eCPPTv2 (Preparation tips and exam review)

eLearnSecurity Certified Professional Penetration Tester

So I decided to buy the INE Annual Subscription on June 26, I got a discount so it cost me $499 + $200 for the 50% discount for any certificate you choose, so all in $699. Juggling from work and study my shift is from 8am to 5pm so I am resting for 1 hour and then studying at around 7 or 8pm and will finish it at 12am or 1am in the morning. That is roughly my routine everyday including weekends for the past 3 months from July to September.

Review Tips

Just to be clear I have past experience from other certifications that is why it helped me on this exam, and I have been studying Penetration Test for roughly 1 year and half. So if you are a beginner don’t take this lightly and maybe take first the eJPT certification.

If you have subscribed to INE, their materials is enough, the duration overall of Penetration Tesing Professional course is 66 hours and 16 minutes as stated in their platform. The topics of PTP are listed below.

· Penetration Testing: System Security

· Penetration Testing: Network Security

· Penetration Testing: Linux Exploitation

· Penetration Testing: Web App Security

· Penetration Testing: Wi-Fi Security

· Penetration Testing: Metasploit & Ruby

But the topics I reviewed the most are Network Security, Linux Exploitation and Web App Security. The lessons and labs are really great! I expected that because prior to passing my eJPT last October 2020, they really have a great materials and really blown my mind.

For notekeeping I am using Microsoft OneNote, I use this to automatically back up my notes in case my computer crashed, and so I use this as well during exam. Others suggest CherryTree but it really depends on you.

Some Metasploit modules and tools on the materials that was used are not working for me on Kali Linux 2021 as I check it is running MSF6 so I did a downgrade to Kali Linux 2020–3 to make it MSF5. I have a backup a year ago of this Kali version so I was relief that I use this instead. After comparing MSF5 and MSF6 I was more comfortable using MSF5 because some modules are not working with MSF6 like socks proxy module, run autoroute for meterpreter, and proxychains. There are more but I can’t remember it so if you are using Kali Linux 2021 beware of some errors on some tools and MSF6 and use what you are more comfortable.

I can’t say much about preparation but to practice Pivoting. Any person you know that had already taken this exam will say Pivoting is important because it really is. If you need practice Pivoting, I recommend building your own Labs and get your hands dirty.

My computer has i3 4th Gen, 16GB RAM, 240GB SSD and for me it is sufficient to build a home lab. I am using VirtualBox, for attacking machine Kali Linux and I got 2 Windows XP for Eternal Blue exploit, and 1 Metasploitable2 machines. Build 3 different subnetwork like for example, 10.10.10.0/24, 10.10.11.0/24, 10.10.12.0/24. Then configure them using using NAT Network. Note: Play around with the Adapter Type.

I won’t deep dive on how to configure or how your attacks method will be, be creative in delivering your exploit. If you don’t have enough RAM or have a low PC specs I would suggest the following Pivoting resources:

Great guide and illustration— https://pentest.blog/explore-hidden-networks-with-double-pivoting/

Offensive Security — https://www.offensive-security.com/metasploit-unleashed/pivoting/

Wreath from TryHackMe — https://tryhackme.com/room/wreath — I actually didn’t do this but would recommend.

Next to prepare is Buffer overflow, I recommend to use a Windows 10 VM download is in the link, might be good to install both 64 and 32 bit. Setup your Immunity Debugger and make use of Mona Modules. Resources I used to practice are below:

Gatekeeper TryHackMe(Try using 32 bit Windows 10, exe file doesn’t work for me in 64 bit) — https://pencer.io/ctf/ctf-thm-gatekeeper/

Buffer Overflow Prep by Tib3rius — https://tryhackme.com/room/bufferoverflowprep

Buffer Overflow Made Easy by TheCyberMentor — https://www.youtube.com/watch?v=qSnPayW6F7U&list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G

Before Examination

Might be a good idea to schedule your exam ahead to know your timeline of your study, I did my study for about 3 months, but it really depends on your learning curved, so take it easy. These are my advice before taking the exam:

1. Before taking an exam make sure you have good notes of commands that you can copy and paste on the terminal. This really helps when typing one liner and long commands.
2. Do a backup of your Kali Linux Machine I am running a Kali Linux 2020–3 as I mentioned earlier. After doing a fresh installation DO NOT upgrade the tools, I am using Metasploit Framework 5 and I did well on the exam.
3. Make sure you are comfortable using Metasploit, and use it a lot!
4. Use a video recording mine was OBS Studio, there are two reasons why you should do this, first is you can take screenshot or review what are the things you missed and second is remembrance :).
5. Edit the Pentest Report that you will be using, like logos, header and footer, pagination and so on. I use TheCyberMentor’s Pentest Report for the exam.

During Examination

1. Take your time it is 7 days exam and 7 days reporting. No need to hurry and calm down, do your Information Gathering well and TAKE EVERY SCREENSHOTS you do. The more screenshots you have the better even in Buffer Overflow exploit development.
2. Don’t forget to sleep, eat and relax.
3. Follow the instructions on the Agreement this will guide you on how you can build your Pentest Report.

My exam experience

I can‘t tell you the exam itself but for me it is really easy if you study well and practice your Pivoting. If you are getting cold feet taking it I assure you, it will go away once you are taking it. This exam is really worth it for me, I really like eLearnSecurity ever since because of its study materials and practicality on the exam.

I took my exam September 23 at 6:30PM and finish getting all system shell and root at September 25 8:00PM. Then did my report for 3 days and submitted it on September 28 11:45PM. I know that I said to take your time but this might be different from another person. Just take your time and don’t doubt yourself.

My work is in Incident Response and I can say this exam is real-world base scenario, you will find attackers pivoting from one machine to another and this really helps me in an attacker perspective to visualize what they do and what are the remediation we can do as a defender.

I hope that I helped you somehow in preparing on this examination. Thank you so much for your time reading this. :)