Penetration Testing Professional

I think it is now time to start this course from eLearnSecurity. The Penetration Testing Professional (PTP) is a well know course which I have been putting off but have now decided to start.

I will add to this post as I progress through the course. I believe that it will not be too difficult, last year I took the Offensive Security Certified Professional (OSCP) training. But I did not do the exam as I still lack skills in privilege escalation.

So there are already quite a lot of reviews for eLearnSecurity. So ill just keep this short. I started the training and immediately I already had a goog understanding of the content. This is good any bad so i skimmed through all of the training pages.

I found a few new skills in regards to pivoting. This course was based more on Windows clients and Servers rather than the more traditional courses that concentrated on Linux.

I found this was more like an OSCP refresher course. The exam. Is called eCPPT ” eLearnSecurity Certified Professional Penetration Tester.”

They give you 1 week a letter of engagement, a few IPs, and a VPN connection, That is it, the exam is completing a black box penetration test. The exam is focused on producing a professional penetration testing report. So it is not capture the flag. This although I am not a fan of writting reports is a really good idea for that question in a job interview “Have you ever written a professional penetration test report?”

I started the exam last week on a Tuesday ( Feb 18 2020 ) and by the weekend I had managed to pivot my way through the network to what was designated as the DMZ.

The exam was so very frustrating I came close a few times to just leaving. The main issue I had was the network connectivity. If you have proxy chained connections, using various exploits against a variety of targets and you loose that first connection. Then you have to build the entire connection back from scratch which would sometimes take a few hours.

Other than that I really enjoyed the exam it is not easy as should be approached with caution. If you are not strong in networking you will struggle with this exam, ensure you understand pivoting but also WHY we need to. and HOW to do it. Lucky Kali Linux is full of tools to help like Metasploit routes, and socks proxy modules.

So now I have all my notes from my scans and exploiting. I need to write what they class as a “Professional Penetration Testing Report”. Not sure how to approach this. I could complete a right up on perhaps a particular vulnerability and how to exploit it. But with this I’m thinking if I was paid for this work, what would the customer expect? Nice graphs and tables. A section for the un-technical minded and then a more detailed explanation in the report details. I’ll dig around online find some template to fill in 🙂

I found a useful but annoying tool called Serpico I will say this straight away I hated using this tool but damn its a good tool. Yes completely contradicted myself. The tool formats a good report professional looking. You can save templates and different reports. At the end you generate the report as a Microsoft Word document. But it needs finishing. No easy guide to tell you what to do and errors are all over the place. I recommend just playing with it so you can see what to enable and what not to enable in the tool.

I have now submitted my report so now the long wait. I expect a pass but the report is a first for me. If i fail I should receive feedback and the exam will open for another 7 days in order to attain missing information based on the feedback that you also receive. A really nice touch I might add.

Update March 27th – PASSED

Leave a Reply