Yes

I mean I'm sure you can pass the exam by doing Hack The Box, TCM Security or other well received or reviewed content. If you did Hack The Box Academy or TCM Security PEH I think you would be well prepared for the eCPPT. When I say the "material isn't enough", almost all pentesting exams have some twist that require you to think outside of the box or do some research that wasn't taught explicitly. Alternative material for passing the exam is mentioned in this video like the double pivoting article.

Thanks for the question. From what I remember there was a little bit of gdb but it was not anything really in depth.

@@WilsonSecurityGroup sir as per my knowledge gdb isnt present in 2023 environment . i am asking about Hopper disassembler not dynamic analysis of IPA (Iphone Application )

@@DigitalTrendzy2023 I don't recall there being anything about Hopper but might be wrong on that one. I know it talked about some disassembly tools but I don't remember the exact ones.

There is no owasp top ten module. OWASP Top Ten is covered in web application courses. The mobile owasp top ten is being changed by owasp as we speak, it didnt make sense to include the 2016 version

It has to be based around a real scenario or real problem in a company or situation. But not all details need to be real, things can be anonymized but need to be based on data in terms of results. For example, you can make up a fake or anonymized company for the scenario but the results need to be based on real data or results.

A final project to finish the course and test your skills

@@WilsonSecurityGroup ok 👍

For me it was the hardest part of the program and took 3 to 4 months to pass as well as multiple attempts.

You should be fine with some web app pentesting experience. Portswigger labs are also good

The eCPPT materials are included in the Premium Plans only. The fundamentals plan has eJPT content as well as other basic IT fundamentals

There is no minimum amount. You either make it to the end or not. I dont think you need to find EVERY vulnerability to pass.

I believe this is what the exam originally intended you to do. But there are other ways to achieve it as well. There are many mentions on the eLearnSecurity forum that will be helpful.

@@WilsonSecurityGroup I seem to have a problem with openvpn, because I can't access openvpn 1 with openvpn 2, I tried logging in to both VMs and the result is not connecting

@@bingung5635 I have no idea what you mean by openvpn1 and openvpn2 and I can't provide exam technical support. You should only have one vpn pack at a time

@@WilsonSecurityGroup I didn't pass due to lack of XSS and SQLI vulnerabilities, even though I got XSS 3 vulnerabilities and SQLI 3 vulnerabilities

@@bingung5635 Did you pass now ?

Not sure what you mean. But INE has all of the official training material on their website: ine.com/. Otherwise I can recommend courses such as TCM Security Practical Ethical Hacking and TryHackMe to supplement in preparation for the eJPT.

@@WilsonSecurityGroup Ok, thanks, Audie.

Ouch. Could have been 1000 pages with a size 3 font 😅

Yes. There is a free retake included. After the first failure I think you have 14 days to start the 2nd attempt.

Greatly appreciate it! Thanks

Can you please explain what you are saying

It depends on what you define as practical for your role and responsibilities. Will you learn to use ethical hacking tools hand-on in a lab environment or how to configure a router and switch? No. But it does give you a decent theoretical basis, and the process of assessing risk/planning projects can be practical depending on your role. The CEH and CHFI gives you knowledge of tools and what they could be used for. But it's not like you need to use them for the exam. Overall the program is more conceptual and not hands-on if that is what you are asking.

Greetings

I would recommend any where from 2 to 3 months. If you are putting in about 20 hrs a week, maybe even 1 to 2 months! The lessons are pretty straight forward as well as the labs so putting in those types of hours should fly pretty easily.

@@WilsonSecurityGroup thanks heaps. Amazing for some one willing to share. Best regards

If it is one of the listed certs for the program, yes! They will honor that as a credit for that course.

@@WilsonSecurityGroup thank you! I do not see the one they listed for CompTIA CYSA+ which I’m holding. They do list CEH. Was wondering if the CYSA would do me any favor

@@sammyta8119 the masters degree is only ec council certifications. The bachelor's degree has much more comptia certs

You can do it! Is it the new exam format?

@@WilsonSecurityGroup nope. the old eJPT. is it really difficult?

@@ibnathebeliever2665 no, it is not too bad. Just make sure you revise the wireshark and secret server labs!

@@WilsonSecurityGroup what is the change in the new exam format? And what areas I should focus on for the new exam? I am planning to start in Mid September for prep. Pls advise 🙏.

@@oceanblue1017 the new exam has more questions - 35 total. I have not taken it or looked over the new material yet but there is alot more material in general. I have heard the material is overwhelming in terms of what you need to know, I'm sure the exam is still hands on in the exam environment. Sorry I can't speak to all points.

Y'all indians come to cheat the exams. Now fuck off. Learn some real shit. Then come back.

it can help to support you for eMAPT but I wouldnt say it directly compares. The tools I recommend in the course are alot more modern than the ones recommended in eMAPT. But the tools I recommend are more geared towards bug bounty hunting. If you are going for eMAPT definitely try to develop a small app on your own before the exam!

@@WilsonSecurityGroup Indeed but i figured since this course will cover frida and objection, maybe its better to understand the innerworking manually before going for automated tools, also could you please elaborate on how small should I learn to develop and what language kotlin? thanks for your swift response,

If you made it to the inside you have everything you need. Don't be afraid to think outside of the box for scenarios you might not have considered.

I have not taken eWPTX but have heard from many people the material is quite outdated.

Elaborate with your opinion because saying "it teaches nothing." is actually saying nothing.

In general, I feel eWPT is substantially easier than eCPPT. I don't think there is any particular order, but if I did it all over again I think I would go eJPT -> eWPT -> eCPPT.

@@WilsonSecurityGroup awesome, thank you. I think I’ll take OSCP after eWPT.

I don't think that the bachelor's of security requires work experience. I would say it greatly depends on what type of experience you want to have. If you are already working full time or know that you want to go directly into IT, I think WGU can be great for a new working professional even coming directly out of high school. If you want the ability to accelerate or be done early, I think it is very much possible at WGU. However, I do believe traditional college has benefits too such as making friends or enjoying other experiences. The downside is you probably won't be able to graduate early (possible but you would have to work hard) but you would get 4 years of experiences that aren't possible elsewhere. Also obviously this has a lot to do with cost as well, if you want to take on large student debt or not, etc. Hope that helps and let me know if you want to talk about it to help with the decision making.

@@WilsonSecurityGroup I can agree that with the pusuit of an online degree like WGU I will miss out of expierences that are like no other. I am still thinking on how I can balance both the life on an online WGU student and exploring out of state here and there to somewhat still compensate for those expierences. I will again thank you for your input and thoughts!! I appreciate it!!

Not familiar with Bwapp labs, I know portswigger labs are good. I would say in general portswigger covers even more material than the INE labs, and nothing in the INE labs was ground breaking. I think you could probably do well in the exam with portswigger labs

@@WilsonSecurityGroup thank you so much buddy. Atleast by referring to videos i could clear the exam am i right ??

You can try but 16 gb is preferred. If you are conservative with everything you are running 8 gb of ram might work. Also you could use a physical phone instead of an emulator if you would like

@@WilsonSecurityGroup cool gona try with 8gb cause that's all I have for now hope it pulls through.

Yes that is a great idea! I wouldn't take the solutions too seriously or as something you shouldn't look at. They are there for your learning purpose and there is no problem with reading along with it

If you just want pentesting experience I can highly suggest the INE Starter pass which is Free and has a lot of good labs too (used for preparing for the eJPT)

As far as I know there is no official "faculty list" as the instructors/course mentor can vary depending on when you take the course.

Some people in the course have been using a VM for the ios portion. I can't personally vouch for the performance. Another option too generally speaking, if you can buy a jailbroken phone you should be able to access it via a windows pc (OpenSSH package on cydia) and also intercept traffic with Burp suite. The only part that would suffer would be the static analysis perspective.

@@WilsonSecurityGroup Awesome...Thanks! Good to know there's a couple other options... Look forward to diving in soon. Keep doing what you're doing!

No. I took the course content and passed the exam. You did not understand the context of my statement. In the context of my statement I am saying: as far as I understand iOS was not chosen for the exam because you need a MacBook to pentest iOS applications.