Vulnhub machines to prepare for eCPPT?

,

Hi everyone!

So i’m almost finishing the PTP course, i did all the labs but i would like to know if you guys have recommendations of machines to prepare for the actual exam? I thought the course would have some labs at the end just like in the PTS where you have those environments to practice, but it doesn’t.

I mean, i did ~60 machines a while ago in order to prepare for the OSCP, but most of them are just CTFs. One that i really liked was WinterMute1, which has 2 machines in different NICs and you have to root the first one in order to pivot and root the second one as well, similar to the exam and real life network engagements.

With that said, do you guys have suggestions to more labs/machines like this? I know Wrath from tryhackme seems to be around those lines, but i need to get the streak again, so i was looking for Vulnhub machines or something like that. I think setting up my own lab wouldn’t be good because i would already know the vulnerabilities on it, so it would be kind of spoiled.

Hello there!

I’ve not played around with VulnHub, but TryHackMe and HackTheBox are quite helpful. It will do you good to go through as many machines as you can here that have realistic scenarios instead of CTF style scenarios. Try to take the concepts covered in the course and apply them to the machines available on those platforms to find ones to help you better prepare. I had to pay a months subscription to both platforms at the time, but to be honest, it was money well invested to help prepare me for the exam.

I hope that this helps and best wishes for your exam!

1 Like

Yeah… not what i’m looking for. I already did a lot of HTB and THM in the past, i also work as a consultant but i mainly test web/api/mobile, so i don’t have as much experience in internal networks and i would like to practice on more realistic scenarios instead of CTFs. But thanks anyway!

Ah, I see. Do you mean places that maybe cover pivoting as well? When I was preparing earlier this year, there wasn’t really a place for me to practice this properly, I am not sure if this has changed this then. I got the impression that I would have to create my own virtual environment for this, but I didn’t have the computing resources to do this.

But if this helps, if you go through the related content covered in the course and make sure you understand everything that’s being done and why it’s being done, you should be fine for the exam.

I hope that this helps!

I built Gatekeeper on TryHackMe specifically for prep for the exam.

2 Likes

Awesome man, thank you! I already done that in the past, but i’ll be sure to root it again before the exam.