eCPPT Review

Here is my review of the eCPPTv3.

https://certs.ine.com/e4ccfe8c-407a-4b7d-9293-d558b2a3241dcerts.ine.com
certs.ine.com

Introduction:

Hello, this is Caesar3, and I will write my review about the eCPPT exam and course.

I did some boxes on several platforms including THM and HTB, and I have a good knowledge about the technical penetration testing phases.

Course Content:

The course content is enough to pass the exam except the active directory penetration testing section where you have to go for other resources like HTB, because it was taught in an only assumed breach scenario from a windows machine, and I will mention some good machines to do before starting the exam to practice doing the attacks from Linux systems.

Exam:

The exam is 45 multiple questions in 24 hours, and as you go through the exam you can answer, also you do not need to write a report, there was 1 Linux and 4 Windows machines including the active directory.

Tips:

  • Use the wordlists in the desktop folder, they will be enough.

  • If you get stuck try to brute force.

  • Useful Tools:

    • Crackmapexec

    • Impacket Suite of tools

    • kerbrute

    • john

    • xfreerdp

    • msfconsole

    • nmap

    • hydra

    • wpscan

    • smbclient

  • Scripts:

    • PowerView.ps1

    • PowerUp.ps1

Recommended Machines:

For linux machines if can do up to medium machines on THM you will be fine.

For windows:

  • THM:

    • There are some windows and active directory machines.

  • HackMyVM (You can download those machines and hack them offline):

    • DC01

    • DC02

    • DC03

  • HTB:

    • Easy & Medium machines in Active Directory 101 track

    • Easy and if you can do the medium machines in the Intro to Zephyr track

    • Jeeves

Conclusion:

I think it is a good start in the penetration testing field, but I myself prefer going for PNPT or CPTS since they are in the same range of cost.

PreviousAbout MeNextCRTP Review

Last updated