.

eCPPT Gold Certification

<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Tue Apr 02, 2013 1:15 pm

eCPPT Gold Certification

Armando announced today on LinkedIn that tomorrow will be the launch of their eCPPT Gold Certification. eLearnSecurity Subscribers can expect an e-mail in their Inbox tomorrow. More information still to come and will be posted here by myself, Armando, or another EH.NET member.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

m0wgli

User avatar

Sr. Member
Sr. Member

Posts: 308

Joined: Fri Jul 20, 2012 3:34 pm

Post Wed Apr 03, 2013 12:43 pm

Re: eCPPT Gold Certification

Definitely a positive development for the cert: eCPPT Gold Certification  :)
Security + | OSWP | eCPPT (Silver & Gold) | CSTA
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Wed Apr 03, 2013 1:16 pm

Re: eCPPT Gold Certification

Once valid credentials have been provided for the certification platform, the candidate will be able to perform the tests from the comfort of their home or office. An Internet connection and VPN software is necessary to carry out the exam

I have seen this set up somewhere else...

eLearnSecurity's eCPPT Gold is the only certification for Penetration testers that evaluates your abilities at attacking your target and providing thorough professional documentation and recommendation.

Come on! Offensive Security has been doing it for years now...

I think this is a very good thing that eCPPT is migrating to this exam set up. However, they really are copying OS idea, so they shouldn't act as if they are the only one doing it...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Apr 03, 2013 3:33 pm

Re: eCPPT Gold Certification

"All ECPPT Silver professionals and ALL students with a valid Silver voucher (non expired, not failed in their last attempt) will be given a FREE Gold voucher. (commercial value of the voucher : $400)" Armando mentioned on LinkedIn.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Wed Apr 03, 2013 5:20 pm

Re: eCPPT Gold Certification

H1t M0nk3y wrote:
Once valid credentials have been provided for the certification platform, the candidate will be able to perform the tests from the comfort of their home or office. An Internet connection and VPN software is necessary to carry out the exam

I have seen this set up somewhere else...


Yep. Ferrari's have 4 wheels. I've seen that somewhere else...

H1t M0nk3y wrote:
eLearnSecurity's eCPPT Gold is the only certification for Penetration testers that evaluates your abilities at attacking your target and providing thorough professional documentation and recommendation.

Come on! Offensive Security has been doing it for years now...

I think this is a very good thing that eCPPT is migrating to this exam set up. However, they really are copying OS idea, so they shouldn't act as if they are the only one doing it...


We are the only one doing a real *pentest* as exam. If you don't get the difference between pentest and hacking, try smarter (harder was trademarked).
Last edited by Armando on Wed Apr 03, 2013 5:23 pm, edited 1 time in total.
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Wed Apr 03, 2013 5:34 pm

Re: eCPPT Gold Certification

Hello all
Thanks to all for the interest in our new Gold certification.  :D

It has been a long hard work to come up with a challenging scenario covering all main aspects of a modern pentest: web app + network + exploit development.

We believe you will love the challenge and the certification.

We have already notified our ECPPT Silver certified professionals who got a free voucher.

Tomorrow we will also give a FREE voucher to all the students of Professional v2 course with an active Silver voucher.

Starting from today we will also accept anyone wanting to attempt the certification exam without enrolling in our Professional training course.

This is our first step towards a complex certification development (and re-design) that will lead us to obtaining ISO 17024 in the near future.

Glad to answer any question you may have here.  ;)
Last edited by Armando on Wed Apr 03, 2013 5:35 pm, edited 1 time in total.
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Thu Apr 04, 2013 8:31 am

Re: eCPPT Gold Certification

"We are the only one doing a real *pentest* as exam. If you don't get the difference between pentest and hacking, try smarter (harder was trademarked)."

I'm confused by this comment? How is the OSCP exam not a real "pentest" exam?
OSCP in progress
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Thu Apr 04, 2013 8:42 am

Re: eCPPT Gold Certification

@Armando: I have obviously offended you and I appologize for this. I re-read my post and it was indeed quite insulting. So I am sorry about this.

I think you are doing a great job on your end and I am seriously considering practicing in your lab. As you know, both Offensive Security and eLearnSecurity are receiving good comments on this site. I just felt you were not the only one doing this...

We are the only one doing a real *pentest* as exam. If you don't get the difference between pentest and hacking, try smarter (harder was trademarked).

So, could you elaborate more on the differences between the two?

Thanks and again, sorry about that, my post was really insulting for you...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Thu Apr 04, 2013 10:26 am

Re: eCPPT Gold Certification

@H1t Absolutely not offended. I reacted in a sarcastic way but let me elaborate more on this because I think it's an interesting point that goes beyond our product or our certification.

In order to explain my point I'd use a question:
"What is your client expecting from you when he pays for your pentesting services?"

That you simply get root?
OR maybe...that you find ALL of the vulns, exploit them, give an impact, hand out a professional report?

This is my difference between Hacking and Pentesting.
Pentesting is much much more difficult because it involves getting root and much more.

Don't get me wrong. Last time in a webinar I was the one saying hacking is beautiful and can tell you there were some people in the audience sneezing or getting irritated. *I love hacking*

BUT with our certification we are attempting to bring our students from *just* Hacking to Professional penetration tester.

So :
1) You have to find all vulns
2) You have to build your own exploit *to get root*
3) You have to report it professionally

In our ECPPT exam you do ALL of the above 3 steps :
1) Against a real world scenario of a corporate network (with routed workstations, servers, firewalls...)
2) in VPN

So as you can see getting root is part of the game but not just that.

Having that said, Hera is the place where we will conduct the exam and it's an environment where you get entirely routed complex networks ONLY for you spawned in seconds. It's real unique stuff.

Now I think I clarified my point and, at some extent, you will probably agree with me.

I apologize if I sounded too sarcastic.
I'm a nice guy usually  ;D

P.S. This in no way intends to be a comparison between what others do and what we do. It's simply what we do. Kudos to any company bringing quality on the table.
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Thu Apr 04, 2013 10:28 am

Re: eCPPT Gold Certification

YuckTheFankees wrote:"We are the only one doing a real *pentest* as exam. If you don't get the difference between pentest and hacking, try smarter (harder was trademarked)."

I'm confused by this comment? How is the OSCP exam not a real "pentest" exam?


We've got a nice chat with Yuck, and you can find my clarification above.
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Thu Apr 04, 2013 12:37 pm

Re: eCPPT Gold Certification

Thanks for the clarifications Armando! It looks interesting!!

So no hard feelings!  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

esojzuir

User avatar

Newbie
Newbie

Posts: 37

Joined: Mon May 02, 2011 9:41 pm

Post Thu Apr 04, 2013 1:51 pm

Re: eCPPT Gold Certification

Armando:

Hope this message finds you well! I was checking the gold cert and it says that the engagement will include web apps to be tested (I imagine both manually and with other tools or Nessus) - My question is Do you recommend getting back to Coliseum and Hack.me to practice or Hera will provide the full experience of what I should encounter during the test?

Thanks in advance,

Jose
<<

JohnE

User avatar

Newbie
Newbie

Posts: 12

Joined: Tue Jan 31, 2012 10:09 pm

Location: Sydney, Australia

Post Fri Apr 05, 2013 12:09 am

Re: eCPPT Gold Certification

Hi Armando

With the exam, what is the timeframe, how long do you have to do it?

I know with OSCP you have 24 hours to do the penetration, then another 24 hours to submit the report.

Good to see another test that really tests skill, not just memory.

JohnE
A+, MCITP, CEH, GSEC
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Fri Apr 05, 2013 1:24 am

Re: eCPPT Gold Certification

JohnE wrote:With the exam, what is the timeframe, how long do you have to do it?

7 days to pentest, 7 days to prep your report.
Source: http://www.elearnsecurity.com/certifica ... rocess.php
GSEC, eCPPT, Sec+
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Fri Apr 05, 2013 2:38 am

Re: eCPPT Gold Certification

esojzuir wrote:Armando:

My question is Do you recommend getting back to Coliseum and Hack.me to practice or Hera will provide the full experience of what I should encounter during the test?



Unless you are a good pentester already, I advise you to practice both in Coliseum (Web App) and Hera (Network/System).
Manual testing skills for both Web App and exploit dev are necessary.

You can also practice on Hack.me for free if you already possess the fundamental web app testing skills.

Hope this helps
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
Next

Return to eCPPT - eLearnSecurity Certified Professional Penetration Tester

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software