Skip to main content

eLearnSecurity Junior Penetration Tester review

· 3 min read

I have recently achieved my eJPT certification. As such I will be reviewing my experience and providing some tips.

ejpt

Course material

I managed to finish the training material in just under 30 days.

All of the courses are a must if you want to be a successful Penetration Tester. However, if your aim to just pass the exam, all the courses are not required to achieve that. I went through all the courses taught my Alexis Ahmed. In the case of Josh Mason, I only did his "Web Application Penetration Testing: Introduction to the Web and HTTP Protocol" course before attempting the exam.

Exam

First attempt

I attempted the exam for the first time on 06th of April. I finished everything in about 21 hours.

I failed that attempt with a score of 65% (the passing score being 70%).

Even though I was confident that most of my answers were correct, I made a severe error in my approach.

Before attempting the exam I had read in a couple different reviews that one should treat the exam like an actual pentest and not a CTF. Even INE makes you aware of this fact in their "Letter of Engagement".

image

However, with CTFs being my main source of learning (see my Writeups), I did not understand what it meant at that time.

So let me save you the trouble and tell you myself:

You are supposed to perform all the steps you would perform in a real pentest. The reason being, that INE checks the logs created on the attacker machine to give you points. So even if you do not see a question pertaining to a certain phase in the "Pentesting methodology", you still must perform it.

Second attempt

Keeping the above statement in mind, I refined my notes into more of a cheatsheet and attempted the exam a second time on 09th April.

This attempt I passed with 88% (31 questions out of 35).

I went through all the steps required on all the target machines. (I still missed a few things, hence only 88%). I finished the attempt in about 16 hours, even going over most of our steps once.

Parting thoughts

Overall I would say that the exam was a very fun experience, being my first practical certification exam.

As for my future plans, I will be learning more using whatever free resources I can find.