Certified Professional Penetration Tester (eCPPTv3)
Exam Structure & Logistics
24-hour marathon: 45 questions split between MCQs and hands-on challenges.
Instant Gratification: Immediate pass/fail verdict after submission (no agonizing wait, at least).
Browser-accessed Kali machine. Worked surprisingly well, though it disconnected briefly a few times.
Progress saves if you close/reopen the tab, but stopping the lab resets everything.
No internet access: Forget
apt-get install your_favorite_tool
. You’ll be copy-pasting scripts like a medieval scribe.Scattered questions: Questions for the same machine are spread out like breadcrumbs (Q1, Q30, Q45…). I suggest reading all the questions before proceeding, at least, that's what I did.
Dynamic flag system: Once submitted, you can't resubmit or edit the flag, as it changes with each lab restart. Other than that, you can freely re-edit answers and navigate through the questions.
Preparation: How I (Barely) Survived
There were very few reviews of the newer version online, and the ones I found mentioned an issue with Hashcat. However, I did not face any problems and was able to use it normally, guess INE's QA team is stepping up their game. Bruteforcing also stayed within INE’s 20–30-minute guideline using the same wordlists.
For preparation, I did not use the INE material. Prior to this, I followed the Certified Penetration Testing Specialist (CPTS) Path from HackTheBox and completed over 50 boxes/labs from Proving Grounds and HackTheBox. I felt confident enough to merely skim through the slides and quickly review the labs before starting the test.
The Ride
I started the exam sleep-deprived at midday. Don’t be me. By hour 15, I submitted my answers half-conscious, with a few questions left unanswered, my eyes wouldn’t stay open, and my head kept dropping onto the keyboard.
The questions were divided equally between Active Directory, Linux, and general topics (some felt like they escaped a CompTIA exam, "Just Google it", without any real connection to the test's context).
Non-sequential question arrangement: Questions related to the same machine were scattered (Q1, Q30, Q45…).
Two terminals available: Do not use Lxterminal; instead, use QTerminal, which offers better color support and readability.
Difficulty level: The Linux questions were similar to medium-rated HackTheBox boxes. I couldn’t complete all the AD questions, so I can’t fully assess that section. However, the ones I attempted were simple and straightforward.
Struggles
Limited tools: The attack machine lacks some of the tools I usually rely on, as using our own machine isn't allowed.
No internet access: Downloading additional tools isn’t possible, you’re stuck with copy-pasting simple scripts.
Alternative exploits led to dead ends: Sometimes, I exploited a machine through a different vector, but then I couldn't answer the specific question being asked.
Advice for Future Test-Takers
Study Active Directory Well: Active Directory is a big deal in this exam. Make sure you understand how it works, how to navigate it, and how to exploit it. It’s not just a buzzword, it’s a core skill here.
Be Fluent with Searchsploit: You’ll need to quickly find exploits, and searchsploit is your go-to tool. Practice using it until it’s second nature.
Privilege Escalation Techniques: Get comfortable with privilege escalation, knowing how to move from a low-privilege user to owning the system is key. Tib3rius is the OG here; their course is a fantastic resource, so check it out.
Bruteforcing Is Your Friend: Don’t hesitate to lean on bruteforcing when needed. It can open doors (sometimes literally) during the exam.
Final Thoughts
In my opinion, the exam is not worth the full price for the level of knowledge and experience provided. The videos and slides I skimmed through were meh, but since I didn’t go through everything in detail, don’t take this as absolute advice.
For a better learning experience, I’d recommend the CPTS, which is actually cheaper. For CV recognition, I’d suggest OSCP, HR’s darling, as it holds more prestige.
I took this exam to gain practical experience and add some "magic CV letters." I was originally preparing for the OSCP and even attempted to book it, but payment processing issues forced me to put it on hold. I plan to aim for the CPTS next time, especially since I struggled with the Active Directory portion and wasn't entirely satisfied with my results.
This exam feels like a middle child, practical enough, but outshined by competitors. The autograded format removes real-world reporting skills, and the scattered questions test patience as much as technical ability.
Last updated