Photo by Honey Yanibel Minaya Cruz on Unsplash

Oops!…​ We Did It Again!

Interview with Andres Roldan on his eWPTv1 certification

By Felipe Zárate | July 01, 2021

Andres Roldan, our Offensive Team Leader, did it again! He earned another certification that proves his expertise as an excellent pentester! If you want to know more about his previous certification, you can check out our post about OSCE.

On this occasion, we are talking about the eLearnSecurity Web application Penetration Tester certification (eWPT). It assesses a cybersecurity professional’s web application penetration testing skill. The exam is a skill-based test that requires candidates to perform a real-world web app pentesting simulation.

eWPTv1 is different from conventional certifications because to obtain it, candidates must perform an exam that simulates what professional pentesters do in real life. It urges the tester to use every methodology and tool known to exploit vulnerabilities. At the same time, it is necessary to prove that the candidate perfectly understands what she is doing. That is why it requires a detailed report as an essential part of the exam. In it, testers must provide proof of their findings while writing "a commercial-grade penetration testing report that correctly identifies the weaknesses."

We congratulate Andres on this new achievement, and we want to take some minutes with him to understand his experience taking that exam better. Concurrently, we want to go deeper into some tips that anyone interested in doing this exam should consider.

eWPTv1 Certification
Figure 1. eWPTv1 certification logo by eLearn Security

Interview

What is the exam about, and why did you decide to take it?

  1. The exam is one hundred percent practical. The goal is to find all vulnerabilities (focused on web ones) in a scope delivered in a letter of engagement. eLearnSecurity says that the evaluation of the test is mainly based on the submitted report, which corresponds to a document with the highest quality. In it, the tester must sort, classify, and detail the vulnerabilities found.

  2. The laboratory where the test is done is available for seven days from the start of the exam. You have an additional fourteen days to submit the report.

  3. As a tip, it is crucial to understand the scope of the delivered document and what it implies (do not try anything different from that scope). In fact, eWPTv1 tests the abilities and knowledge that we achieve in Fluid Attacks. As a read team member, we manually search vulnerabilities in a defined target, though we usually support that searching with different types of tools.

Since this test is not multiple-choice questions but involves "to perform an actual penetration test," was the exam preparation different from other exams you have taken?

  1. My best preparation was my experience doing pentesting in Fluid Attacks.

That means you did not prepare yourself with the course given by INE? (Considering that INE “is the premier provider of Technical Training for the IT industry” and owner of eLearn Security.)

  1. I didn’t prepare with the INE.

How did you know you were ready to take the exam?

  1. I did not know that. I took the eWPT test to learn about the type of eLearnSecurity exams, and it was a pleasant surprise to find that the experience gained at Fluid Attacks was enough to earn the certification.

What should we expect from the report that needs to be done as part of the test?
How did you approach it?

  1. The report must be of the best quality. There it would help if you described every vulnerability found in the evaluation target. You must include screenshots and evidence of exploitation of vulnerabilities and impacts obtained.

Tell us a little about your experience at the time of the exam.

  1. The scan started on May 31, 2021, and I found all vulnerabilities on the same day. June 1, I prepared the report and presented it on June 2 in the morning.

  2. The candidate can use any tool during the exam, yet most vulnerabilities are found manually. Therefore it is vital to know how to use the tools to our advantage and not delegate one hundred percent of the responsibility to them.

Will you have to take any certificate renewal exams?

  1. No, this certification has no expiration.

Any tips for preparing for this particular exam?

  1. If you have more than three years of experience in pentesting, the exam will be a "familiar experience." If you do not have that experience, I recommend doing the training in INE to find the vulnerabilities and generate a quality report.

What’s next after this certification?

  1. After this, I will keep preparing for other certifications, including eWPTX, an advanced version of eWPT.

Thank you, Andres, for your time and your clarifications. Again, at Fluid Attacks, we congratulate you on this achievement!

As we said before, this is not the first certification that Andres Roldan obtains. If you are interested in knowing how our Offensive Team Leader prepared his previous certificate, we recommend reading our post, “A Journey to OSCE.” Since you are there, we also recommend you read our last post, in which we interviewed Óscar Uribe about his experience obtaining the OSED certification.

Finally, we at Fluid Attacks do not stop at our mission to offer the best Red Team to our clients. That’s why we are constantly facing new challenges and strengthening our Ethical Hacking skills.

If you want to know more about the certifications that the members of our Red Team have obtained, you can follow this link.