eJPT Certification Review
By: Nick Werner
The eLearnSecurity certifications are rapidly growing in popularity so I decided to enroll in the eJPT (Junior Penetration Tester) certification because I had seen a ton of my friends achieve this and I wanted to see what all the hype was about. I also wanted to make some progress towards the OSCP (Offensive Security Certified Professional) which I promised myself I would achieve eventually.
For a quick background about me, I have a Masters Degree in Information Systems and IT Security. I currently work as an Application Security Engineer but at the time of taking this exam, I was working as a Cyber Security Analyst and I didn’t really have much Penetration Testing experience besides a little bit of work in TryHackMe and the occasional CTF (Capture the Flag). So my review is not from a complete noob’s perspective.
I decided that I would start going for the eJPT because I discovered that the PTS (Penetration Testing Student) course was completely free on INE’s website and the exam cost was only $200 which included a free retake. Honestly, there wasn’t much to lose. I also had a buddy who bet me that I couldn’t achieve this certification by the end of the month so of course I had to prove him wrong.
The PTS course material includes: networking basics, basics about how web applications work, BurpSuite, an introduction to programming with python and C++, bash scripting, and penetration testing basics (information gathering, footprinting and scanning, vulnerability assessments, web attacks, system attacks, and network attacks).
I started diving into the course material and I got through all of it within about 2 weeks. Although, I was a bit lazy because I skipped through a majority of the labs. Once I got through the course material, I moved on to the 3 Black Box Pentests and I quickly realized that I was not prepared enough to take the exam. I then decided to go through the Cyber Mentor’s Practical Ethical Hacking Course on Udemy since I had been putting that off for a while and I thought that might help fill in some knowledge gaps since I was very new to Penetration Testing.
My main focus was to go through all of the Hack The Box machines that was showcased in his course and understand exactly how he did each of them. After I went through all 10 of these beginner friendly machines on Hack The Box, I felt way more confident so I went back to the Black Box Pentests on the PTS course. These Black Boxes were still challenging but now I was able to go through all of them and understand how to grab all of the flags.
I decided to start the eJPT exam the day after I completed the Black Boxes because I felt like it would be fairly straightforward since I had 72 hours to complete it. The exam threw me off right away because it was through eLearnSecurity’s website and not through INE’s website which I had been training on for the last few weeks. Setting up the lab environment, connecting to the VPN, and going through all of the instructions took me a good hour or so to figure out (perhaps I was just being a noob).
I first started looking through the questions to see if there were any that were easy to answer which luckily there were some. Basic enumeration got me through a hand full of questions but then I was stuck. I started to regret not going through the labs more carefully because I did not understand how they wanted me to use Wireshark and some other tools. This forced me to go back to the course and look through these labs again. Figuring out the entire scope was also a challenge for me because it is not given to you so you have to investigate which I found aggravating but also kind of fun.
I eventually had answered 16/20 questions so I guessed on the last 4 and submitted after working on the exam for a little over 2 days. I passed with a score of 16/20 which was awesome! I had earned my first Penetration Testing certification on the first try and it had gone fairly smoothly.
Overall, I thought that the PTS course and exam was a fun certification. I definitely learned quite a bit from taking this exam because it was tough in ways that I didn’t expect which made it unique and interesting. I would recommend this certification to anyone looking to get started in Penetration Testing because it’s easy enough to be beginner friendly but tough enough to challenge you.
I hope you found this writeup helpful!