Tag Archives: Penetration Testing

Review Contest: eLearnSecurity

Update post! I participated in the eLearnSecurity review contest! I referenced my post here, and I won a grand prize! I get to pick any security course offering elite plan, free of charge! I’m still deciding, however, I will most likely take the eCPPT as my next certification. I’m hoping that this will increase my skill set and make me a better cyber security professional. Once I get started with the course, I’ll be posting updates as well as a comprehensive review once I pass.

My life has taken quite a dramatic change in the past couple of months. Originally, I was planning on creating content and tutorials on a regular basis, however since that posting, I started a new job with a new company. I’m going to try and be a bit more realistic with my content, ensuring that I don’t write content for the sake of content itself.

Instead of trying to pump out blog articles and tutorials, I’m going to just take a step back while I get my eCPPT. During this time, I might write more on technical things I enjoy rather than only posting penetration testing content. We’ll see how the blog progresses over time. Stay tuned! Any tutorials or updates I make will have a corresponding blog page to accompany it.


Path to Pentesting: OSCP Preparations

Having taken the eJPT, I’ve been deciding which route to go down. Do I go for the eCPPT (Certified Professional Penetration Tester) by eLearnSecurity or the OSCP (Offensive Security Certified Professional) by Offensive Security?

For my situation, I decided to tackle the OSCP. Given that I bought lab time back in 2015 (while taking 18 credit hours in college), the 90 day lab time will only cost 600 USD vs the 1200 USD the eCPPT Elite plan costs. From a career perspective, the OSCP is also much more well known by HR departments, and since I can really only pick one (for now), I’ll go for the more marketable certification. OSCP here I come…..only…..

I’ve been incredibly intimidated by the reviews I’ve read of the OSCP. The course seems grueling, especially with the recent changes to the scoring. I’ve decided to give myself some homework to pass before I sign up and plunge into the content. If you have any suggestions to add to the list, feel free to let me know!

  • Complete and document all exercises on pentesterlab.com. I’ll use these notes to compile a small book for different techniques will examples of the exploits and indicators to compromise. I’ll combine these notes with my notes from the eJPT. Hopefully, this will give me a good head start in documentation and will add a couple tricks into my toolkit before starting the OSCP exercises and subsequent labs.
  • Complete and document three more vulnhub capture the flags.
  • Configure a fully updated version of Kali with the MATE desktop. This will decrease the overhead of running Gnome on my laptop (Solus) and virtualizing another Linux distribution running Gnome.
  • Find/modify/write any helpful reconnaissance scripts. I want to be able to VPN into their lab environment the moment I get the credentials and start scans to run overnight.

I’d like to get this list done in a month or two. Between work and an impending vacation, I think it’s doable. Really, the documentation will take the most amount of time. Then I’ll try my hand on the OSCP labs and exercises!

A main factor I’ve noticed in all the reviews is the sheer amount of time most people spent on the OSCP labs, easily 200+ hours over the course of 3 months. I’ve decided to give myself a realistic goal, one that I can easily hit and surpass without burning out. At the very least, I want to put in 20-25 hours per week, which will equal out to 240+ hours. Will this be enough to pass the exam? Maybe, maybe not. I would like to think that this will be enough time for me to comfortably go through and document the labs and at least 75% of the lab boxes. I do plan on tracking my time as I go through the labs and exam itself, so I guess we’ll see!

In the meantime, I won’t be posting much more about the OSCP or certifications until I pass the OSCP and give a review similar in structure to my eJPT review. I’ll be uploading write ups for my checklist above, so I expect quite a bit more content in the next two months followed by three months of silence while I go through the OSCP.

As always, feel free to let me know if you have any suggestions or comments!

Path to Pentesting: eJPT

I passed the eJPT! Here’s my review of this pentesting course and certification test.

Plan Overview

When going onto the course page, you’ll see three tiers for the program at various pricing. First, you’ll see the barebones plan, which isn’t purchasable. You can easily get a voucher for this plan for free. I got mine by following the /r/netsecstudents subreddit. It may take some time, but the elearn staff frequently post links to keys on this sub. Alternatively, you could always send them an email and hope for the best. This plan gives you access to the slides and (more importantly) a 100 dollar discount on the full and elite plans.

Next is the “Full” plan, which is the one I selected. This is the plan I’d recommend to anyone. I finished the labs with over 20 hours of my lab time remaining. Unless you literally have never done a CTF or familiarized yourself with Kali, pick the full plan. You could always go print out your shiny eJPT certificate at a local paper store.

Next is the “Elite” plan, which is essentially the full plan with more lab time, more free retakes, and a physical certification. Chances are you won’t need more than one retake, but if you think you’d need the extra lab time or retakes then this would be a perfectly valid option. The price is still good, especially with the barebones discount.

Course Content

This course has three major components: the slides, videos, and the labs. While the slides are good, they’re nothing you can’t get from a basic book or reading tutorials on the internet. The videos are well done and compliment the labs nicely. I thought the narrator did a good job overall, however, he pronounced some terms oddly. For example, he pronounced the word “meterpreter” (usually pronounced like interpreter) as meter-preter. Minor complaint aside, I thought the videos were a great resource to show the basics.

The labs are the best part of this certification. You vpn into their environment and learn the topics and techniques talked about in the slides and videos completely hands on. Check out the specific lab topics  on the course page. By the time you finish the labs, you’ll be ready for the test, and more importantly, be ready to take the eCPPT, OSCP, or dive into some online CTFs.

The Test

The test itself functions just like a lab with an added questionnaire component. Essentially you VPN into the environment, pull up the 20 questions on which you are graded, and go at it. You get three days access to the environment, which will be more than enough if you prepared. From start to finish, it took me around 4 1/2 hours including breaks and some food. A passing grade is 75%, so you have a good margin for error if you get stuck on a couple questions. If something goes wrong and you get a failing grade, you get a free retake with the full plan and several retakes with the elite.

Without revealing too much, the test is not a “get root and you win” capture the flag. The questions do a great job of making sure you have understanding of course objectives and test your critical thinking. While this is still a rudimentary penetration testing cert, I personally hold it higher than passing the Sec+ or CEH (even if HR departments do not).

When you submit the question answers, you’ll get an instant confirmation of your grade. I got a downloadable certification immediately upon passing (and a warm fuzzy feeling). Unfortunately, you aren’t able to see what you got wrong. Ideally, I would have liked to see at least the category of the question that I missed. Good news is, even after the test, you’ll still have access to your allotted lab time for review.

My Experience

I got a barebones plan quite some time ago. At first, I was going to just read the slides and go take the eCPPT, which financially I couldn’t manage to swing. In the meantime, I decided to just knock out the eJPT. It helped me check out eLearn’s learning methodology and view how  they structure their content to see if it was for me. Having the barebones package, the course and certification ran me 200 USD.

I purchased the content on week one and read through the slides and watched all the videos. Once I got through the media, I went into the labs. For each lab, I wrote down notes for methodology, syntax, alternative programs, switch explanations, etc. I occasionally had to go back and and re-watch a video to take additional notes. In retrospect, I should have taken notes on the videos as I went along.

This took me roughly two weeks, taking one day on my weekend per week to go through the labs. So really I sat down and consecutively worked on the labs and my notes, it may have taken me two or three days. For reference, I still have 24 hours and 44 minutes remaining from my original 30 hours of lab time. I went into this course with previous knowledge of the majority of techniques and tools used, so take that information with a grain of salt. I’d expect someone with no previous experience to use maybe an extra 10 hours figuring it all out and experimenting.

As mentioned earlier, I sat down with a cup of coffee and took the test. I’ll refrain from mentioning specifics but my overall impressions are incredibly positive. I wasn’t able to pass this by memorizing terms and definition like I did with the Sec+. At some points, I had to sit back and think about a question or roadblock I ran into. I may have walked into the cert with a wrong attitude, thinking it’d be a cake walk the whole way. Pleasantly surprised, I finished the cert feeling adequately challenged and accomplished with the experience.


Great content. Great test. Great introduction to penetration testing. I highly recommend it. The real question is, is it worth two hundred dollars? Some may look down at the price tag. Some may learn just as much if not more from online resources, books such as “Penetration Testing: A Hands-On Introduction to Hacking” by Georgia Weidman, and over the wire and vulnhub ctf challenges. I’m not going to try to discredit that route, it was initially the path I went down. I’ve read all the books, practiced and beat my head against vulnhub vms, and explored the vast amount of online resources available. I do believe I’m better off for that knowledge, however, there is something to be said about structured learning.

Having learning resources via a course makes learning much more time efficient. I was able to knock this out in my free time with a set mental time table of how to accomplish what needed to get done. This is the main selling point for me, and anyone on the fence about this cert should take this into consideration. Sure, you could go ahead and spend a hundred or so on some books, setup a lab environment (assuming you have the resources to do so), and learn way more than you can in this cert. However, you’ll spend an incredible amount of time doing so. For some people, the saved time taking the eJPT (or the eCPPT for those already familiar with penetration testing) is well worth the price tag.

Bottom line? Time is money, and the value of this cert will be reflective of that on an individual level. The eJPT will definitely be for some people, while skipping it in lieu of free resources will be for others.

As always, feel free to contact me with any feedback or questions!