eLearnSecurity’s Web Application Penetration Tester eXtreme: Overview and How to Prepare for the Exam
eLearnSecurity’s eWPTX is a challenging yet rewarding certification for those looking to expand their knowledge in web application exploitation. As someone with several years of Application Security experience, I was thoroughly excited to finally get my hands on the material.
I first discovered the eWPTX through a friend familiar with the eLearnSecurity platform. I had taken and passed the eJPT a year prior but wasn’t aware of the full scope of eLearn’s offerings. After being recommended eWPTX and researching further, I realized it covered many subjects I had little experience in (deserialization and LDAP injection in particular).
To receive the eWPTX certification, you must pass an advanced exam considered to be ‘expert level.’ It’s not enough to just exploit vulnerabilities, you must also be able to bypass Web Application Firewalls and have strong report-writing skills. Because of the challenge and the hope of having an ‘expert’ certification under my name, I signed up for the course.
An Overview of Topics to Expect
Upon working my way through the slides and labs, I was impressed with the detailed explanations and novel attack techniques presented within. In particular, the comprehensive view of how Cross-Site Scripting (XSS) can be used for post-exploitation/target enumeration was eye-opening. It seems that far too many InfoSec articles stop at just popping an ‘alert box’ and miss all the opportunity that XSS can provide.
I was also thrilled to see advanced Cross-Site Request Forgery (CSRF) in action, as most tutorials I’ve found online only cover the basics. Additionally, I enjoyed the in-depth look at using SQLMap for advanced injections which increased my confidence in creating custom payloads/tamper scripts to bypass Web Application Firewalls (WAFs).
In addition to the above sections that stood out to me, the eWPTX covers topics like XML attacks, authentication bypasses, crypto, cloud attacks and more. Overall, I feel that the eWPTX added a lot of new techniques to my arsenal, as well as solidified my already existing AppSec foundation.
My eWPTX Test Experience
After spending about a month going through the provided slides and labs, I felt I was ready to start the exam. I thoroughly assessed the application for the provided seven days, but only achieved half of the objectives. The exam is structured in a way that requires a few key findings before the main objectives can be discovered. I found myself deadlocked on escalating my privileges within one of the applications, preventing me from making any progress.
It was a tough yet necessary lesson to learn, as failing my first attempt motivated me to spend more time mastering the provided material. On my second attempt, I focused much more on enumeration and out-of-the-box thinking, and was able to pass with flying colors!
The Bottom Line
The eWPTX course was extremely helpful in expanding my knowledge of advanced web application exploitation. The material was interesting and detailed, and I continue to refer to it when I’m working on an engagement.
If you are considering taking this course yourself, I would recommend completing every provided lab – after all, you get out what you put into it. I would also focus on enumerating as much as possible, even when you think you’ve found everything, keep looking 😉