This is the honest review for eCXD course and exam. eCXD is an eLearnSecurity Certified eXploit Developer certification from eLearnSecurity. The purpose of the course is to learn Windows and Linux binary exploitation such as buffer overflow, DEP bypass, Ret-to-libc.
I heard from other peoples that eCXD exam is harder than OSCE. So I want to get this certificate and I started learning course materials.
You will learn below scopes in the course.
How about course materials?
For linux exploit development section, the course contain linux binary exploitation and mitigation bypass techniques such as buffer overflow, ret-to-libc, ROP, aslr bypass, PIE and so on.
and for Windows exploit development section, the course contain windows binary exploitation and mitigation bypass techniques such as buffer overflow, writing manual ROP gadget chain, shell coding and so on.
What I like about eLearnSecurity is, they explain step by step details in eWPT and eCPPT courses.
But in eCXD, the course modules are not really good. The course didn’t explain very well and the labs are more disappointed to me. Some labs even include wrong solutions.
Exam
The exam give full 5 days for exploiting and writing report. Firstly I though, the exam is a little bit easy for me, but after I stared the exam, I realised that I will not pass the exam :D. In exam, I need to write manual ROP chain (mona won’t work), bypassing PIE and ASLR and so on.
I won’t spoiled for the exam but trust me, you will not pass the exam even if you learned all of the course materials. Exam is more harder than labs in the course.
Two days after I stared the exam, I wrote exam report at night and after one day later, I certified eCXD certificate.
Conclusion
Exam is really challenging and worth it but the problem is the course material. This is the honest review for eCXD exam. I know some peoples won’t like this, but who cares?. We all need honest review about the info sec certificates and courses.
