Jump to content
Sign in to follow this  
Guest Esraa

Miss

Recommended Posts

Guest Esraa

I am planning of signing up for a course this week, and was fascinated by the topics covered in "Penetration Testing eXtreme" as this is exactly what I need. However, there are some pre-requisites that I don't currently have, so I was wondering if the other course "Penetration Testing Professional" covers these pre-requisites or not (thankfully, I do have the pre-requisites for this one). The pre-requisites that I am lacking and hence wondering if the professional course covers or not:

  • *****"solid understanding of networks and network related security models"
  • "basic reverse engineering skills as well as possess good knowledge of network protocols"
  • "Students must be familiar with PowerShell scripting"

For the network protocols, I do have good understanding of HTTP/TCP/basic FTP/SSL or TLS/basic SSH, but not the other protocols. I do have good skills in Active Directory and windows internals (which are the other pre-requisites of the eXtreme course). I use PowerSheel but never wrote a PowerShell script. Would you recommend that I go through this "Penetration Testing Professional" before the eXtreme one? or is some general reading about the above topics are good enough to get me started with the eXtreme? Appreciate a good advice as the course will take much time and money.
 

Share this post


Link to post
Share on other sites
StefanWAustin

I try to ask some of your questions. I bought the PTX course, but I did not start the course yet.

First, PTX is one of the most difficult pen test courses in the world. Many people fail the exam and need the free second try. People who take PTX usually work in this business for some years as junior pen tester and want to fill the Active Directory gap. If you think OSCP is difficult, this certification is far beyond OSCP and will challenge you much more.

PTP cover PowerShell a bit, but not that much (only the elite version does). According to the course developers, you can start PTX if you have a deep understanding about all PTP topics. PTX will not teach you the basic usage of pen test tools, therefore you need a solid understanding about pen testing. You can google powershell and the missing things. Take TCMs udemy courses or watch some free youtube videos about PS. Alternatively, you can take PentestersAcademys “Powershell for Pentester” as preparation ($150).


It is all about time. I jumped without pen test basics in PTP and I will need between 700-800 hours to get ready for the exam. For PTX, I expect the same amount of time. This is just a number, most people will need less but some will need more time.
What is your background? For PTX I think you need the basics similar to PTP or OSCP level. Without that, I think it is nearly impossible to understand the material or it takes a very long time (> 1000h ?). 

PTX is expensive. Honestly, I would not buy it for the full price because there are cheaper options available (PACES, CRTO). The course material is top-notch and there is nothing newer on the market for red-teaming, but the price is competitive with a 25%-off offer. I am a big eLearnSecurity fan, but $1700 is a lot of money for such a cert.

I think the PTX course is precious and beneficial for a pen tester beyond a junior position, but it is not an entry level cert.

Share this post


Link to post
Share on other sites
Guest Esraa
21 hours ago, StefanWAustin said:

I try to ask some of your questions. I bought the PTX course, but I did not start the course yet.

First, PTX is one of the most difficult pen test courses in the world. Many people fail the exam and need the free second try. People who take PTX usually work in this business for some years as junior pen tester and want to fill the Active Directory gap. If you think OSCP is difficult, this certification is far beyond OSCP and will challenge you much more.

PTP cover PowerShell a bit, but not that much (only the elite version does). According to the course developers, you can start PTX if you have a deep understanding about all PTP topics. PTX will not teach you the basic usage of pen test tools, therefore you need a solid understanding about pen testing. You can google powershell and the missing things. Take TCMs udemy courses or watch some free youtube videos about PS. Alternatively, you can take PentestersAcademys “Powershell for Pentester” as preparation ($150).


It is all about time. I jumped without pen test basics in PTP and I will need between 700-800 hours to get ready for the exam. For PTX, I expect the same amount of time. This is just a number, most people will need less but some will need more time.
What is your background? For PTX I think you need the basics similar to PTP or OSCP level. Without that, I think it is nearly impossible to understand the material or it takes a very long time (> 1000h ?). 

PTX is expensive. Honestly, I would not buy it for the full price because there are cheaper options available (PACES, CRTO). The course material is top-notch and there is nothing newer on the market for red-teaming, but the price is competitive with a 25%-off offer. I am a big eLearnSecurity fan, but $1700 is a lot of money for such a cert.

I think the PTX course is precious and beneficial for a pen tester beyond a junior position, but it is not an entry level cert.

Thank you for the prompt response. As for your question on my background; I work in in technical support for web application issues hosted on IIS, ASP.NET, ASP.NET Core, Web services. I also took the Attacking and Defending Active Directory course by PenTester Academy. I have general knowledge in networking (like what is a firewall, LB, subnetting). I also took the OCSP, I didn't find it hard but I failed the exam.

Going through your reply, I am not sure if OSCP is enough for PTX, as you mentioned that having deep understanding of PTP topics are enough to get started with PTX, however, when going through the syllabus of PTP it turned out to have way more covered topics than OSCP (besides, OSCP was using some old OS and vulnerable apps), so do you think that what PTP has over OSCP is required to go through PTX?

Share this post


Link to post
Share on other sites
StefanWAustin
4 hours ago, Guest Esraa said:

I also took the OCSP, I didn't find it hard but I failed the exam.

So it is hard, you studied not hard enough :-D.

4 hours ago, Guest Esraa said:

so do you think that what PTP has over OSCP is required to go through PTX?

OSCP is a manual certification and not realistic at all. It is a CTF certification and the PTP course is more realistic. You can use all tools and whatever you like. The exam is a pentest against a small company.
PTX has some real scenarios and simulates small to medium sized companies with modern to brand-new AD architecture including modern AV.

You can request a PTX demo and watch the PTX launch video. The video is an hour, but you can find the valuable, technical lab part in the middle, so you can see the huge difference between OSCP and PTX.

Share this post


Link to post
Share on other sites
Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×