eWPT Status – Certs, certs, everywhere

I haven't mentioned my certifications recently, so I figured I'd update my eWPT status and how the course is going.

I have been working on my eWPT certification when I have time, and it has gone alright.

It has mostly been a refresher of the web application penetration testing knowledge that I have so far. That said, I still really enjoy the layout of their courses, slides, and lab environments.

The first three labs were straightforward and to the point. I am looking forward to the Flash, HTML5, and XPath sections though, as those will have new material for me (hopefully).

While the first chapter wasn't specific to web applications, there was still a lot of information regarding reporting and templates. If anyone has any examples of creating a solid pentest report template, then I would love to see them. This course has made me realize that having a fake sample report to send to clients would be hugely beneficial.

So, despite the fact that I'm only done with three chapters, it is time that I change-up my strategy. My next step is to try to knock out all of the labs without looking at the solutions or chapters. If I am able to do this, then I believe I will be ready for the exam.

Assuming the exam is similar to the eCPPT, then I will have no issues producing a quality report in the seven days.

This is probably a course that I will recommend to anyone looking to get into web app penetration testing. I will post another update when I finally take the exam, but I'm looking forward to finishing this and moving on to the eWPTX.

doyler on Githubdoyler on Twitter
doyler
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he's done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!

He currently serves as a Senior Penetration tester for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.

When he's not figuring out what cert to get next or side project to work on, he enjoys playing video games, traveling, and watching sports.

Leave a Comment

Filed under Security Not Included

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.