eWPT All you need to know
Hello!. In today’s post, we are going to talk about the eLearnSecurity eWPT, which I have recently passed.
I’m going to talk you about my experience during the certification process, how to prepare for the certification and some tips which will be useful if you are thinking of becoming certified.
This is not going to be a long post, but I am sure it will be of great use to you.
About eWPT
The certification voucher costs 400$ and can be purchased here, if is too expensive for you, you may be able to get it cheaper on specific dates like black Friday or Christmas.
Into eLearnSecurity webpage we can see the following image, which summarizes the contents that are necessary to pass the exam:
I can confirm that all of the above are necessary to pass the exam, even if you use automated tools during the exam.
eWPT is well known because is a certification focused on Web pentesting, recommended to everyone who want’s to test their skills testing web-apps.
The Certification Process
This is a summary of how my exam experience was like:
The first thing I did, was to read carefully the letter of engagement, and this is the first tip I’m giving you, reading it carefully will help you not to violate the scope limits established in the document, if not, you may fail.
Once I knew what I was required to do, I started enumerating the target scope, enumeration is the key in eLearnSecurity certifications, you need to know how to crawl and enumerate domains and webpages.
The VPN connection they provided to me, was so unstable, I got disconnected each 15/20 mins more or less the first 2 days, so be aware of that if your crawler stops working or you are not able to reach the target anymore.
After some time trying to find an injection point, I was able to make the first step into the exam main objective, this part took me a lot of time, because I was not used to dealing with the protocol that was employed.
The rest of the exam was pretty intuitive, try not to overthink too much, everything you need knowst is the INE course content, so if you get stuck, try to review the course and try the different techniques, remember, enumeration is the key, you may discover new useful information enumerating while gaining access to new places.
Once I finished exploiting the main objective, I spent one day looking for more vulnerabilities, trying to exploit them and making POCs to include them into the report.
Is not a CTF, so you must report all the vulnerabilities you have found, this includes certificates, algorithms, cookies…
My report was 62 pages long, but don’t worry if yours shorter, there is no a required length, just be aware of including everything requested in the letter of engagement.
Conclusion
I had 9 days left when I uploaded my report, you have more than enough time to make the exam (7 days access to the laboratory and 7 days to write the report).
Don’t worry about that, take your time and try no to go fast, you will miss a lot of vulnerabilities which will be needed for your report.
Take breaks to rest when you are tired, I used to stop for exercise and go outside for a while when I was tired.
Don’t overthink too much if you get stuck, the vulnerabilities are not hard and if something is not working and you are sure that you are not wrong, reset the lab, is unstable, I reset my lab 6 or 7 times before finishing the exam, but you may not need it.
The truth is that it has been an exam that I have enjoyed, it requires you to have the basic knowledge about web pentesting in order to pass the exam, but is not hard.
You will also learn new vulnerabilities and how to test protocols that you won’t find in a conventional CTFs.
Training & Tips
I recommend the INE training course for this certification, which can be found in this link, this course will teach you almost everything you need to know to take the exam, the course is not included in the certification price, so you will need to pay the INE subscription if you wish to course it.
It doesn’t matter what tools you use during the exam, but I recommend that you practice with some beforehand and use your own methodology, otherwise, it is quite likely that you will end up getting confused and switching to tools you have never used before, SQLmap or manual SQLi and Burp Suite or OWASP ZAP deep knowledge is required in order to pass the exam.
You should also be aware of how websites store and handles user sessions, and how to exploit it.
This is the study path I recommend to pass the exam:
1. INE Penetration Testing Professional Course.
Is required to complete almost all the modules, I did all of them, but the ones you could exclude are:
- Flash.
- Xpath.
2. TryHackMe Burp Suite. Link
You can find several walkthroughs of Burp Suite, if you don’t know how to use it, you should do them.
3. TryHackMe NahamStore Link.
This Machine is awesome to understand how the exam will be, remember, you need to find vulnerabilities, is not a CTF.
4. TryHackMe The Marketplace. Link.
In this CTF, you will understand how to perform a session hijhacking and exploit XSS vulnerabilities.
5. TryHackMe SQL Injection. Link.
Learn the basics about the different types of SQLi.
6. TryHackMe SQLmap Link.
Learn how to use SQLmap in depth, will be useful during the certification process.
Hope to see you certified soon!. Slayer 06/15/2023