Will do! I will publish a video later today on this topic! Thanks for watching and providing your feedback.

Looking through portswigger academy or knowledge of the OWASP Top 10 would be a good start. I don't think the course material is too difficult if you did the eJPT already.

Flash, CORS, and the NoSQL databases are not relevant for the exam. Of those three it's probably still a good idea to invest some time into CORS, and a little of NoSQL databases.

@@WilsonSecurityGroup is the same applies for CMS?

@@yoursweetseptember sure always good to know something about CMS and tools for enumerating.

You should be fine with some web app pentesting experience. Portswigger labs are also good

I have not taken eWPTX but have heard from many people the material is quite outdated.

For the eWAPT the exam follows really closely almost 1 to 1 with the labs. There is still some thought you need to put into the exam though beyond the course materials

@@WilsonSecurityGroup thank you for getting back to me :) I am reading the web app hackers handbook and doing some portswigger academy labs. Hoping that will help with the exam.

I’ve been looking online, and wondering are there any tools that are banned for this exam? Would a candidate be failed for using something like owasp zap to scan targets?

@@bazlar8210 there are no limitations on tools for this exam

There is no minimum amount. You either make it to the end or not. I dont think you need to find EVERY vulnerability to pass.

Not familiar with Bwapp labs, I know portswigger labs are good. I would say in general portswigger covers even more material than the INE labs, and nothing in the INE labs was ground breaking. I think you could probably do well in the exam with portswigger labs

@@WilsonSecurityGroup thank you so much buddy. Atleast by referring to videos i could clear the exam am i right ??

7 days for the exam environment. Then 7 days to do your write up. 14 days total

@@WilsonSecurityGroup thank you.

Can you please explain what you are saying

I believe this is what the exam originally intended you to do. But there are other ways to achieve it as well. There are many mentions on the eLearnSecurity forum that will be helpful.

@@WilsonSecurityGroup I seem to have a problem with openvpn, because I can't access openvpn 1 with openvpn 2, I tried logging in to both VMs and the result is not connecting

@@bingung5635 I have no idea what you mean by openvpn1 and openvpn2 and I can't provide exam technical support. You should only have one vpn pack at a time

@@WilsonSecurityGroup I didn't pass due to lack of XSS and SQLI vulnerabilities, even though I got XSS 3 vulnerabilities and SQLI 3 vulnerabilities

@@bingung5635 Did you pass now ?

In general, I feel eWPT is substantially easier than eCPPT. I don't think there is any particular order, but if I did it all over again I think I would go eJPT -> eWPT -> eCPPT.

@@WilsonSecurityGroup awesome, thank you. I think I’ll take OSCP after eWPT.