description |
---|
eLearnSecurity Junior Penetration Tester (eJPT) - a practical certification on penetration testing and information security essentials - training by the INE PTSv2 learning path |
- covers pre-requisite topics introducing information security, programming and pentesting
- prepares for the eJPT exam & certification
- provides the skills and practice to start a pentesting career as an entry-level position
~ 145 hours (~56h of videos
)
Activities: 4 sections , 12 courses , 229 videos, 154 quizzes, 120 labs
- Assessment Methodologies & Auditing ~ 27 hours (
11h
of videos) - Host & Network Penetration Testing ~ 108 hours (
42h
of videos) - Web Application Penetration Testing ~ 10 hours (
3h
of videos)
- Where to find the PTSv2 (Penetration Testing Student v2) course? - INE Learning Paths
- Where to find the eJPT certification exam? - eJPT
- As these notes started with my PTS v1 study, I've decided to keep my Penetration Testing Prerequisites notes here based on the (discontinued) PTSv1 course.
- 🔬 For the training part I will use the provided INE Labs Environment (with the
PTSv2 paid course
) and I will link the labs from the Attack-Defense platform by PentesterAcademy (subscription required
)
eJPT Exam
- Time limit: 2 days (48 hours lab on)
- Questions: 35
- Expiration date: yes (3 years)
- Objectives:
- Assessment Methodologies Domain (25% of exam):
- Evaluate information and criticality or impact of vulnerabilities
- Identify open ports and services on a target
- Exam Score to pass: at least
90%
- Host and Network Auditing Domain (25% of exam):
- Gather hash/password information from target
- Enumerate network information from files on target
- Exam Score to pass: at least
80%
- Host and Network Pen Testing Domain (35% of exam):
- Conduct brute-force password attacks
- Conduct exploitation with Metasploit
- Exam Score to pass: at least
70%
- Web Application Pen Testing Domain (15% of exam):
- Exploit web app vulnerabilities
- Locate hidden files and directories
- Exam Score to pass: at least
60%
- Assessment Methodologies Domain (25% of exam):
- Overall Exam score: at least
70%
+ above minimum score requirements in each domain section - From a technical perspective the exam is set out to simulate a black box penetration test
- minimal amount of information about the target network
- in browser labs (no vpn)
- a complete unrestricted access to the lab environment for the entire duration of the exam
- letter of engagement
- Flexible structure for the user
- Hands-on, open book
- Dynamic flags: randomly generated flags injected into the lab environment
- Testing your ability to find the answer. How you do it is up to you.
📖 Read the Letter Of Engagement
📖 Read the Lab Guidelines