eCPPT Exam Review

Brief Overview

I wanted to do a review / say my opinion about the exam, content and labs, but didn’t manage to write it until now because i attended MayDay Conference and DefCamp.

I bought the FULL plan and paid 1300$ for it(i got a discount code i used) otherwise the cost of it would have been ~1500$.

These are the prerequisites. Even though you can learn them in the process, those are nice to have before starting.


There are 7 main sections:

  • System Security
  • Network Security
  • PowerShell for Pentesters
  • Linux Exploitation
  • Web Application Security
  • WiFi Security
  • Ruby for Pentesters and Metasploit

As i had the FULL version, i didn’t have access to:

  • PowerShell for Pentesters
  • Ruby for Pentesters and Metasploit

There are a total of 30 labs, and since i didn’t buy the ELITE version i didn’t have access to the following labs:

  • Leveraging PowerShell During Exploitation
  • PowerShell for Post-exploitation and Lateral Movement
  • Ruby
  • Exploitation with Ruby

What i liked about the course was the fact that every section and module had a video and usually a lab or more to practice your skills.

The Exam

I started the exam on 4th October. I knew i had 1 week to reach the DMZ(own the entire network) and the 1 more week to craft my report.

To start the exam i went to the exams section of the members area, and pressed Begin certification process.

I started the exam on Friday night, around 10 PM. In the idea that i have almost 3 days to bang my head as much as possible and get as far as possible in those days. I prepped myself with a lot of snacks, energy drinks and some coffee.

So…. i started the exam and 5 minutes into it my KDE environment broke. It updated and now nothing was working. I spent almost 1 and a half hour fixing it and i was already feeling behind.

The first day I got access only to one machine(yeah, sad, I know). Got a few hours of sleep and got back at it.

On the second day i hacked another 2 machines, and discovered what it seemed a binary. I started working on it, and finished it on the third day.

On the third day i didn’t do too much, finished the BoF, and started checking to see if i missed anything.

On the fourth day i reached the DMZ(meaning the practical part of the exam was done).

Ok, the DMZ was reached, time for the report! It took me around two or three days to finish writing the report. I had two reports, one of them contained the actual hand crafted report, and the other one contained all my scans made during the testing.

eLearnSecurity Response

This is the email i’ve received.

E-mail from eLearn

What I learned

I learned to think outside the box. I tried harder and succeeded.

Keep in mind, there are multiple payloads you can use and one of the most important things is that you can do almost everything manually, there is no need of using automated tools.


Special kudos to the TryHackMe community for checking up on me from time to time.

Also, thanks a lot to Dark for helping me with a feedback of a few reports made before attempting the exam. You can check his Tweeter or Github.

The rest of the kudos goes to Lucian Nitescu for helping and supporting me. You can check Lucian’s Github.