eWPTXv2 Review
eWPTXv2 Review
Before buying a new certificate/product I always like to read reviews from other users to minimize the risk of buying something that it’s not worth it. Thus, I decided to write a review for the eLearnSecurity eWPTXv2 content and exam. The version 2 is relatively new (the new exam was announced on February) so this is one of the first reviews (at least I couldn’t find many others).
Okay, let’s get into the details. I will first review the content and then the exam. The eWPTX (version 1) has been around for a while so I decided to focus on the version 2. If you want a review about v1 refer to the following resources:
- https://stacktrac3.co/ewptx-review/
- https://www.doyler.net/security-not-included/ewptx-review
- https://www.youtube.com/watch?v=ZaHt8KU3TBM
- https://osandamalith.com/2016/12/29/journey-into-ewptx/
The new modules in Version 2 are:
Module 10 : Attacking Serialization - This topic was awsome. It covers Insecure Deserialization attacks which is also part of the OWASP top 10 attacks as of the 2017 update. It provides useful information about the identification of possible serialized objects in each language and how to exploit it if it’s vulnerable. In the labs, there are 4 different attacks with 3 languages (Java, PHP and .NET).
Module 11 : Server Side Attacks - Server Side attacks are also very popular and should be taken into account during a penetration test. Examples are SSTI, SSRF and SSI. This module includes two challenging labs which show the maximum impact of server side attacks which is of course RCE.
Module 12 : Attacking Crypto - This module covers mostly one Crypto attack. I found this to be a bit outdated since the main attack it covers is dated to 2013. However, some basic crypto content is included for those who are not familiar with the in-depth mathematics behind. If you are coming from a background of Cryptanalysis or any other research-based Crypto, do not expect this to be a very interesting module. In any case, I do not think that this was the purpose of this module in the first place.
Module 13 : Attacking Authentication & SSO Single-Sign On is very common nowadays especially in internal network environments. JWT, OAuth, SAML and 2FA topics are covered in very good depth.
Module 14 : Pentesting APIs & Cloud Applications This API part is pretty basic. If you have already extented experience with pentesting APIs that part will not provide you with something new. However, for less experienced pentesters it’s a very good introduction. The Cloud part is more interesting with some examples which are very real and are happening all the time in the wild (e.g. attacks on S3 Buckets).
Module 15 : Attacking LDAP-based Implementations Another very interesting module. I have to be honest that I have never seen anything similar to this before taking the course. I vagely knew about this kind of attacks but I didn’t know how they work. The module gives full background about how LDAP works and how you can manipulate possible LDAP injection vulnerabilities in a web application.
Exam: If you have taken any other eLearnSecurity Cerfication (from the Red stream) you pretty much know the concept:
- Here is an application/network
- Hack it, find everything you can + some mandatory objectives to pass
- Submit a professional penetration testing report
The exam is a very interesting journey but it is quite hard (which increases the value of the certificate). Things can be connected so make sure to take breaks if you are stuck. I cannot give much details but if you have attempted all the labs and understand the solutions you should be okay. The “out of the box” thing is always needed even though I hate this phrase - because everyone has a certain way of thinking - there is no box anywhere :P .
Overall, an awesome certificate, great content and very real-world. All the attacks/concepts that you will see here are part of the everyday web application penetration testing. I learned a lot and I highly recommend this course as, for me (and I hope for my company), it worths every penny.