Certified Professional Penetration Tester

eCPPT Certification

eCPPT is a 100% practical and highly respected Ethical Hacking and Penetration Testing Professional certification counting certified professionals in all seven continents.

Start Learning Buy My Voucher

The Exam

INE Security’s Certified Professional Penetration Tester certification is a practical, hands-on certification exam designed for professional Penetration Testers and Ethical Hackers.

About the Certification Exam

The certification exam assesses and validates that the individual has the knowledge, skills, and abilities required to fulfill the role of a modern Penetration Tester.

Exploitation

Initial Access

Active Directory Pentesting

Web Application Pentesting

This exam is designed to be the next step in Red Team certifications with INE Security. Successful candidates will have hands-on experience to demonstrate their mastery in the real world and continue their journey by taking INE Security’s Web Application Penetration Tester (eWPT) certification.

Domains + Objectives

The eCPPT evaluates an individual’s skills across various domains and objectives, certifying their mastery and understanding.

eCPPT

Exam Domains

Information Gathering & Reconnaissance (10%)

Initial Access (15%)

Web Application Penetration Testing (15%)

Exploitation & Post-Exploitation (25%)

Exploit Development (5%)

Active Directory Penetration Testing (30%)

Information Gathering & Reconnaissance (10%)

Perform Host Discovery and Port Scanning on Target Networks
Enumerate Information From Services Running on Open Ports

Initial Access (15%)

Perform Username Enumeration to Identify Valid User Accounts on Target Systems
Perform Password Spraying Attacks to Identify Valid Credentials for Initial Access
Perform Brute-Force Attacks on Remote Access Services for Initial Access

Web Application Penetration Testing (15%)

Perform Web Application Enumeration to Identify Potential Vulnerabilities & Misconfigurations
Identify and Exploit Common Web Application Vulnerabilities For Initial Access (SQLi, XSS, Command Injection, etc)
Perform Brute-Force Attacks Against Login Forms
Exploit Vulnerable and Outdated Web Application Components
Exfiltrate Data and Credentials From Compromised Web Applications and Databases

Exploitation & Post-Exploitation (25%)

Identify and Exploit Vulnerabilities or Misconfigurations in Services
Identify and Exploit Privilege Escalation Vulnerabilities
Dump and Crack Password Hashes
Identify Locally Stored Unsecured Credentials

Exploit Development (5%)

Develop/Modify Exploit Code For Initial Access and Post-Exploitation
Identify and Exploit Memory Corruption Vulnerabilities (Stack Overflow, Buffer Overflow)

Active Directory Penetration Testing (30%)

Perform Active Directory Enumeration
Identify Domain Accounts With Weak or Empty Passwords
Perform AS-REP Roasting to Steal Kerberos Tickets for Authentication
Perform Active Directory Lateral Movement Techniques (Pass-the-Hash, Pass-the-Ticket)
Obtain Domain Admin Privileges/Access

Who It's For

The eCPPT is a certification for technology professionals with 2+ years of experience in offensive security and are interested in career advancement in penetration testing.

Get eCPPT Certified

To take the eCPPT exam, you’ll need both an INE subscription and an exam voucher.

New to INE? Get started with one of these options:

Get Voucher for 50% off

INE Premium subscription

The INE Premium subscription offers the updated Penetration Testing Professional Learning Path, built for professional-level Red Teamers with 2+ years experience in offensive security. It prepares you to take the eCPPT exam through a blend of expert-led courses and practical lab time. When you’ve completed the learning path, you’re ready for the exam!

Get Started

eCPPT Voucher Included

eCPPT + Prep Bundle

3 months of access to all INE training to prepare you for the eCPPT and more.

Buy My Voucher

Already a subscriber?

The eCPPT Certification Exam Voucher can only be purchased with an INE Premium Subscription. If you already have a subscription, you can buy your voucher now! We encourage everyone to complete the Penetration Testing Professional (NEW-2024) Learning Path before attempting the certification exam.

The Process

Start your certification journey with a simple, step-by-step experience designed to guide you every step of the way. Get started now!

Shop Certification Vouchers

To complete the eCPPT Certification, follow these steps:

Purchase a certification exam voucher

Purchase an exam voucher to start the certification process. Login to the certification area to manage the exam and any other materials related to the certification process.

Begin the certification process

Regular vouchers expire after 180 days from purchase. Before the certification voucher expires (180 days from purchase), complete the initial exam attempt and if desired, the complimentary re-take that is provided with the voucher’s purchase. Both attempts must be submitted before the certification voucher expires. The expiration date will always be available in the certification area, and reminder emails are sent to ensure the voucher is taken advantage of.

Take your exam

Follow the certification instructions and complete the exam within the allotted time. If technical issues are encountered at any time during the exam, please email support@ine.com for assistance.

Receive your results

Results are on an auto-graded system. This means results will be delivered within a few hours after completing the exam. The eCPPT score report will show performance metrics in each section of the exam, allowing reflection on mastery of each exam objective. All passing score credentials will be valid for three years from the date they were awarded.

The eCPPT certification is valid for three years from the date it is awarded. Stay current with your skills and maintain your credential through flexible renewal options designed to fit your schedule.