eWPT Status – Certs, certs, everywhere

I haven’t mentioned my certifications recently, so I figured I’d update my eWPT status and how the course is going.

I have been working on my eWPT certification when I have time, and it has gone alright.

It has mostly been a refresher of the web application penetration testing knowledge that I have so far. That said, I still really enjoy the layout of their courses, slides, and lab environments.

The first three labs were straightforward and to the point. I am looking forward to the Flash, HTML5, and XPath sections though, as those will have new material for me (hopefully).

While the first chapter wasn’t specific to web applications, there was still a lot of information regarding reporting and templates. If anyone has any examples of creating a solid pentest report template, then I would love to see them. This course has made me realize that having a fake sample report to send to clients would be hugely beneficial.

So, despite the fact that I’m only done with three chapters, it is time that I change-up my strategy. My next step is to try to knock out all of the labs without looking at the solutions or chapters. If I am able to do this, then I believe I will be ready for the exam.

Assuming the exam is similar to the eCPPT, then I will have no issues producing a quality report in the seven days.

This is probably a course that I will recommend to anyone looking to get into web app penetration testing. I will post another update when I finally take the exam, but I’m looking forward to finishing this and moving on to the eWPTX.