Introduction
A while ago I passed the eLearn Security Certified Penetration Tester eXtreme (eCPTXv2) exam. I have taken multiple courses about pentesting Active Directory and have been learning a lot about it in the last two years. Which made me feel confident to take the course and the exam.
The course is focussed on Red Teaming Active Directory and includes;
- Social engineering and Macro Development
- Active Directory
- Critical infrastructure such as SQL server, Exchange and WSUS
- Evasion techniques
The material
A lot of the course was already well-known material for me since I took the CRTP and CRTE courses from Pentester Academy. eCPTXv2 covers all the techniques, but I think it lacked a bit in the domain enumeration part and using for example Bloodhound. Luckily CRTP covered this extensively and I recommend taking at least CRTP before attempting eCPTXv2. Overall the material was extensive and enough to prepare for the Active Directory attacks in the Exam. I won’t be able to tell if its a true Red Teaming course because I never did a Red Team before, but I think it’s a good step to get into Red Teaming. After the exam I bought the CRTO course and will take the exam soon, the CRTO course focuses a lot more on Red Teaming and OPSEC considerations, using Cobalt Strike as a C2.
The labs
The course includes hundreds of slides and multiple labs were a lot of hours can be spent after reading all the course content. The labs include write-ups in case you are stuck. At the end of my learning journey the labs were down for multiple weeks. This was around February and they have fixed the labs since then. INE stated that broke their lab network while trying to upgrade to their new platform.
The exam
The exam wasn’t that hard, and I’m not sure it is because I prepared to well or already knew enough about Active Directory attacks. The exploitation in the exam wasn’t to complicated. I was stuck two times, but It didn’t took long till I figured out what to do. I expected the exam to be way harder. In total it took me around 30 hours to gain access to all the machines.
There was one part in the exam the course won’t prepare you for which have been spoken about in multiple reviews, it’s a shame since its vital to pass the exam. It took eLearn Security only one day to review my report, which was a surprise since I have read in the unofficial discord it took almost the full 30 business days for other people. I guess they caught up on their backlog.