eWPT Review (A weekend well spent)

5 min readMar 20, 2022

WHOAMI

I am working as a Deputy Manager(Cybersecurity) at a MNC and here’s a short review of mine while studying for eWPT till I cracked the exam.

My upcoming writeups:

So, I am planning to take eCPPT soon and OSCP after that hopefully. I shall be sharing my reviews about my journey, experiences and as well as my failures in the OSCP writeup (Fingers crossed🤞🏻)

Course Material and Labs

INE : https://ine.com/pages/elearnsecurity-pricing

INE is the official training provider for all e-learn security certs and I must say the course material is so simple and elaborated that any noob can understand and can start straight away. The videos were amazing and there are labs and challenges as well. Solutions are provided for labs and not for challenges which is what makes it a challenge. The slides are very informative and presented in a very good manner. I suggest not to missout on the slides. You have to do all the labs and challenges inorder to pass the exam. Labs and Challenges are too much fun, you will enjoy this phase.

Who this course is for :

People who want to start their career in Application Security can enroll into this course. I suggest this course for people who are preparing for OSCP as it improves your web application pentesting concepts. However, there are a lot of other resources available too

Exam

eWPT is purely a Blackbox Pentest in which you need to find all the subdomains and vulnerabilities in the given scope. You are given 7 days to perform penetration testing followed by 7 days to write a detailed report on your findings. The report should be commercial- level which means it should be very specific and high level. eLearnSecurity is very strict in evaluating in the report so please make a note of it and try to keep your report as professional as you can and don’t add unnecessary fillers.

There is no restriction on tools usage. You can use Burpsuite professional, Sqlmap etc..

Do you need to learn from any other platforms in order to pass the exam? The answer is NO. INE provides you with almost everything that is needed to pass the exam. But if you want to go deeper, I suggest doing Portswigger Labs.

https://portswigger.net/web-security

“A necessary but insufficient condition to pass the exam is to log in to the Administration area as the administrator user”

I started my exam on Feb 11 2022, Friday 17:17:57 IST. I connected to the VPN and got my letter of engagement which contains the scope on which you need to perform pentests. You shouldn’t be testing out of scope domains so please note that down and as a Penetration Tester you need to know what is your scope and I won’t be giving any spoilers. With that being said, let’s move on to the exam.

Sub-domain enumeration is the crucial part of the exam so try to practice and learn as much as you can. Try different tools and evaluate domains which are alive. I have seen people who failed the exam and have said that they couldn’t find the admin area. This exam is very tricky.

DAY 1: I started finding the subdomains which is quite challenging in this exam. I used dnsscan, WFUZZ, Sublist3r and ffuf tools to find the subdomains. The exam is focussed on OWASP TOP 10 2017. I got initial foothold and was stuck in a rabbit hole. I still couldn’t find the admin area and called it a night.

DAY 2: After waking up, I started fresh and I was half way through. By end of this day, I had found around 10 vulnerabilities and the admin area. Now all I needed was to figure out a way to exploit and become the admin. I took a break. Remember to take breaks when you are stuck. Note that it always helps and don’t skip your workouts if you are doing it as they help a lot in maintaining your mental balance and stay hydrated.

DAY 3: I started after lunch by 2 PM and by 5 PM I was admin. It felt good but still there was more. I need to make a report and I tried to find more vulnerabilities and Ispent a lot of time in making my report and kept looking for more vulnerabilities and I was able to find more than 20 vulnerabilities. You should take some time to find the vulnerabilities as they are obvious. I submitted my report at Feb-20. Yeah, I took around 6 days to complete my report as I wanted everything to be perfect so I went slow and steady. I found more than 20 vulnerabilities in the exam.

NOTE : If you find a vulnerability, then try to find it on different parts of the application. The exam is designed to be vulnerable, so try to find as many as you can and keep enumerating. Try to spend some quality time with sqlmap (A Lazy man’s guide to sql injection) :P It would be a timesaver, but it’s an opportunity to learn how to exploit slqi’s manually so try to learn manual approach. Learn how to perform a sqlmap scan with a request file and don’t forget OWASP ZAP scanner.