eCPPT / PTP - Notes
INE/eLearnSecurity Certified Professional Penetration Tester (eCPPT) / PTP v2 and v3 Notes
Last updated
INE/eLearnSecurity Certified Professional Penetration Tester (eCPPT) / PTP v2 and v3 Notes
Last updated
~ 107 hours (~97 of videos) 10 courses , 172 videos, 124 quizzes, 67 labs
Time limit: 24h
Expiration date: yes
Objectives:
Information Gathering & Reconnaissance (10%)
Perform Host Discovery and Port Scanning on Target Networks
Enumerate Information From Services Running on Open Ports
Initial Access (15%)
Perform Username Enumeration to Identify Valid User Accounts on Target Systems
Perform Password Spraying Attacks to Identify Valid Credentials for Initial Access
Perform Brute-Force Attacks on Remote Access Services for Initial Access
Web Application Penetration Testing (15%)
Perform Web Application Enumeration to Identify Potential Vulnerabilities & Misconfigurations
Identify and Exploit Common Web Application Vulnerabilities For Initial Access (SQLi, XSS, Command Injection, etc)
Perform Brute-Force Attacks Against Login Forms
Exploit Vulnerable and Outdated Web Application Components
Exfiltrate Data and Credentials From Compromised Web Applications and Databases
Exploitation & Post-Exploitation (25%)
Identify and Exploit Vulnerabilities or Misconfigurations in Services
Identify and Exploit Privilege Escalation Vulnerabilities
Dump and Crack Password Hashes
Identify Locally Stored Unsecured Credentials
Exploit Development (5%)
Develop/Modify Exploit Code For Initial Access and Post-Exploitation
Identify and Exploit Memory Corruption Vulnerabilities (Stack Overflow, Buffer Overflow)
Active Directory Penetration Testing (30%)
Perform Active Directory Enumeration
Identify Domain Accounts With Weak or Empty Passwords
Perform AS-REP Roasting to Steal Kerberos Tickets for Authentication
Perform Active Directory Lateral Movement Techniques (Pass-the-Hash, Pass-the-Ticket)
Obtain Domain Admin Privileges/Access
~ 84 hours (~56h of videos) 8 courses , 85 videos, 83 quizzes, 27 labs
Time limit: 7 days + 7 days for report
Expiration date: no
Objectives:
Penetration testing processes and methodologies, against Windows and Linux targets
Vulnerability Assessment of Networks
Vulnerability Assessment of Web Applications
Advanced Exploitation with Metasploit
Performing Attacks in Pivoting
Web application Manual exploitation
Information Gathering and Reconnaissance
Scanning and Profiling the target
Privilege escalation and Persistence
Exploit Development
Advanced Reporting skills and Remediation
~ 22 hours
~ 14 hours
~ 17 hours
~ 7 hours
~ 18 hours
~ 19 hours
π£οΈ π§π»βπ«
Where to find the eCPPTv3 certification exam? -
Where to find the PTPv3 (Professional Penetration Testing v3) course
ββ Exam πποΈ
π π
β ~ 13 hours
~ 33 hours
~ 6 hours
β ~ 9 hours
~ 10 hours
β ~ 6 hours
β ~ 8 hours
π£οΈ π§π»βπ«
Where to find the PTPv2 (Professional Penetration Testing v2) course? - β
Where to find the eCPPTv2 certification exam? - β
π π
