u915

Daniel Cano Merchán - Hacking & Tech

eCCPTv2 review eLearnsecurity

Review about the practical security certification eCCPTv2 from eLearnsecurity

I did not write in months because I was very busy, a lot of work and also I was studying some certifications and you know working + studying is hard…

I miss a lot of HTB writeups and now there are a lot of new machines. I lost the rank that I had before on HTB, Elite hacker? Now I can not remember.

But I passed the eCCPTv2! and I did the OCI architect too. 2 Key certifications, one about pentesting and the other I think is valuable because teaches you key points about how the cloud works.

Focus on the eCCPTv2

A quick introduction. eCCPTv2 is a practical security certification about pentesting/hacking. I do not want to talk too much about the content of the course, because there are a lot of reviews out there. Instead here is the official page with all the information and the areas of knowledge covered by the course:

  1. Penetration testing processes and methodologies, against Windows and Linux targets
  2. Vulnerability Assessment of Networks
  3. Vulnerability Assessment of Web Applications
  4. Advanced Exploitation with Metasploit
  5. Performing Attacks in Pivoting
  6. Web application Manual exploitation
  7. Information Gathering and Reconnaissance
  8. Scanning and Profiling the target
  9. Privilege escalation and Persistence
  10. Exploit Development
  11. Advanced Reporting skills and Remediation

Official page:

https://elearnsecurity.com/product/ecpptv2-certification/

The real review

It is my firts security certification, so I have nothing to compare with. I will talk about my experience and my point of view. So prepare yourself!

For me the certification process has 2 main points

  1. Learn new tricks and have fun.
  2. Make your skills recognised.

In my case I was looking for a security certification that was 100% practical. I tried to avoid CEH like certifications (only tests) that probes you “know” the content.

Instead I wanted something that probes your skills and shows that you know what you do when you are on your Kali.

2 options eCCPTv2 or OSCP, I discarted eJPT because I think it is a starter level. So I had to choose what was first, because my plan is to obtain both. Obviously this post is about eCCPTv2 so I took the eCCPTv2 first, but why?

Because I think the OSCP is close to be like a “standard” but.. In my opinion it is unnatural harder, tools restricted like the use of metasploit and time limited, only 24h.

I wanted something more flexible to do and an exam more “real” and I was used to attack one machine/app and not too much to pivot. Talking about time, I wanted something that required only a few hours per day when I was able to study because I did not want something that forces you to study a lot of hours per day to reach a deadline. So my solution was going to the Elite plan to have the certification in a relaxed way meanwhile I was working. If I can study later after work fine, if not it is not a drama.

After almost a year doing all the labs/studying all the content I was feeling confident and took the exam.

Of course, it was not a full year working only on this, I was studying bufferoverflows and doing HTB machines, fresh machines and retired machines. I combined the content of the certification whith things that I wanted to learn or that could help me to reinforce the content I was studyng. Also readed some security books.

The exam

Sorry but I will not leak any information about the exam. Only my point of view.

The exam is 7 days of black box testing and 7 days for reporting.

I took my exam on “Semana Santa” (holydays in Spain), normally 2 days and also I took 3 free work holydays to stay focused the whole week on the certification process.

On the second day, near to the end of the day I reached the main target and I took one more day to backtrack my steps finding new things.

I took a free day and then I started the reporting phase.

In the process I took a lot of traces, screenshots and reports with Cherrytree but starting the report meanwhile I still had access was a great idea, the report was longer than I expected.

I started the exam on a Saturday, after a week, on the next Saturday I just sent the report. So were 3 days of testing, 1 free day and 3 reporting/live backtracking. As you may notice… English is not my main language so it took me more time to write.

On the Monday morning. I had the notice from eLearnsecurity I had passed!.

The real difficulty for me was pivoting and knowing what was happening on the network. The level of the machines are something like easy/medium real life HTB machines. If you are rooting HTB machines by yourself you will be fine.

Final thoughts and next steps

If you want something more realistic than the OSCP exam and learn things on the process, maybe this it is for you.

Probably I could have taken the exam months before but my plan was to do the exam when I was feeling that I was ready, without hurry and in a relaxed way, enjoying the content and learning by my self when it was possible. I liked the exam, discovering new things and pivoting. My best advice is to enjoy the experience, the exam is just for you. Sit down and enjoy the experience. Also do not understimate the report you will find a lot of stuff and it is not a CTF.

Now probably the next step is the OSCP.


Here there are some extra resources I used that are not from eCCPT :

Thanks for reading!