The ultimate guide to pass the most beginner-friendly infosec certification
Hi guys!
Finally, from today I am an eJPT holder.
I want to share with you my entire journey from my preparation to the
exam.
I would like this guide to finally be the real definitive guide for this
certification, since I have seen several guides online, but I found them
very ambiguous on certain things.
Let’s get started!
Preparation
I will be honest, the exam preparation took me only 1 week because
although it’s my first certification it’s years that I practice CTF so some
things I found really fast to do.
For those without experience, the preparation should not take more than 1
month.
I leave here the link for the study material.
INE — Penetration Testing Student
Elearnsecurity has a plan that costs about $500 for course material, but in
the specific case of the eJPT it will be completely free except for the labs.
However, you can attempt the exam without studying at a cost of $200.
Although, I highly recommend taking a look at the material because it’s
done really well, in fact I didn’t find any gaps during the exam.
Remember, everything you need is in there.
Important: Do very well the section on networking, in particular the
routing because in the exam it will be fundamental,
make sure that you have mastered the concepts before starting the
exam because if not you will be stuck very soon.
Also master tools like nmap, dirsearch, sqlmap,enum4linux, wireshark,
john and hydra.
Exam Structure
You will have 3 days to answer 20 questions on a real pentesting
environment.
Once you have started the exam, you will receive a letter that will tell you
what you have to do, read it very carefully.
Tip: Do not be in a hurry, 3 days are more than enough, in my case
considering the breaks, it took me only 6 hours.
The exam
Give me six hours to chop down a tree and I will spend the first four
sharpening the ax.
Although Lincoln never had the pleasure of using a computer, he gave us
this magnificent quote.
You will learn that enumeration is the most important thing in the
pentesting cycle, a successful enumeration will lead you to success
without problems.
Don’t be in a hurry to get that shell, enumerate, enumerate…
The beginning of the exam may seem very difficult because you do not
know where to go, but don’t worry, once you understand where to start, it
will be a piece of cake.
So don’t fret and don’t rush, time is on your side in this exam.
Run a full nmap scan to make sure you don’t miss anything.
ARP…
And as a last thing, remember to do the most obvious things you can do,
don’t do weird things, or you’ll risk going down the wrong path.
Final thoughts
The eJPT is a great exam to start your career in the infosec, and I highly
recommend it as a first certification, considering the knowledge gained
and the purchase price.
I repeat for the last time keep calm and do well the things I have described
above and your exam will be a guaranteed success.
I hope this guide will be useful to you in case you will attempt the exam !
Best of luck! 💪
