First of all, a huge thank you to eLearnSecurity for gifting me this great course last year. I am happy to say that I passed eCPTX in my first attempt. I think companies must look for this certificate when hiring for pentesters in the future. Because in the real world most of the time I pentest Windows environments, so this exam perfectly fits into the day to day job I do. The attacks were the same I had to perform in the real world.
As always their material was well documented. I’ve learned so much of new things I never knew before. There were so much of things to research.
I had no issues with the lab, but however, I do not like the fact that we have to press OK to extend the lab or else the lab will disconnect. Due to this, sometimes I had to start over again when the shells died. Apart from that, I would like to mention that it’s better to have some more labs for the material to practice with a good Active Directory environment.
This is the best exam I’ve done in pentesting, a really awesome challenge in 2 days. I started my journey with eLearnSecurity when I was 18 and now I’m 22 and within these few years I’ve learned a lot and helped me become good at what I do 🙂
For the guys who are going to take this exam you really need to focus on the following areas.
- Advanced penetration testing processes and methodologies
- Advanced Exploitation using Metasploit and Empire
- Network/traffic manipulation
- Pivoting
- Advanced Lateral Movement (WMI, PS Remoting, DCOM, etc.)
- Advanced Active Directory Information Gathering, Enumeration and Reconnaissance
- Custom Attack Vector Development
- Active Directory and Windows internals
- Knowledge of Windows authentication weaknesses
- Web application Manual exploitation
- Stealthy Scanning and Profiling the target
- Advanced Persistence / Backdooring
- Privilege escalation
Compared to other pentesting exams, this exam is advanced and I learned many new things. This is more applicable to the real world.
Cheers to Armando Romeo and Dimitrios Bougioukas for designing this course 🙂