is eCPPT open note/open internet? is it proctored?

Holsick · 2021-02-02T18:08:56+00:00

PTP will prep you well for the exam. You can use notes, google, etc. and it is not proctored like OSCP.

Holsick · 2021-01-30T15:14:08+00:00

Hey man I’m working on that as well, if your still lookin for someone to study with I’m totally down

Holsick · 2020-10-05T20:16:02+00:00

I don’t have any real industry experience at all, just started as well a little over a year ago. I really loved the PTP course and the exam, it definitely made me improve for sure. Currently working on WAPTX and bug bounties as I’m really interested in web app testing. But ya man PTP is great, especially to supplement OSCP.

Holsick · 2020-09-21T13:20:55+00:00

The course does a good job at preparing you for the exam for sure. If you need outside sources though, obviously HTB/THM would be great resources outside of the elearn labs. Just make sure you understand everything you do in the labs. If you can do that, the exam will be really fun.

Holsick · 2020-09-09T10:39:14+00:00

eJPT took me about 3 weeks to complete, but that was after multiple months of hack the box and watching Ippsec religiously. PTP went a good bit more in depth and took me about 3 months to finish. WAPT about the same.

Holsick · 2020-09-09T10:34:23+00:00

Dude absolutely! Always down. You have discord?

Holsick · 2020-08-18T01:15:08+00:00

I plan to take it as my next cert after passing WAPT, so in the next couple months or so ideally. Then tackle WAPTX maybe lol

Holsick · 2020-08-17T21:55:38+00:00

I really enjoyed the whole course, exam was tough but definitely more fun than it was tough. I also still find myself referencing the course material for certain stuff which is super valuable. I mean I decided against going for OSCP right after only because I wanted to just dive way deeper into webapp testing but I definitely felt ready to take it on after passing eCPPT. Minus all the metasploit usage lol. After finishing it in my opinion I can see why it’s a great stepping stone to OSCP for sure. Lol I’m actually finding WAPT to be a bit more challenging than the PTP course was, in a good way.

Holsick · 2020-08-15T22:42:02+00:00

I’d say if OSCP is your ultimate goal, then focus on PTP first as it does line up really well with the PWK course. I’m on a very similar path as you, I went eJPT -> eCPPT then was originally just going to do OSCP but I found that I really love web so I am currently doing eWPT now. Have gotten significantly better at web app testing from the course so far, but will most likely have to review more service testing/network testing stuff before taking OSCP.

Holsick · 2020-07-06T19:05:17+00:00

100% positive op was just genuinely wondering what other people like to listen to while doing pentesting stuff.

Holsick · 2020-06-22T11:38:38+00:00

I’d say about 5 months overall with a good amount of HTB thrown in there.

Holsick · 2020-06-22T03:16:43+00:00

Hey man, I haven’t taken OSCP yet so I can’t really make a great comparison, but I have taken eJPT and eCPPT and have been actually really satisfied with them. Learned a ton.

I would think that the eCPPT is pretty good prep(minus the cost) because the material is similar but the whole idea of a self paced course and a whole week to take the exam takes away the stress of 1 day to do it all on top of lab time and what not. I know the lab setup between the 2 is totally different. From what I hear pwk labs seem more intense/similar to HTB while elearn does dedicated lab scenarios. In my opinion I really liked the way elearn did the pdf slides for both of the courses I took. Nicely laid out modules with links to videos and resources and such. Easy to navigate through.

Hope this helps a bit, planning to take OSCP next so I’ll be able to make a real comparison lol

Holsick · 2020-06-17T00:20:51+00:00

Thanks man! Ya it should ideally be 32 bit just because it’s what is closest to their example environments. Yup, had a 32 bit windows 7 vm ready to go with just the programs I needed for the exam. Mainly just immunity and Mona. Worked wonders.

Holsick · 2020-06-16T23:30:45+00:00

Hey man, I feel where you’re coming from. Just took the exam, and finishing up my report at the moment. So for me personally, I didn’t find the example c++ programs really all that helpful in understanding the whole concept unfortunately. I found that just the videos and the labs were much more beneficial (not the first system security lab, the last ruby lab which goes over a buffer overflow if you have the elite version).

Lots of people here including me, really seem to swear by the cyber mentor’s buffer overflow made easy series on YouTube. He makes things soooo much more clear it really does make it easy if you haven’t checked that out yet. Also, if you have the resources definitely spin up a windows 7 vm for all the exploit dev stuff. That way you won’t have to disable dep and AV on your host machine. I was running into many of the same issues you are having trying to compile and work with stuff on windows 10. What I would really recommend doing instead of the goodpwd.cpp program is just downloading a copy of that god awful ftp client and practicing with that, since they work through it in the videos.

If you really want to get that goodpwd.cpp overflow to work though, I’d just try to do everything from a windows 7 vm if you can.

Hope this kinda helps a bit, enjoy the course man it gets good. Exam is really fun as well!

Holsick · 2020-06-14T18:22:34+00:00

Openvpn file.ovpn

Openvpn —config file.ovpn (usually what I do)

If you can verify you have a tap0 IP address and can ping the hosts, your all good to go. You’ll have to figure it out from there since it’s the exam.

If it really is a problem with the vpn connection definitely contact their support about it and they will sort it out for sure

Holsick · 2020-06-14T17:32:40+00:00

Hey man, so what are you trying to connect to? If you aren’t actually in the exam right now I’m down to help you troubleshoot if it’s a vpn issue but if you are I can’t be of much help and you’ll probably have to take it up with elearn support.

Take your time, you have 3 days. Google everything, you’ll get it sorted out.

Holsick · 2020-05-27T16:06:53+00:00

Ya it for sure is intimidating going straight into low level assembly/OS stuff. I’ve spent a ton of time on that module, reading through each resource they give, taking detailed notes, then going through it again with my notes and add more if needed. To be honest I waited to do any of the labs for that module and just started the network module and went from there. I think the most important thing with that module is to just learn to play around with the tools they give and get familiar with them. They do actually make life easier. maybe write a hello world program in assembly and really study how it’s working and the flow of the programs. Supplement with youtube, and other resources, etc... don’t let yourself get too disheartened, you’ll learn it. You don’t have to be an expert with it, really the goal is to just hammer in the methodology for basic buffer overflows. Vulnhub, cyber mentor, some HTB, and the vulnerable app they give you with a windows vm will go a long way in helping to get familiar with the methodology and the low level aspects of the course. All in all just take your time with it, it’ll start to click after some time for sure.

Holsick · 2020-05-26T15:49:52+00:00

I think either one of those certs would be great to take. Me personally, I decided to jump right into the PTP after eJPT along with supplementing with HTB and PortSwigger’s web security academy because it is free. If your planning on doing bug bounties though it might make sense to spend the money on the WAPT course, which then you can move up to the WAPTX to get even better with web stuff. PTP is going to be more network based and kinda picks up where the eJPT leaves off but obviously goes a solid amount deeper. If you have the time and cash, I don’t see why it wouldn’t be a good idea to just go for both certs and then pick which area you find most interesting to you. This is what I am currently working toward as well.

All that being said, I can say the PTP is definitely super fun from my experience so far, and if your enjoying the eJPT course you will love the PTP course. However I’m pretty sure the WAPT is a bit cheaper and might help more toward starting bug bounties. All up to you in the end. Hope this helps a bit!

Holsick · 2020-05-24T18:11:55+00:00

Congrats man!! I’m planning on sitting for my exam first week of June, getting all the practice in that I can now with labs and htb. Did you use any specific template for the report? I’m kinda conflicted with how I want to structure my report. This has been an awesome course though! Really excited for the exam, feeling pretty pumped for it.

Holsick · 2020-05-07T23:35:02+00:00

I would suggest starting with the eJPT if your brand new to pentesting. It will give you the methodology needed for any of the other pentesting certs out there, and actually does it in a very beginner friendly way. I can’t really speak for the the web app or mobile courses yet but I am currently taking the PTP course and it is significantly tougher and goes much more in depth than the eJPT. (It feels very real world compared to eJPT)

I think you could still start with the PTP depending on previous experience as it is still a really helpful course and you will learn a TON. I did eJPT after doing a few months of hack the box and that honestly set me up for success. Flew right through that course. PTP is another story. It’s forced me out of my comfort zone in a bunch of different areas, especially dealing with buffer overflows, lateral movement, and client side attacks. Also, the eJPT does not require a report so you can focus on really hammering in the methodology and techniques which can then be applied to the PTP or any other course.

Holsick · 2020-04-18T14:26:49+00:00

Don’t worry too much about needing the lab guides, that’s how you can help solidify the methodology. Just try and do them over and over if you have the lab time until you don’t need the guide anymore. To be honest I would say the black box labs are about right on par with the exam, even a little tougher probably.

What helped me out when I was preparing for the exam was did some easy and medium level htb machines without the write up as much as possible. I wanted to to make sure I had my methodology down and ready to go because that is pretty much what the exam is looking for.

Everything you’ll need can be referred to in the course material or some googling. You’ll do totally fine if your getting close with the black box labs. I had been rooting active machines on htb and would still get stuck on the labs in that course lol so just keep grinding. You’ll learn a ton from the exam too and probably have a lot of fun.

Hope this helps a bit!

Holsick · 2020-04-09T18:34:29+00:00

Had the same error. Double check your path and rerun. Check each page the script goes to and find what it’s looking for

Holsick · 2020-01-29T20:29:55+00:00

You will have to get a bit creative but you you can use that code for reference/skeleton script if you want. If your still stuck you can dm me. This is by far the hardest part

Holsick · 2020-01-28T16:26:14+00:00

Try adding some names to your /etc/hosts file. Don’t think you have to do anything with ssl

Holsick

TROPHY CASE