The EC-Council Licensed Penetration Tester (Master) Credential

To earn the prestigious EC-Council LPT (Master) Credential, you must successfully pass our most challenging practical exam available. The LPT (Master) practical exam is the capstone to EC-Council’s entire information security track; from the Certified Ethical Hacker Program (C|EH) to theEC-Council Certified Security Analyst (E|CSA) Program. It all culminates with the ultimate test of your career as a penetration tester – the Licensed Penetration Tester practical exam.

You will need to demonstrate a mastery of the skills required to conduct a full blackbox penetration test of a network provided to you by EC-Council on our cyber range, iLabs. You will follow the entire process taught to you through Ethical Hacking and Security Assessment, taking you from reconnaissance, scanning, enumeration, gaining access, maintaining access, then exploiting vulnerabilities that you will have to seek out in a network that only a true professional will be able to break. EC-Council will provide the entire cyber-range through its cloud based cyber range, iLabs. All toolsets are provided to you – you bring the skill.

To successfully pass the LPT (Master) practical, you must fully document your penetration test in a complete, professional penetration test report. This report will follow formats learned in the ECSA program, following industry acceptable, penetration testing and reporting procedures used by only the top professionals in the industry. This report will be reviewed and scored based on a complex rubric by other penetration testing professionals dedicating to upholding the value of EC-Council’s LPT (Master) Credential, and enhancing the professionalization of cyber security as a field penetration tester.

While the Certified Ethical Hacker course teaches threat agents that can compromise the security posture of an organization, and the EC-Council Security Analyst program provides a repeatable and documentable methodology for deep analysis of an organizations security posture, the Licensed Penetration Tester exam tests the mastery of the skill-sets required to be a true professional penetration tester – Technical Analysis and Report Writing.

To build on the technical skills taught in the Certified Ethical Hacking course, the EC-Council Certified Security Assessment course emphasizes application of a suitable methodology and report writing. The LPT (Master) practical exam thoroughly tests the application of this knowledge and the skills required in an examination that even our reviewers have called “extremely challenging”. There is no course for the LPT (Master) exam. The Licensed Penetration Tester (Master) certification Exam is the final step after the intense training and certification that you would have received in the Certified Ethical Hacker and the EC-Council Certified Security Analyst programs.

Many have described report writing as one of least preferred, yet arguably one of the most critical parts of any penetration testing engagement. While so many cyber security courses are offered globally to cover various subjects in the information security realm, hardly any are dedicated to this very important skill, especially almost since half of all time spent at any penetration testing engagement can revolve around writing and reporting the core findings of the engagement to the client. Explaining a highly technical finding in an elaborate penetration test engagement to someone not technical like the CEO of a company, the senior management or even the board of directors can be very challenging and frustrating at times. Mastery of communication, research and report writing is required to make sense of technically complex topics like specific vulnerabilities and their resulting exploits in a meaningful manner than an organization can use to make educated decisions to improve their own security posture.

Typical of an industry scenario, each participant is given 5 days to conduct a comprehensive penetration test on EC-Council’s cyber range and are then required to submit their complete Pen Test within 30 days from the initial commencement of the 5-day hands on Penetration Test.


LPT (Master) Exam
A real time performance Assessment

The LPT (Master) exam is developed with collaboration from SMEs and practitioners around the world after a thorough job role, job task, and skills-gap analysis.

The exam environment simulates a complex network of a multi-national organization in real time. This virtual cyber range, much like an actual network, has multiple networks with different militarized and de-militarized zones. Like any organization, the target of evaluation in the LPT (Master) practical exam is segmented into many departments, has various users and groups from information workers, to admins, to executives, various operating systems, patch levels, proprietary as well as open source applications, and security controls.

Candidates will be exposed to the exam environment via EC-Council’s iLabs (cloud based cyber-range) and access codes are provided to candidates at the onset of the exam cycle.

Candidates are required to perform a black-box test of the target organization. Typical of most moderately secured organizations, the candidate will not get direct access to the organization’s internal infrastructure. Candidates need to use a landing zone that simulates a pen tester’s workstation to audit the target organization.

One of the key skill areas of a penetration tester is to successfully carry out all the three phases of a network hack, namely – Reconnaissance phase, where a pen tester gets familiar with the network by observing and scanning, Exploitation phase where the tester, using the intelligence from the previous phase, actually breaks into the network and/or individual machines; and Post-Exploitation phase where data exfiltration, documentation and effect of exploitation is documented and enumerating leading to deeper vulnerabilities that eventually lead to ownership of the core network and key machines controlling the entire organizations computer systems.

Candidates are expected to demonstrate expertise in each of these phases by successfully completing all the challenges thrown their way by the exam. Once done, candidates need to submit a detailed report of their findings, methodology used, corroborative screenshots, scripts, custom exploits, or any other method they have used to penetrate the network. Candidates earn points for each completed challenge depending on the particular challenge’s level of difficulty and the approach used to complete it.

Being an LPT (Master) means that you can find chinks in the armor of defense-in-depth network security models with the help of network pivoting, making exploit codes work in your favor, or by writing Bash, Python, Perl, and Ruby scripts. Your job description demands that you think on your feet, be creative in your approach, and not rely on the conventional techniques. Outsmarting and outmaneuvering the adversary is what sets you apart from the crowd. This five-day exam will test your perseverance and focus by forcing you to outdo yourself with each new challenge.

How does the LPT (Master) License help me in the conducting pen tests?

The Licensed Penetration Tester (Master) provides assurance to your employer or prospective clients that you possess the “hands on” skills based competency to perform a thorough security assessment. It also provides you a platform to showcase your skills and earn real-world pen testing experience, globally.

How is LPT (Master) framework different from other Pen Testing frameworks and standards

Unlike other proprietary pen testing frameworks that are used only within a particular organization, EC-Council’s Licensed Penetration Tester (Master) framework is available to public. The LPT (Master) framework was developed based on a thorough analysis of all the available frameworks and standards in the industry. The Licensed Penetration Tester (Master) encompasses the best of the breed methodologies from across the world, into one standard.




LPT (Master): Extremely Challenging and One of The Toughest Exams

by Mark Horvat

I am a Director and Principal Consultant at Black Swan Group. I specialize in risk assessments, white hat hacking, vulnerability assessments…

Proud to attain the LPT (Master) Credential

by Ali Isikli

As an industry veteran with over 21 years of experience in the defense industry, I challenge myself to constantly upgrade my skills…

Converting Fear into Confidence with LPT (Master)

by Adithya Naresh

I am a cybersecurity consultant with SAP Labs. My area of responsibility include software security, exploitation, reverse engineering, and web security…

LPT (Master) Rocks!

by Sergey Klevogin

I am the lead instructor in Computer Training Center “Specialist” in a Technical University in Russia, which enrolls around 85,000 students annually, making it the largest in Russia…

Real Life Penetration Testing with LPT (Master)

by Moustafa Mohamed Mohsen

As a Senior Security Engineer in Orange Business Services, I have six years of experience in the information security industry…

LPT (Master) Exam Information

A. Eligibility Criteria

  • To be eligible to apply to sit for the LPT (Master) Exam, candidate must either.
    • Be an ECSA member in good standing (Your USD$100 application fee will be waived); or
    • Have a minimum of 2 years working experience in pentesting (You will need to pay USD$100 as a non-refundable application fee); or
    • Have any other approved industry certifications such as OSCP or GPEN cert (You will need to pay USD$100 as a non-refundable application fee).

B. Application Process

  • Applicants must apply directly to EC-Council via the online web form here: and provide the following:
    • A copy of police verification from applicant’s local law enforcement agency or EC-Council Declaration of No Criminal Conviction Form ;
    • EC-Council Code of Conduct (COC) Form ;
    • Updated Resume documenting penetration testing experience or skill;
  • Approved applicants must purchase the Licensed Penetration Tester (Master) Exam Kit via EC-Council online store within 3 months of receiving the approval email (the approval will expire post the 3 months and applicants will have to reapply and remit the $USD100 non-refundable application fee again).
  • Upon confirmation of the payment of USD$899, the LPT (Master) Exam Kit will be released to the applicant, which consists of:
    • iLabs Cyber Range Access Code (applicants are given a 5 day block access from activation date / code is valid for 3 months from the date of release)
    • Aspen LPT (Master) Dashboard Access Code (applicants have a 30 day window to submit their reports from activation date/code is valid for 3 months from the date)
    • A 2 year LPT (Master) License is included in the LPT (Master) Exam Kit valid for 2 year license / subject to ECE and renewal requirements)


  • Candidates will receive instructions on how to activate their exams via EC-Council’s ASPEN portal via their registered email.
  • Candidates will activate their exam through ASPEN, using their unique Aspen LPT (Master) Dashboard Access Code will be provided.
  • Candidates are given 5 days (calculated from the activation of their Aspen LPT (Master) Dashboard) to complete the required blackbox penetration test of EC-Council’s cyber range.
  • Candidates are given 30 days (calculated from the activation of their Aspen LPT (Master) Dashboard) to submit their completed penetration test report through their ASPEN account.
  • Candidates will receive their exam results through official email notifications from EC-Council ( within 14 days from the submission of the penetration testing report.
  • If a candidate requires extension to the iLabs Cyber Range access, a further 5-day block can be purchased at USD$400 per block (through EC-Council online store).
  • If a candidate submits a wrong or incomplete report, they will have to purchase a new Aspen LPT (Master) Dashboard Access Code at US$199 (through EC-Council online store). This option is only available before the expiry of the 30 days requirement (calculated from the activation of their Aspen LPT (Master) Dashboard).
  • If a candidate fails to complete the exam in the 30 days’ time period allotted for the exam, they will have to purchase a new exam.

D. LPT (Master) Credential

  • Successful candidates will receive the LPT (Master) Welcome Kit consisting of:
    • Membership card
    • Printed Certificate
    • LPT (Master) Plaque
    • Welcome Letter
    • Lapel Pin
    • EC-Council LPT (Master) T-shirt
  • The LPT(Master) license is valid for 2 years. After the initial 2 years, members will have to renew their LPT (Master) license by remitting the annual USD250 renewal fee.
  • Members are required to fulfil their ECE requirements to remain in good standing.


Benefits of Penetration Testing Certification

  • EC-Council’s prestigious endorsement as a licensed penetration testing professional, allows successful candidates to practice penetration testing and consulting internationally.
  • Industry acceptance as a legal and ethical security professional.
  • Access to proprietary EC-Council software, templates, and penetration testing methodologies.
  • License to practice and conduct security testing in organizations accredited by EC-Council
  • Acquire knowledge from experienced hands-on Licensed Penetration
  • Tester methodologies and latest penetration testing practices.



The LPT (Master) title and designation is a Private License from EC-Council to suitably qualified individuals that achieve the high standards set by EC-Council to use EC-Council’s approved trademarks, methodologies, templates and report structures in their professional career. The LPT (Master) is NOT a governmentally sanctioned title conferred by any government institution or state.



1. Why should I be licensed?

Penetration testers today have been certified by different agencies. But are they trusted? Do they follow a code of ethics? The answer is no. The Licensed Penetration Tester (LPT) program offered by EC-Council gives certified penetration testers the opportunity to practice their skills so that they are able to function as a licensed penetration tester. EC-Council’s licensed penetration testers use hands-on penetration testing methodologies and are trained by experts and specialists who are licensed penetration testers from EC-Council.

2. I am already a Penetration Tester, why do I need to be a Licensed Penetration Tester?

Being a penetration tester would be of little help in this insecure world. Corporate organizations today are looking for penetration testers who can analyze vulnerabilities of the network and who can be trusted not to disclose network vulnerabilities to competitors. Thereby, many companies would be looking for a Penetration Tester who is licensed to carry out these tasks and who has hands-on experience in penetration testing.

3. What is the difference between a Licensed Penetration Tester and a Certified Ethical Hacker?

A Certified Ethical Hacker would be an individual who is trained in mastering hacking technologies. A Licensed Penetration Tester is a professional who is equipped with a License to conduct penetration testing of corporate networks. Licensed Penetration Testers are preferred over non-licensed ones by companies for recruitments/assignments.

4. Why do I need to supply police verification?

Police verification is preferred, though not mandatory. However, one of the requirements of being able to avail a license in Penetration Testing is that the candidate should be able to supply a photocopy of his / her criminal background check that is available through any local law enforcement agency. The document should certify that the individual does not have any criminal record / background.

5. What benefits does the EC-Council’s License for Penetration Testing give?

With the Licensed Penetration Testing (LPT) program from EC-Council, companies are assured that Licensed Penetration Testers are being taught, tested and licensed by a globally recognized and professionally managed body like EC-Council. Thus, organizations can be completely assured and confident of the deliverables of the Licensed Penetration Tester certification authorized by EC-Council. This can be compared to availing a driving license from your license issuing authority.