How to pass the eCPPTv2 exam: Tips & Tricks

Are you looking to pass the eCPPTv2 exam on your first attempt? If so, you’re in luck! In this blog post, we will share some tips that will help you achieve success. Let’s get started!

A little background

The last two months have been a blur, with all the studying and preparation for the big day, going through INE slides and labs. It was so nice to finally feel ready to rock&roll!

I took it on the first days of December to make me a little gift from Santa Claus himself with a shiny new certification!

The day before the big exam, I got an invitation on LinkedIn to apply for a conference about information security organized by Meta and to send in my CV before December ended. As I wanted to be sure to get the certificate into my resume before the deadline, I had to finish the exam as fast as I could because in their descriptions, the correction it can take up to 30 working days.

The eCPPTv2 exam

For those who don’t know about it, the eCPPTv2 exam it’s like a real-world black-box penetration test. You have two weeks to submit a report about the vulnerabilities you’ve found, how to reproduce them, how to remediate them, and finally a C-level executive summary. You have 7 days of lab time and then another 7 days to write all your findings.

In my opinion, it’s more than enough time to pass the exam, even if you don’t have experience with this type of examination.

My tips & tricks

Okay, so now the tips & tricks that helped me pass this exam fast. There are a lot of options when assessing this test, a lot of people prefer manual exploitation but I didn’t have time for that. So I signed up for a trial of Nessus Profesional and Burp Suite Profesional licenses and fired them up on the first target.

Found the entry point and searched an exploit for it in Metasploit. From now on, everything I did to exploit the network, I’ve done with Metasploit.