EC-Council Brings A New Range Of Real World Challenges

December 6, 2017 Josh Tomkiel

EC-Council brings a new range of real world challenges that will not only test your Pen-testing skills but guarantees you an experience that is not built for the weak hearted.

The LPT (Master) is different than any other certification on the market today.  As a candidate, you are given access to a Kali Linux instance, provided a scope, and tasked with completing 3 challenges.  You have 6 hours to complete at least 1 of the 3 challenges to be allowed to advance to the next level (3 levels in total).  Out of the 9 total challenges (3 on each level) you need to complete at least 5 to pass.  The entire time you will be monitored through your webcam by a proctor to verify that you are the individual compromising the hosts with no outside assistance.  Finally, you will need to create a report documenting your steps taken to exploit each host.

Passing the LPT (Master) establishes that you have sufficient depth with Kali Linux and know how to use the various tools available within the distribution to enumerate hosts, identify misconfigurations and vulnerabilities, as well as how to exploit them.  The techniques required to pass the challenges within each of the levels are the same that our teams use every day when performing a network or web application pen test.  This also means that you need experience to pass this exam.

My favorite part of the exam was level 3.

Read more:

About the Author

Josh Tomkiel

Josh is a Manager and Penetration Tester with Schellman based in Philadelphia, PA. Josh has over 10 years of experience within the Information Technology field. Josh has deep background in application penetration testing, although he is also very knowledgeable in network penetration testing, particularly in Mac heavy environments. Josh leads Schellman’s iOS related penetration testing activities and phishing program. Additionally, he has been credited with the identification of vulnerabilities in various bug bounty programs.

More Content by Josh Tomkiel
Previous Video
Cloud Apps - Penetration Testing for Providers  and Customers
Cloud Apps - Penetration Testing for Providers and Customers

Please, join Matt Wilgus and Josh Tomkiel from Schellman's Threat and Vulnerability Assessment team, as the...

Next Flipbook
Penetration Testing
Penetration Testing