This is a compilation of resources for studying for the eCPPTv2. Not all of the resources are explicitly for the eCPPT but they will be helpful anyway. If this grows too large, I may split this up into multiple files.
the structure for the INE course can be found here in markdown format or on their page
A list of exam write ups. Could give clues to the structure of the exam, and what should focused on during studying.
| Index | author | Type of Site | Link |
|---|---|---|---|
| 1 | Graham Helton | Personal Site | link |
| 2 | Harsh Bothra | Medium | link |
| 3 | Ray Doyle | Personal Site | link |
| 4 | Nina | Personal Blog | link |
| 5 | Emmett Brewer, aka: p0wnyb0y | Personal Site | link |
| 6 | Stefan W. | link |
theses are resources for specific topics. used to both learn and refresh memory.
| Index | title | author | Topics | Link | description |
|---|---|---|---|---|---|
| 1 | Buffer Overflows Made Easy | The Cyber Mentor | BOF | link | Play list of YouTube videos. Explains what needed and how to preform. |
| 2 | double pivoting | Mucahit Karadag | pivoting, double pivoting | link | The Classic double pivoting tutorial, Multiple sources point to this. |
| 3 | SSH & Meterpreter Pivoting Techniques | N\A | ssh, metasploit, meterpreter, pivoting | link | Overview of SSH and Meterpreter pivoting with a fair few external sources to study up on surrounding information. |
| 4 | Buffer-Overflow-Exploit-Development-Practice | freddiebarrsmith (GitHub Link) | BOF, exploit dev | link | buffer-overflow example code for practicing. |
| 5 | A Red Teamer's guide to pivoting | Artem Kondratenko | pivoting | link | Goes over a bunch of techniques and tools. has a index in the beginning for easy searching. |
| 6 | Nessus Through SOCKS Through Meterpreter | UNKNOWN | pivoting, Nessus, meterpreter, metasploit | link | shows how to use Nessus through a Meterpreter shell. |
| 7 | Report Writing | UNKNOWN | report, writing, report writing | link | Describes the process of report writing. "How do I write this again?" - Sung to the tune of how do i craft this again - The Yogscast. |
| 8 | Pivoting with Chisel | Ap3x | pivoting, chisel | link | overview of a tool called chisel which is used for pivoting. |
| 9 | Metasploit | HackerSploit | Meterpreter, Metasploit | link | a YouTube video series from 2019. its a little old but should still be helpful. |
| 10 | How To Stay Anonymous | HackerSploit | anonymity | link | a YouTube video series from 2019. its a little old but should be helpful (potentially not on the exam but definitely in general). |
| 11 | Nmap | HackerSploit | Nmap | link | a YouTube video series from 2019, a little old but should give good info on more advanced nmap stuff. |
| 12 | Information Gathering | HackSploit | Info Gathering | link | a YouTube video series from 2019, is a little old but should still help. |
| 13 | Docker | HackSploit | docker | link | a YouTube video series from 2019 a little old but should still help. docker is used every where AND some hacking tools use it. its a good idea to know it. the last video will likely be the most helpful. |
general resources that don't fit cleanly into another section.
| Index | author | Link |
|---|---|---|
| 1 | High on coffee write up collection | link |
| 2 | High on coffee cheat sheet collection | link |
| 3 | Report Template | Template Repo, how to use templates |
a collection of reviews that may give insight into, or tips for, the exam.
| Index | Title | author | Type of Site | Link |
|---|---|---|---|---|
| 1 | eLearnSecurity eCPPT Exam Review | hyd3sec | video | link |
| 2 | eLearnSecurity PTP/eCPPT REVIEW | John Hammond | video | link |
| 3 | The Ultimate eCPPT Certification Review + Exam Advice | Graham Helton | video | link |
| 4 | My eCPPT Review | Bohan Zhang | text | link |
| 5. | eCPPT Course/Exam Review | Allen | text (Medium) | link |
generic prep sources.
| Index | Title | Link |
|---|---|---|
| 1 | Gaining A Foothold On Your Career With eCPPT | link |
a collection of command cheat sheets to pilfer from when making my own.
| Index | Title | author | Link |
|---|---|---|---|
| 1 | eCPPT Field Manual | kindredsec | link |
| 2 | Pentestmonkey | pentestmonkey | link |
| 3 | PWK Notes: Tunneling and Pivoting | 0xdf | link |
| 4 | Bind Shell Cheatsheet.md | swisskyrepo | link |
| 5 | OSCP-Survival-Guide.md | wwong99 | link |
| 6 | eCPPT NETWORK SECURITY | UNKNOWN | link |
| 7 | collection of multiple cheat cheats on HighOn.coffee | UNKNOWN | link |
| 8 | MULTIPLE (focused on tools) | UNKNOWN | link |
compilations of multiple sources, good as a last ditch effort to find something.
| Index | Title | Description | Link |
|---|---|---|---|
| 1 | great ptp ecpptv2 external resources | blog post from INE forums | link |
| 2 | Ethical Hacking Notes | notes on just about every thing, good high-level overview | link |
list of lesser known tools that might be helpful.
| Index | Tool | Description | Link |
|---|---|---|---|
| 1 | revshells | auto gens reverse shells cmds. takes atker ip and atker port as inputs | link |
| 2 | chisel | is a fast TCP/UDP tunnel over HTTP, secured via SSH | link |
| 3 | arsenal | provides pen-testing command storage and launching. (brings up a searchable list of commands that it will then type out for you once you select the command and fill in the variables) | link |
| 4 | enum4linux | enumeration of Windows/Samba shares. (see eJPT study notes for more not on github yet, sorry) | link |
| 5 | faln | vulnerability scanner, wraps around Nmap, can be deployed locally, in a container, or on Kubernetes. allows for pushing results to the cloud | link |
| 6 | fuzza | TCP fuzzing tool to test for remote buffer overflows | link |
- Offensive Software Exploitation (OSE) Course (full college course taught @ Champlain College in Spring 2021.): link
- Hack The Box (HTB): link
- Try Hack Me (THM): link
- VulnHub (VH): link
- Hack My VM (HMVM): link
- OffSec Proving Playground (OSPP): link
these are from many sources. including but not necessarily limited to: Hack The Box (HTB), Try Hack Me (THM), VulnHub (VH), Hack My VM (HMVM), or OffSec Proving Playground (OSPP).
- THM road
- THM gatekeeper
- THM Offensive Pentesting path (not all of it is free)