white.h4t.eu

Ici c'est Linux, plaintext et pentest.

Anatomie d'une attaque informatique

April 14, 2018 — ebsd

Au cours de cet article, je vous propose de décortiquer le processus d'une attaque informatique à distance. Il s'agit d'un cas réel, pour lequel l'entreprise a entrepris des actions correctives. Pour des raisons éthiques, toute information potentiellement sensible a été anonymisée ou supprimée.

Read more...

Comments? Tweet  

eCPPT course and exam review

January 02, 2018 — ebsd

I decided to write this eCPPT course review after passing the exam. It's a totally independent review, I have nothing to gain.

Course

eCPPT is a pentesting certification which will actually teach you skills through high quality courses and practical labs. You will learn :

  • Penetration testing processes and methodologies
  • WebApp security (vulnerability assessment, SQL Injections, LFI/RFI, XSS, CSRF)
  • Network security (vulnerability assessment, performing attacks and pivoting, sniffing, poisoning, privilege escalation and persistence)
  • System security (especially Exploit Development)
  • Wireless security (discover and attack)
  • Advanced exploitation with ruby and metasploit

Moreover, you will learn how to elaborate a real profesionnal pentesting report : this is very good point. It's not a question of how to caputre a flag. This is important if you want to join the infosec business : you will get advanced reporting skills

Note that manual and automated web application exploitation is taught which allow to really understand vulnerabilities, and not only use scripts or tools.

There are many slides and hours of videos. You will nerver be bored !

Of course you will learn the metasploit framework use.

Labs

To pass eCPPT you will not have to only learn theorical concepts and then answer multiple choice questions. You will have to get hands-on experience through the labs. This is the strenght of eCPPT.

Please note that the labs are oriented to skills you : forget about "Capture The Flag" in this course. I think this is a better orientation compared to others certifications.

You are "alone" in your labs virtual environment. You can reset a lab if things become wrong. All labs certifications do not allow it.

Tools

PPT course teach you how to use a large toolbox for scan, assess, exploit, post-exploit... During the exam, you will not be limited for the tools use.

Exam

First, I will not tell to much about the exam itself. I don't want to include exam spoilers. If you have done the labs, everything should be fine. If you fail, you'll have a second chance.

The exam consists of two parts : doing a real world pentest, and then writing a report. Each part lasts one week. An engagement is provided and indicate your scope and objectives.

I spent about 35 hours in the first part (I took few days off). Some targets are harder than others, and hardests can be demotivating : try again and again and take breaks !

For the repporting part, I recommend preparing a report support before starting the exam. Moreover don't forget to write notes and take screenshots of all what you could use in your report. You will have to organize all of your information, prepare a detailed analysis and provide remediation actions.

Conclusion

eCPPT will dive you into the penetration testing world. It provides high quality materials and good support thanks to the active forum where admins will always answer.

I loved the labs and the exam was really interesting as they reflect real company networks.

Before taking the exam, don't forget to prepare coffee and energy drinks, you will need them !

eCPPT was a very enjoyable experience !

Tags: eCPPT, pentest

Comments? Tweet