+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 38

Thread: eCPPT thread

  1. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #1

    Default eCPPT thread

    I finished off the eJPT last weekend and I'm now trying to move full steam along with the eCPPT. Anyone else studying for it?
    Currently working on: Resting
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Aug 2011
    Location
    Fort Lauderdale, Fl
    Posts
    47

    Certifications
    CompTIA: A+, Network +. Security+, MCTS: 70-680, 70-642
    #2
    I will be. How long roughly did it take you to do the eJPT studies ? I'm at the end of module 3 of the preliminary , but everything so far seems really straight forward. Due to doing the payment plan though, I'll only have access to a portion of the eCPPT material each month until its paid off. So when month 2 hits for example, I'll get the next section on top of what I already have, month 3 a newer section on top of the last 2, etc.
    Reply With Quote Quote  

  4. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #3
    Interesting. I didn't realize it worked that way.

    eJPT took me too long. I purchased it around April. I could have completed it in month, but I wasn't in a hurry.

    I'm currently in the web application section. Web Application is probably my weakest area since most of it is entirely new for me.
    Currently working on: Resting
    Reply With Quote Quote  

  5. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #4
    Made it through through reading the WebApp and System Security sections. A lot of it is review for me with introductions to new tools. The System Security section brought up topics that are entirely new to me, Buffer Overflow and Shell Coding. I think this is what is going to be the hardest for me. I'm not a developer and I remember nearly zero from my C programming class in college.
    Currently working on: Resting
    Reply With Quote Quote  

  6. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,328

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #5
    Skimming through the objectives, I think buffer overflow might be one of the trickiest topics in pentesting in general!
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  7. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #6
    Started the Ruby section yesterday and should be finished with the first module this evening. The material is well written and I'm enjoying it. After I'm done with Ruby I'm going to turn back to turn around and start trying to digest the Buffer Overflow and Shell Coding sections.
    Currently working on: Resting
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Feb 2015
    Location
    Tampa, FL
    Posts
    269

    Certifications
    GPEN/GCIH/CEH
    #7
    Are there more videos in the Pro class? I know I wasn't a big fan of the slides in the student class.
    Reply With Quote Quote  

  9. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #8
    There are quite a few more videos. You have to keep in mind that there is a lot more content as well. If videos are your method of study then this is probably not for you.
    Currently working on: Resting
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Jan 2011
    Location
    Romania
    Posts
    205

    Certifications
    eCPPT, RHCSA, RHCE, RED HAT EX405
    #9

    Default eCCPT exam review

    Hi guys


    I've learned alot on this forum so it is my time to give something back. Here is my eCCPT exam review maybe someone will find something useful here.

    About a month ago I've got the confirmation that I passed the exam.

    Since the exam is 7 days long I took a week off just to focus on the exam. I've started sunday after lunch in order have have my head clear.

    While my progress was good and manage to reach all the points without using all the days provided I failed my first attempt. Why ? Because I didnt do a good report. Guess what: I was so f$%^& thrilled that I managed to get all the objectives that I've neglected the reporting part. And the most frustrating part is that all those missing parts from the report were present inside the notes I've tooked during the pentest phase. You cant imagine the anger when I've seen the feedback and realize that it was correct.

    Advice: before writing and AFTER finishing the report read another time the reporting guide included in the course. It will save you an attempt

    Another advice: when you're blocked get a break. I was blocked on the buffer overflow section for a whole day (my bad and it was something so trivial that I've used some not very nice words when I realized what the problem was) - from 8am to 10 pm. I got to bed and in the morning went to the gym. I swam a few pools, stayed a little in the sauna and started again. In 2 hours I was able to finish what I could not the whole day before.

    TAKE NOTES. This saved me alot of time both during the test and when I redid my report.

    If an attack/exploit doesnt work for you read your notes again, they will point you in the right direction.

    Stay calm, 7 days are more than enough. If you understood the material you cannot fail. You have been given everything needed to pass the exam.

    The exam is great. It simulates a real penetration test and it was FUN.

    Feel free to ask if you want to know something.
    Last edited by Bodanel; 08-11-2015 at 05:58 AM. Reason: Formated for easy reading
    Reply With Quote Quote  

  11. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #10
    @Bodanel: Thank you for taking the time to write about your eCPPT experience. May I ask what your background is and if any of your experience helped with this exam?
    Currently working on: Resting
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Jan 2011
    Location
    Romania
    Posts
    205

    Certifications
    eCPPT, RHCSA, RHCE, RED HAT EX405
    #11
    @veritas_libertas

    Hi

    I have a bachelor in Computer Science, 11 years in the IT field (3 as support, 8 as sysadmin). Experience helped alot. I moved very fast over the basics of system and networking sections as I already knew lots of information presented there. I also ignored the Ruby section since I know some basic BASH and Python (i could use during the exam some of the code I developed for another course) so I could focus on other topics.
    Reply With Quote Quote  

  13. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #12
    Still going through Ruby. The stomach bug had me out of commission for most of the weekend. Getting back into PDFs and hitting it hard. I'm still enjoying Ruby and finding it to be a lot easier to digest than some languages I have to tried to pick up like C and Python.
    Currently working on: Resting
    Reply With Quote Quote  

  14. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #13
    I've been digging into the Buffer Overflow section now for about a week. It's been slow going as I try to get use to to Assembly understanding the memory stack and getting at least a novice understanding of C. It's been rough going and a few things have really helped:

    • eCPPT forums are good. I wish there were more threads and active members, but that's not eLearnSecurity's fault.
    • Georgia Wiedman's section on exploit development on Cybrary is really clearing things up for me. Hearing the same thing explained differently helps and she does a great job breaking it down: https://www.cybrary.it/video/exploit...opment-part-2/

    Basically I'm being forced to learn multiple language and new concepts at once: Ruby, Python, Assembly and x86 memory architecture. Ugh!
    Currently working on: Resting
    Reply With Quote Quote  

  15. ProEthicalHacker.com fuz1on's Avatar
    Join Date
    Dec 2014
    Location
    silicon valley, where we speak that bay area slang
    Posts
    938

    Certifications
    CCNA CCENT ITIL SSCA SSVVP WSQD WSQI Cloud+ Mobility+ Security+ Linux+ Network+ Server+ Project+ A+ HIT LPIC-1 CLA11 ACE ace/PACA SSBBP SSLP CMS SCP
    #14
    Fellow eLearnSecurity SRL student here! I'm about ready to take the certification exam! Good luck!
    Reply With Quote Quote  

  16. Junior Member
    Join Date
    Mar 2015
    Posts
    12
    #15
    how did you find the course?
    I'd like to sign up too but I'm still undecided between this and the oscp..
    Reply With Quote Quote  

  17. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #16
    Trying to get my work to pay for this
    Reply With Quote Quote  

  18. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #17
    Been slow going lately. Work and life sometimes just get in the way
    Currently working on: Resting
    Reply With Quote Quote  

  19. ProEthicalHacker.com fuz1on's Avatar
    Join Date
    Dec 2014
    Location
    silicon valley, where we speak that bay area slang
    Posts
    938

    Certifications
    CCNA CCENT ITIL SSCA SSVVP WSQD WSQI Cloud+ Mobility+ Security+ Linux+ Network+ Server+ Project+ A+ HIT LPIC-1 CLA11 ACE ace/PACA SSBBP SSLP CMS SCP
    #18
    Quote Originally Posted by pstiva View Post
    how did you find the course?
    I think the course is great! Informative, in-depth and comprehensive. They also update course material which is refreshing. I haven't taken anything Offensive Security but I hear good things about them too. As for recognition, OSCP (and their partnership with Kali Linux) wins. It typically takes a long time for penetration testing certifications to get known to HR departments but eCPPT is well on its' way there (even OSCP took a couple years).
    Reply With Quote Quote  

  20. Member
    Join Date
    Sep 2015
    Posts
    84

    Certifications
    OSCP, OSWP, eWPT
    #19
    is there some reason to do eCPPT after OSCP? because I think about do eCPPT because syllabus looks good
    Reply With Quote Quote  

  21. Member
    Join Date
    Aug 2015
    Location
    Roselle Park, NJ
    Posts
    30

    Certifications
    eJPT, eCPPT
    #20
    Veritas any updates?

    I received my eJPT cert in September and took a bit of a break, I got pretty burned out from trying to earn eJPT as fast as possible. I did eJPT in about a month.

    I started eCPPT and I was hoping to catch up to you, I'm on the shellcoding module right now. I have zero programming or infosec experience or background, so I definitely slowed down a lot once I hit the buffer overflow/shellcoding stuff.
    Reply With Quote Quote  

  22. Junior Member
    Join Date
    Dec 2015
    Posts
    18
    #21
    Quote Originally Posted by veritas_libertas View Post
    Been slow going lately. Work and life sometimes just get in the way
    I have been thinking about taking the eJPT and after the eCPPT. Did you have any prior experience going into the eJPT? Like working experience or previous certs that might have helped. I have been going through the prof messer vids for a+ net+ and working through net+ now to sec+ and its sooooo slow. I know quite a bit already but was just wondering if any of that is actually going to help me with pen testing.
    Reply With Quote Quote  

  23. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #22
    Hah... sorry everyone. I've been pretty busy and hadn't realized anyone had replied to this thread. I'll update it soon and give a status. Suffice to say I haven't given up on the course and exam.
    Currently working on: Resting
    Reply With Quote Quote  

  24. ProEthicalHacker.com fuz1on's Avatar
    Join Date
    Dec 2014
    Location
    silicon valley, where we speak that bay area slang
    Posts
    938

    Certifications
    CCNA CCENT ITIL SSCA SSVVP WSQD WSQI Cloud+ Mobility+ Security+ Linux+ Network+ Server+ Project+ A+ HIT LPIC-1 CLA11 ACE ace/PACA SSBBP SSLP CMS SCP
    #23
    Same here. I plan on taking it ASAP! Keep you guys posted on my progress and anything else useful...

    Good luck, veritas_libertas!
    Reply With Quote Quote  

  25. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #24
    Quote Originally Posted by chazb0t View Post
    Veritas any updates?

    I received my eJPT cert in September and took a bit of a break, I got pretty burned out from trying to earn eJPT as fast as possible. I did eJPT in about a month.

    I started eCPPT and I was hoping to catch up to you, I'm on the shellcoding module right now. I have zero programming or infosec experience or background, so I definitely slowed down a lot once I hit the buffer overflow/shellcoding stuff.
    This and the Web App section are going to be the hardest for me. Fun though. A book that's been helping me immensely is Georgia Wiedman's book, "Penetration Testing: A Hands-On Introduction to Hacking" Penetration Testing: A Hands-On Introduction to Hacking: Georgia Weidman: 9781593275648: Amazon.com: Books. The sections on shell scripting, buffer overflows and shell coding was worth the price of the book. It's hard to find a good introduction. I think eLearnSecurity's documentation is enough, but hearing it explained differently by someone else seems to fill in blanks for me.

    These sites are nice for exploit development:

    FuzzySecurity | Tutorials
    https://www.cybrary.it/course/advanc...ation-testing/

    Quote Originally Posted by Surrealalucard View Post
    I have been thinking about taking the eJPT and after the eCPPT. Did you have any prior experience going into the eJPT? Like working experience or previous certs that might have helped. I have been going through the prof messer vids for a+ net+ and working through net+ now to sec+ and its sooooo slow. I know quite a bit already but was just wondering if any of that is actually going to help me with pen testing.
    I had done the GPEN/SANS560 before taking the eJPT. Work paid for it and it was excellent.

    A+ and Network+ knowledge is important if you want to get into INFOSEC. It all builds on top of each other. VLANs, Operating Systems, Group Policy, File Permissions, etc. Don't be a tool guy/gal. You have to love learning and studying.

    Quote Originally Posted by eth0 View Post
    is there some reason to do eCPPT after OSCP? because I think about do eCPPT because syllabus looks good
    Well I'm planning on doing the OSCP after the eCPPT. I enjoy the challenge and want to do it to improve my skills and hopefully prove myself to my employer and future employers. I certainly don't think it would hurt you.
    Last edited by veritas_libertas; 12-24-2015 at 07:43 PM.
    Currently working on: Resting
    Reply With Quote Quote  

  26. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,652

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #25
    I'm currently in the labbing, review, and note taking phase. Trying to grab any time I can to get ready between work and family. I'm nervous about the exam because I know it's gonna be long and to be honest the report writing is my worst fear If anyone who has been through the eCPPT and OSCP has any advise on writing reports I'll gladly take it.
    Currently working on: Resting
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks