■■■□□□□□□
Has anyone taken the exam? What can I expect? I just received an email from eLearn containing this phrase:
"Once you redeem your voucher you will have 7 days to perform your penetration test and
other 7 days to upload the exam (So total 14 days from the beginning of the process)."
Do you really have a full week for live testing in the exam environment? Seems like overkill to me.
"Once you redeem your voucher you will have 7 days to perform your penetration test and
other 7 days to upload the exam (So total 14 days from the beginning of the process)."
Do you really have a full week for live testing in the exam environment? Seems like overkill to me.
Comments
-
xax
Member Posts: 41 ■■□□□□□□□□
Hi.
This evening I'm sending eWPT final report.
Yes, the lab environment is available for 7 days, but you must not use it for 7 days, you can. For example, I've used it for only 3 or 4 days.
For me that I had no experience in pen testing the eWPT exam it was very nice and useful. -
NovaHax
Member Posts: 502 ■■■■□□□□□□
Good luck man...I assume if you are calling it after just a few days, you feel pretty confident then?
-
xax
Member Posts: 41 ■■□□□□□□□□
Eh eh...yes
But as my first pen test I'm not really sure of anything.
P.S: One of the good things about eLearnSecurity is that the staff is very very helpful -
NovaHax
Member Posts: 502 ■■■■□□□□□□
Keep us posted man. I'll probably be throwing my thoughts up here in a month or so when I'm finished.
-
NovaHax
Member Posts: 502 ■■■■□□□□□□
How look eWPT exam in details?
1. Here's an App
2. Test the App
3. Gain Admin Access to App
4. Document all findings
...you have 7 days -
eth0
Member Posts: 86 ■■□□□□□□□□
1. Here's an App
2. Test the App
3. Gain Admin Access to App
4. Document all findings
...you have 7 days
is possible to use tools like sqlmap etc? is hard to do this? for example on OSCP I even don't used Burp or ZAP, just all from browser without plugins lol... -
xXxKrisxXx
Member Posts: 80 ■■■■□□□□□□
You aren't restricted on any tools. We're not allowed to divulge much on the exam. NovaHax summed it up in those 4 steps. I'll add in the recommendation of completing all of the Labs before taking on the exam.
-
eth0
Member Posts: 86 ■■□□□□□□□□
xXxKrisxXx wrote: »You aren't restricted on any tools. We're not allowed to divulge much on the exam. NovaHax summed it up in those 4 steps. I'll add in the recommendation of completing all of the Labs before taking on the exam.
Hmm, so if I good understand there are no limits and I can use sqlmap, payloads from metasploit etc?
OK, is fine because I don't look for any solutions etc, just wanted know how it look. -
NovaHax
Member Posts: 502 ■■■■□□□□□□
xXxKrisxXx wrote: »I'll add in the recommendation of completing all of the Labs before taking on the exam.
I'll second this. -
eth0
Member Posts: 86 ■■□□□□□□□□
this course and labs are f* boring and unreal, some bug-logic that will never exist in real app etc like searching password on images after enumeration by next numbers in file name wtf
-
Mike7
Member Posts: 1,107 ■■■■□□□□□□
this course and labs are f* boring and unreal, some bug-logic that will never exist in real app etc like searching password on images after enumeration by next numbers in file name wtf
eWPT is more for beginners. You may be more interested in the more advanced https://www.elearnsecurity.com/certification/ewptx/
It includes evasion techniques to bypass WAF and others filters.
There is a review at Course Review: eLearnSecurity WAPTX (WebApp PenTester Extreme) - InfoSec Daily News
