My eCPPT Experience
On December 21st, 2025, I started with my exam attempt for eCPPTv3, Certified Professional Penetration Tester. It’s a course offered by INE for Cyber Security professionals that are looking to further master the art of penetration testing.
After 22 hours of going through the target network, including 7 hours of sleep, I am very happy to announce that I’ve passed my exam and achieved my certifcation!
And, as was the case with my eWPT certification, I’m eager to share the experience. So let’s talk about it.
The Course
The structure of eCPPT is set up much the same as eWPT.
It takes you by the hand and goes over all steps central to a network penetration test. Topics include methodologies, processes and enumeration. But in comparison to eWPT, the meat and potatoes are exploitation, post-exploitation and pivoting. The syllabus also introduces Active Directory networks and the vulnerablities that a hacker can exploit there.
The INE environment was the same as well. You have videos, quizzes and hands-on labs for most of the topics. Watching the videos remains recommended as the trainer, Alexis Ahmed, shares personal experience as a Senior Penetration Tester at points in his videos. I found these to remain very worthwhile.
The videos also contain moments where the lab walkthrough goes wrong. This feels awkward at times but I think it’s good to keep that included, to help troubleshoot issues people might run into themselves.
The quizes and labs are similar as well. After having done theory on a type of attack, you’re given a quiz and a virtual lab environment with software containing the vulnerability. Here, you can test your understanding of the theory and start to get those steps needed to exploit a vulnerability into muscle memory.
I did read, on multiple places, that the labs were unstable. I have to say that this did not happen to as often as these negative comments let on. Save for 1 lab, everything worked just fine.
My Experience
While I took on eCPPT as an OSCP replacement, I do think this certification was easier than what I can recall from my first two OSCP attempts. But this can also be because I’ve gained more work experience since attempting the certification around 2019.
As such, I see eCPPT is an intermediate course. You need to have the basics of the INE’s eJPT and eWPT course before attempting it. But, if you regularly went through the content of Hack the Box and TryHackMe, I bet you’ll have a solid foundation to get this certification.
The theory
While the videos are great, and cover everything needed, I would seperate the lab walkthrough videos into something different than the theory. And as I mentioned before, I think it’s good that the trainer making mistakes in his lab walkthrough stays included and visible for the students.
On the flip side, the quizzes are lackluster, just like in eWPT. Having 1 or 2 mutliple choice questions is not enough. To add value, I would recommend covering the theory of the vulnerability more thoroughly. Make the questions rotating and open, with questions testing the student on, for example, what nmap flag does a version scan - and let the student write it down!
The hands-on
I had a lot of fun going through the labs, specially when they have flags. These hash-based strings remain are a great proof of work, and seeing the green checkmarx pop up with the correct value remains a good dopamine hit.
Sadly enough, not every lab had a flag - even if they could really have easily added one and asked you for it in the interface.
In addition, every lab had a ‘Solution’ tab available with a walkthrough on how to solve it. This is ofcourse, spoiling it. But if you’re stuck, or if the lab somehow got bugged, you can use it to see the steps you should’ve followed.
The biggest thing of the labs that I enjoyed was the pivoting. Even if the technique being thaught was not lateral movement itself, the lab still challenged you to do it. This practice helps cement the concepts and steps.
What also was included, which my run of eWPT did not have, was CTF specific labs. These did not have a solution, but instead only gave you a rundown of what you had to do and asked you for multiple flags. I loved this addition and felt like a real test of my skills!
Taking notes
And, it goes without saying, taking notes is a big… BIG requirement. I took extensive notes on my lab, summarizing everything in the theory and writing down all the shell commands and tool ouptut I needed. This means I can easily go through what I did every lab and CTF assignment as a reference.
So if you’re going to do eCPPT yourself, or any other pentesting certification: TAKE NOTES!
You’ll thank yourself later.
Exam
Unlike OSCP, the eCPPT exam has no procturing, no scheduling and no report writing. A simple click of 2 buttons, and you can start.
For 24 hours, you’re given an corporate network’s IP range, a virutal Kali machine and a bucketload of questions. The answers to these questions are your proof of work, and have to be found in the target environment.
Thus, you’re given a simple task: Pwn the network.
After having gone through all the lab content, I would say the exam was quite easy. There are some stinkers in there that are not covered by eCPPT, but I could easily do because I remember how to do it from eWPT.
Keep your notes nearby, and don’t be shy to Google anything you don’t know. There are great guides out there that can help you tackle a problem that you can enumerate.
Time to pwn
After starting at 1900 on Sunday, I did all my initial enumerations and tried getting some footholds.
There were a couple of things initially that really pissed me off. The biggest things were there being a great reliance on brute forcing, and the Active Directory experience in the exam did not match that of the training and labs.
My frustration was largely my own fault: I sunk quite some time in big dead ends. This was caused by me getting tunnel vision on my enumeration results, causing me mis vital information. As such, always take a break when you get stuck! Have some water, and go through your notes again.
After starting, I went to bed at 1AM and woke up fresh at 8AM in the morning to continue my work. Going through a long day of pentesting, I finished at 5PM. Besides two roadblocks causing me issues, I felt as if I steamrolled through the target environment and easily got everything I needed to answer the questions.
As such, I wasn’t worried when clicking the ‘End Exam’ button, with 1 hour left on the clock. I had all the information needed, and had complete control over every machine.
Proud to say 🎉 !
Should you do eCCPT?
If you’re an intermediary and don’t have OSCP, I think you should. It’s an experience that’s well priced, gives you new insights and will help cement your foundation or give you a new experience that you might be missing.
With 2 exam vouchers in the initial price, my advice would be to do the exam immediatly. See what rolls of the proverbial tongue and what subjects you’re having trouble with. Then go through the course before doing another attempt.
Next to that, I won’t compare it explicitly against other certifications that Reddit would say are a better replacement, but I think eCPPTv3 helps you along fine in your Cyber Security career.
Onwards to the next one!
Changelog
- 2026/01/12 - Reviewed and Published
- 2026/01/09 - Revised
- 2025/12/28 - Draft