+ Reply to Thread
Page 1 of 4 1 234 Last
Results 1 to 25 of 91

Thread: eCPPT journey

  1. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #1

    Default eCPPT journey

    Judging by my track record, I'm not the best at keeping track of my studying progress, but let's try.

    I'm about to do my very first LAB as part of eLearnSecurity PTPv3, and I know few members in this forum are doing the same course (some PM'd me), so how about we keep track of our progress in this thread??

    Feel free to post updates if you're doing the PTP3 course..
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2011
    Location
    DMV
    Posts
    220
    #2
    Good luck unix.
    Reply With Quote Quote  

  4. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #3
    Good luck. Reach out to me to me if you have any questions. I didn't do a very good job of tracking either
    Currently working on: Resting
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Apr 2011
    Location
    DMV
    Posts
    220
    #4
    Guys,
    The demo had backtrack in it, do you know if that was updated or the current version is still using backtrack?

    Thanks
    Reply With Quote Quote  

  6. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,357

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #5
    @NetworkNewb, you can do lab time either hourly, or daily I believe. I have hourly. I believe the lab time starts when you first use it, and only each time you start labbing, one unit is used up (an hour or a day) no matter how much of that unit you actually use it.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  7. Reticulating splines... iBrokeIT's Avatar
    Join Date
    Jul 2013
    Location
    Twin Cities, MN
    Posts
    1,045

    Certifications
    GCIH, GSEC, VCAP5-DCA, VCP5-DCV, MCITP:EA, MCSA 2003/08
    #6
    Quote Originally Posted by NetworkNewb View Post
    If I bought PTP course now (being 20% off) does that lab time not go down until I use it? Or does your lab time go off from when you bought the course? Like would it be fine for me to buy the course right now and not start it for a month or two.
    Your lab time you can used any time, even after you get certified it will still be available if you didn't use it all. You have a lab section on the course page where you manually start/stop the lab environment that you VPN into.

    BUT if you purchase the Barebones or Full package you have 180 days to use your Certification Voucher that came with your package. The "Infinity Certification Voucher" with the Full package doesn't expire.
    Reply With Quote Quote  

  8. Member
    Join Date
    Aug 2015
    Location
    Roselle Park, NJ
    Posts
    31

    Certifications
    eJPT, eCPPT
    #7
    I just finished the last chapter in the Network Security module which is Social Engineering, I'm starting the Ruby and Metasploit module either tonight or tomorrow morning.
    Reply With Quote Quote  

  9. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    643

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, Dell Sonicwall CSSA, Dell Sonicwall Email Security,CompTIA CSA+, CompTIA Security+, CompTia Network+
    #8
    I am coming close to finishing PTS. Looking forward to doing PTP!
    2018 Certification Goals: OSCP []

    Blog: www.hackfox.net
    Reply With Quote Quote  

  10. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #9
    @joneno: yeah I noticed that the videos has backtrack but I thought it doesn't really matter, same tools, same instructions.


    I'm still in the web security...reading through SQL Injections.
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Apr 2011
    Location
    DMV
    Posts
    220
    #10
    O.K thanks unix.
    Reply With Quote Quote  

  12. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #11
    Still reading through the PDFs of the first section (Web Security) and going through the videos now, I noticed there are few tools not mentioned in the PDFs but they're in the videos (unlike eJPT)....so we're expected to know all these tools? haven't got to the labs yet
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  13. Member
    Join Date
    Aug 2015
    Location
    Roselle Park, NJ
    Posts
    31

    Certifications
    eJPT, eCPPT
    #12
    Quote Originally Posted by UnixGuy View Post
    Still reading through the PDFs of the first section (Web Security) and going through the videos now, I noticed there are few tools not mentioned in the PDFs but they're in the videos (unlike eJPT)....so we're expected to know all these tools? haven't got to the labs yet
    I think the PDFs and labs have been updated, but the videos are out of date. The presenter still uses backtrack.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,870

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #13
    Maybe they just liked Backtrack but updated all of the tools that they use??

    It might be safe to ask if the video's have been updated on the forums.
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  15. Member
    Join Date
    Jan 2016
    Location
    Malta
    Posts
    52

    Certifications
    A+, Net+, MCSE 2000, CCNA, eJPT, LPIC1, OSCP
    #14
    Im contemplating if to sign up for this course or not. I enjoyed the eJPT course and there are also quite some good reviews about it which i can confirm first hand but nothing as solid on this eCPPT course. Was hoping some for some solid feedback in this thread but you guys doing this course now seem a little hesitant about it.

    Can any of you guys doing this course actually recommend it or am i better off saving the course money and spend 2 months to seriously prepare for OSCP instead of eCPPT. A any feedback by today is welcome considering the 20% discount.....im not really paying for it since my work is paying for all my courses but a 20% discount would be welcomed by anybody

    Thanks
    Reply With Quote Quote  

  16. Member
    Join Date
    Aug 2015
    Location
    Roselle Park, NJ
    Posts
    31

    Certifications
    eJPT, eCPPT
    #15
    Quote Originally Posted by luger View Post
    Im contemplating if to sign up for this course or not. I enjoyed the eJPT course and there are also quite some good reviews about it which i can confirm first hand but nothing as solid on this eCPPT course. Was hoping some for some solid feedback in this thread but you guys doing this course now seem a little hesitant about it.

    Can any of you guys doing this course actually recommend it or am i better off saving the course money and spend 2 months to seriously prepare for OSCP instead of eCPPT. A any feedback by today is welcome considering the 20% discount.....im not really paying for it since my work is paying for all my courses but a 20% discount would be welcomed by anybody

    Thanks
    I'm loving it, it's definitely the next logical progession before the OSCP. Since I have no industry experience I feel like it's more mandatory for me, if you breezed through eJPT you might be OK skipping it and going straight to OSCP.

    From what I read on these forums and Reddit, I'd rather be overprepared for the OSCP(if there is such a thing) than be underprepared and have to re-take.
    Reply With Quote Quote  

  17. Member
    Join Date
    Jan 2016
    Location
    Malta
    Posts
    52

    Certifications
    A+, Net+, MCSE 2000, CCNA, eJPT, LPIC1, OSCP
    #16
    Quote Originally Posted by chazb0t View Post
    I'm loving it, it's definitely the next logical progession before the OSCP. Since I have no industry experience I feel like it's more mandatory for me, if you breezed through eJPT you might be OK skipping it and going straight to OSCP.

    From what I read on these forums and Reddit, I'd rather be overprepared for the OSCP(if there is such a thing) than be underprepared and have to re-take.

    Thanks for the feedback mate, now officially enrolled to the eCPPT course with the rest of you. I will probably have to wait another month before i actually start to get my hands dirty on this and really cant wait.

    Will still be following this thread eagerly just the same
    Reply With Quote Quote  

  18. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #17
    Glad more of us are doing the eCPPT, lets keep on updating this thread!

    got busy with life and not studying as I should be, but I will.
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,870

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #18
    Gotta wait for the second paycheck this month before I can sign up for the eCPPT again. I can't wait to get back at this!
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  20. Member
    Join Date
    Oct 2014
    Posts
    67
    #19
    Quote Originally Posted by luger View Post
    Im contemplating if to sign up for this course or not. I enjoyed the eJPT course and there are also quite some good reviews about it which i can confirm first hand but nothing as solid on this eCPPT course. Was hoping some for some solid feedback in this thread but you guys doing this course now seem a little hesitant about it.

    Can any of you guys doing this course actually recommend it or am i better off saving the course money and spend 2 months to seriously prepare for OSCP instead of eCPPT. A any feedback by today is welcome considering the 20% discount.....im not really paying for it since my work is paying for all my courses but a 20% discount would be welcomed by anybody

    Thanks
    Having done eCPPT and OSCP, I think if you prepare hard enough for PWK and dedicate enough time to the lab environment you will persevere. There are good resources out there today that serve as perfect preparation for PWK. The main free resource out there right now that I found closest to PWK was Georgia Weidman's course on Cybrary titled, 'Advanced Penetration Testing'. She's an OSCP, and I feel like she's incorporated a lot of the PWK material inside of her free course. If you can grasp most of it, you'll be able to understand the PWK course content.

    The main emphasis I have to place here is you better have enough free time available in order to work through the labs. Do not give up. Georgia makes it look easy in her course - but when you're tasked with putting it all together in a lab environment, it's going to be a different situation. Lab time is so valuable, so if you register be sure to purchase enough.

    My opinion on the eCPPT material, I think it's great. I found the eCPPT Gold Exam is fantastic and way more impressive than their Silver Exam. eLearnSecurity's going to start gaining more recognition for their certifications once more and more people sign up and see how hands-on the exam is. The 20% discount is nothing you'll see Offensive Security do for their material.

    'Seriously preparing' for Penetration Testing for Kali is practically doing. You can't sit back and just watch videos and retain material. You're going to have to practice putting everything together and following the proper methodology in a lab environment for any of it to stick. You're going to have to think out of the box a bit in the course and do a whole lot of research. The course material has good stuff in it, but they don't teach you everything you need to know to pop every box. Each one is designed a specific way and can be attacked various ways.

    I remember doing this course back in 2010. No one publicly disclosed exam restrictions involved, the lab environment was updated significantly between Offensive Security 101 (PWB) v2 to Version 3. These days if you do quick searching around, you can pretty much find out what to expect on the examination and there's good resources out there to help you prepare for it (outside of the PWK Material). I remember back then all I had was time. I was a student and lived at home. I'd spend like 6-14 hours a day online doing research and hacking away at the lab environment. Do you currently work in IT luger? Do you see yourself hopping online as soon as you get home if you aren't burned out and taking a swing at the machines in the lab? From what I remember every day is counted as a lab day whether you connect in and try to break things or you don't. I'm not saying it's not do-able studying a couple hours every night and on weekends. I look at my situation now working a 40 hour week, and I know I wouldn't be able to pull it off like I did back then.

    I would weigh your decision based on your will power and the time you can commit to the labs. eCPPT is more at your own pace, they aren't going to make you, 'Try Harder', you can get hints on their practical lab challenges with the click of a button. The exam's not going to be a cake walk, and you're definitely going to have to prove that you have learned the core of the material. What I got the most out of PWK was that I couldn't get hints at the click of button. That I had to actually research it and learn why I had to do X, before trying Y, and Z. It's this type of learning style that enforces learning the techniques. This can break people and/or it can make people.
    Last edited by xXxKrisxXx; 05-02-2016 at 02:09 AM.
    Reply With Quote Quote  

  21. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #20
    @xXxKrisxXx: thanks for the write up!

    So do you think doing the eCPPT beforehand makes your PWK(OSCP) experience easier and less frustrating? I'm talking from the point of view of someone who is extremely busy during and after working hours!
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  22. Member
    Join Date
    Oct 2014
    Posts
    67
    #21
    You're welcome.

    Tough question to fully answer. The Penetration Tester Pro Lab Environment is a bit of a different setup than PWK. In PWK, they try to make it somewhat of a Live network. This is to say on some machines are installed scripts to mimic user behavior. This allows you to try out things like client-side attacks. Though things have changed significantly from the version of PTP v1 (the version I took) and PTP v3 (the current), my assumption is eLearnSecurity has made their lab environment the whole Hera Setup.

    I'm familiar with this setup because I've taken v1 of their Web Penetration Testing course, and I've seen something similar in their Practical Web Defense course. Hera is more like, you click on a button to activate a live instance of a Virtual machine. You're given a url or bootable sandboxed environment that you're allowed to test. The exercise loads up and you're given a scenario to complete. There's a hint button for each step. You're welcome to click on it and it'll tell you what to do and explain why. This is very helpful and everything. In PWK though, you have a lot of machines are active and have a lot of students attacking them. You may end up popping a machine and find that someone's already been there and left some information you can use to get further leverage. This could be things like they installed scripts or whatever. I loved how in PWK they really tried to make the 4 Networks simulate a real lab environment. They may pull 1 down for patching once in awhile. This could leave you finding out that you need to attack the machine a different way.

    Skills wise, if you can walk out of PTP with your eCPPT Certification, I would feel comfortable walking into the PWK class. You get the most out of PWK by having access to the labs. I wouldn't go so far as to say I consider the eCPPT a good pre-requisite to the OSCP course. They're both focused on Network Based Penetration Testing - but you'll find a little bit of Web Stuff in both. If you're extremely busy, sit through Penetration Tester Pro from eLearnSecurity and have a wack at the examination when you've gone through the material. If you found the whole interactive slide and some videos a good way to learn, eLearnSecurity is good. Hera labs are also great, but you're not going to have possibilities of breaking into over 50 hosts spread out across a well constructed lab environment. I have said it before and I'll say it again - PWK is always going to have a special place in my heart. I've seen eLearnSecurity improve it's course work and challenges so much over the years. This company is something special too, and their training is great and affordable.
    Reply With Quote Quote  

  23. Member
    Join Date
    Jan 2016
    Location
    Malta
    Posts
    52

    Certifications
    A+, Net+, MCSE 2000, CCNA, eJPT, LPIC1, OSCP
    #22
    Quote Originally Posted by xXxKrisxXx View Post
    Having done eCPPT and OSCP, I think if you prepare hard enough for PWK and dedicate enough time to the lab environment you will persevere. There are good resources out there today that serve as perfect preparation for PWK. The main free resource out there right now that I found closest to PWK was Georgia Weidman's course on Cybrary titled, 'Advanced Penetration Testing'. She's an OSCP, and I feel like she's incorporated a lot of the PWK material inside of her free course. If you can grasp most of it, you'll be able to understand the PWK course content.

    The main emphasis I have to place here is you better have enough free time available in order to work through the labs. Do not give up. Georgia makes it look easy in her course - but when you're tasked with putting it all together in a lab environment, it's going to be a different situation. Lab time is so valuable, so if you register be sure to purchase enough.

    My opinion on the eCPPT material, I think it's great. I found the eCPPT Gold Exam is fantastic and way more impressive than their Silver Exam. eLearnSecurity's going to start gaining more recognition for their certifications once more and more people sign up and see how hands-on the exam is. The 20% discount is nothing you'll see Offensive Security do for their material.

    'Seriously preparing' for Penetration Testing for Kali is practically doing. You can't sit back and just watch videos and retain material. You're going to have to practice putting everything together and following the proper methodology in a lab environment for any of it to stick. You're going to have to think out of the box a bit in the course and do a whole lot of research. The course material has good stuff in it, but they don't teach you everything you need to know to pop every box. Each one is designed a specific way and can be attacked various ways.

    I remember doing this course back in 2010. No one publicly disclosed exam restrictions involved, the lab environment was updated significantly between Offensive Security 101 (PWB) v2 to Version 3. These days if you do quick searching around, you can pretty much find out what to expect on the examination and there's good resources out there to help you prepare for it (outside of the PWK Material). I remember back then all I had was time. I was a student and lived at home. I'd spend like 6-14 hours a day online doing research and hacking away at the lab environment. Do you currently work in IT luger? Do you see yourself hopping online as soon as you get home if you aren't burned out and taking a swing at the machines in the lab? From what I remember every day is counted as a lab day whether you connect in and try to break things or you don't. I'm not saying it's not do-able studying a couple hours every night and on weekends. I look at my situation now working a 40 hour week, and I know I wouldn't be able to pull it off like I did back then.

    I would weigh your decision based on your will power and the time you can commit to the labs. eCPPT is more at your own pace, they aren't going to make you, 'Try Harder', you can get hints on their practical lab challenges with the click of a button. The exam's not going to be a cake walk, and you're definitely going to have to prove that you have learned the core of the material. What I got the most out of PWK was that I couldn't get hints at the click of button. That I had to actually research it and learn why I had to do X, before trying Y, and Z. It's this type of learning style that enforces learning the techniques. This can break people and/or it can make people.
    Hi xXxKrisxXx,

    Thanks for your deep insight on both courses. Pen testing is what i really want to do in my career and willing to do anything to achieve my goals. I know it's not easy juggling a full time job and life plus such an intensive course. I currently work in infosec but not much into pen testing for the moment but i have been given the opportunity to do pen testing on some of our environments so thats a plus. I also manage the vulnerability scanner so i have a pretty good idea of how things work in that aspect. Im quite sure i can take in 4-5hrs a day after work. I know it's not easy but i should be mentally capable

    Thanks once again.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Dec 2007
    Location
    Grand Rapids, Michigan
    Posts
    1,870

    Certifications
    Network+ : A+ : Security+ : eJPT : Life+
    #23
    xXxKrisxXx

    Thank you so much for the comparison and review! I wasn't sure if the eCPPT would be a great step towards the OSCP or not but you really gave some important information and answered a few questions that I had. I plan on doing the eCPPT again, eNDP and the OSCP.
    Booya!!
    ------------------------------------------------------------------------------------------
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
    Reply With Quote Quote  

  25. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #24
    Same, doing the eCPPT now; seeing that I have zero pentesting experience, I could use any cert I can get my hands on
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  26. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    643

    Certifications
    CEH, CCNA: R&S, eJPT, JNCIS-SEC, Dell Sonicwall CSSA, Dell Sonicwall Email Security,CompTIA CSA+, CompTIA Security+, CompTia Network+
    #25
    I am debating pulling the trigger just yet. I was browsing the eLearnSecurity forums today and it appears that they are going to be updating the course material very soon (less than two months) - so my debate now is to go ahead and get it or wait. From what I understand, if I get it now and want to upgrade it will typically be an extra $200-300.

    There is also the OSCP, but I don't think I am anywhere near ready to tackle that beast. Not to mention, PTP Elite will let me go at my own pace.

    Thoughts?
    2018 Certification Goals: OSCP []

    Blog: www.hackfox.net
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 4 1 234 Last

Social Networking & Bookmarks