home..

My eJPTv2.0 exam review

certification eJPTv2.0 Penetration Testing

Introduction


The eLearnSecurity Junior Penetration Tester version 2 (eJPTv2.0) certification is geared towards entry level penetration testing job role / Junior penetration testers. It is real world oriented. The essence of courseware and exam lies in the fact that it is supposed to be for beginners who have demonstrated their ability to use automated tools, to do manual exploitation and improvise as needed at various stages of penetration test.

Initial nmap scan

Credential Link


eJPTv2 Beta Invite


INE pushed eJPTv2’s Beta testing invites to several of its customers in their mailing list, luckily I received the email too, eventually they had put the invite on a public website so it wasn’t all exclusive to a handful of people, anybody could apply and I shared it with bunch of my friends too. As of now the beta testing period is over, however one can expect to see the official launch of eJPTv2 very soon. So, I applied for the beta testing and I was selected, at that time I had my premium subscription active (could access full library in INE), but for those (Beta testers) who didn’t had it they were given access to the Penetration Testing Student v2 (PTS v2) learning path throughout the period of beta test. It is the offical courseware associated with the eJPTv2 exam.

I won’t go into details of the steps that happened throughout the beta test. I hope more revised and updated exams show up in the future and that people can apply for their beta test.


Exam Environment Experience


Exam comprises of 35 Multiple Choice Questions (MCQs) based on the hands-on you do in their environment, it doesn’t test anything which is theoretical in nature, unlike other exams which incorporate MCQs. Exam’s time window is 48 hours, however for reviewing each question being assessed individually, beta testers got 50 hours, but once the exam is launched officially, you can be sure it’s gonna be 48 hours only.

You get access to browser based exam environment (similar to the labs in courseware), it’s a black-box pentesting assessment, no prior information on “assets in scope” is provided. The network is stable, fast and it has no internet connection, you have to rely on tools which are shipped by default on Kali Linux distribution.

At the very top of this blog post you saw the “Dynamic Exam” written on the logo of eJPTv2, what is it about?

Well, apart from MCQs, there are some question which requires you to submit the “flag” you captured throughout your pentesting engagement. And these flags are attached to your own instance, since it’s an exam, you can’t expect it to have “shared instance”. And the moment you submit the flag associated with your instance, it will be evaluated immediately on the back-end, which will be marked later. If the exam registers no activity it will automatically go into sleep mode or you might have to respawn the instance, several Beta testers including me were skeptic about the Dynamic Flag’s which are attached to the previous instance which was gone (however it’s submitted), but apparently the support team from INE gave us clarification on this matter, so don’t worry if you spend your time on multiple instances. Please DO NOT save the flag to submit it later, just submit it immediately. It’s your instance, your flag, let it be evaluated. This is a smart move, so that no cheating happens in the exam, although it is not proctored, and doesn’t require you to submit a report by the end of assessment.

So I took breaks in between, and I finished answering all 35 questions within first 12 hours of the exam. It was intense and I enjoyed it a lot.


Resources


Keeping it simple on your preparation strategy I would suggest using these 3 resources :

Penetration Testing Student v2 The official courseware is wholesome and thicc. It suffices for the most part since it has videos with hands on demonstration & theory + browser based labs attached to it + their respective quizzes. However going through the material will take time depending upon your knowledge, experience and the degree of perseverance.

I believe in training hard and smart. Hence to supplement your hands-on practice, you can do rooms on Try Hack Me and boxes from Hack The Box. You have to go above and beyond the regular browser based labs attached in the official courseware, they’re amazing to reinforce specific concepts you just learnt. But remember that in the actual exam and in the real world assessments, you will not be dealing with specific concepts being tested individually, but rather a combination of everything in some proportion which leads you to devising a complex attack chain.


How to prepare for the exam


Realize it’s a THICC course to go through. INE’s subscription model is relatively expensive. Until unless you purchase a standalone exam voucher, and that you’re confident with your skills, I would highly recommend going through PTSv2’s content. It’s a goldmine of information, skills, experienced tips and tricks. I genuinely learnt a lot while watching videos and doing hands-on, I made hand-written notes, you can prefer your style of organizing notes. Since the course is thicc, my notes were thicc as well. And I had to parse through my notes while taking the exam.

  1. 4 Sections
  2. 12 Courses
  3. 229 Videos
  4. 154 Quizzes
  5. 120 labs

All of this compounds to 143 hours 42 mins (estimated) time to go through whole courseware. PTSv2 is authored by Alexis Ahmed (our beloved HackerSploit) and Josh Mason. Both of them did a great job at designing and making the content.

You’re gonna spend nearly 75% of your time (107.06 hrs) with Alexis learning how to pwn the network, system and web apps, and the remaining 25% (36.36 hrs) with Josh teaching you Footprinting and scanning, enumeration, vuln assessment etc…

Since I was already familiar with most of the content, my strategy was to pick and choose the segments which I would love to explore more. I ended up doing the core part of whole course which is - set of 6 courses jammed in Host and Network Penetration Testing section.

Here is my generic recommendation on how to prepare for the exam of this kind :

Use the resources listed in the above segment. Make a plan and execute it. Learn from PTSv2 and do hands-on practice on TryHackMe. You can filter by “Difficulty = easy” and “Type = Challenges (CTF)” tags on TryHackMe and have fun pwning machines. Once you have gained confidence then you can move on to pwning Active boxes (20) on HackTheBox, however their retired labs are only accessible via their subscription model, you might consider investing there. TryHackMe is roughly 80% free, the remaining 20% falls under their subscription plan because hosting windows machines is relatively expensive and also because of the efforts that goes into making certain type of contents.

You can also aid your preparation with all sorts of free resources available out there, YouTube channels, blogs, forums and so on…


Tips for the exam


Tips for the preparation phase :

  1. Don’t stress over the syllabus, nature and complexity of the exam. Enjoy having a good learning experience from PTSv2 courseware and lab platforms like TryHackMe and HackTheBox respectively.

  2. Set realistic goals for yourself and have a clear vision about the resources you will be using throughout your prep phase, areas you need to focus more on and most importantly achieve those goals.

  3. Be focused, streamline your prep strategy and achieve accelareted pace of learning through hands-on labs.

  4. Remember (if you feel like quitting, read this, every single day): Today is NOT the day you wanna quit, do it tomorrow. If you’re a beginner it’s gonna be a lot you’ll go through in terms of training. So bear it, you’re gonna make it.

Tips for the exam itself :

  1. Use your notes when you’re stuck. And don’t go out looking for exotic pokemon exploits which will help you. No, actually most of the things you’ll end up doing in the exam is already well taught in the courseware.

  2. Keep track of your actions, It’s easy to lose track of it so make sure to take screenshots, properly name it or time-stamp it. Make sure you save your scan outputs. You can also make mind-maps and diagrams to visualize how far you have been in the network. Store your harvested credentials in a single place, labelled.

  3. It’s much better to make a new directory and keep all the essential files in there, related to the exam environment. Like VPN, screenshots, credentials, any custom tool you wanna try out, scan outputs and so on.

  4. Take breaks, 48 hours is good enough time to pass this exam. So take healthy amount of breaks and get back at your phase where you left it, but with a clear mindset.

  5. Please review your answers in MCQs before hitting the submit button. Answer is pretty much right in front of your eyes, so you can deploy methods of elimination of other options, or reject via obviousness, all those strategies to arrive at the answer, but it should be straightforward, because its a pentest engagement.


Critical Analysis of the exam


I believe eJPTv2 exam is beautifully designed with very careful thought, it strikes the balance between the proportion of pushing the taught skills to its limit and keeping the exam as realistic and modern as possible, meanwhile also keeping in mind that it’s meant for entry level job roles. It dictates the nature of tools we will work with, the expected difficulty of emulating a real world assessment, and obviously “attacks and assets in scope”. All of which will be evaluated in the exam, it touches every objective mentioned in its courseware’s syllabus. It’s real world oriented, and at any moment I didn’t felt like its CTF.

Initial nmap scan

I would rate it 5/5 on all the aspects of their well defined objectives. It goes heavy on the triad of Network, System and Web app pentesting which incorporates reconnaissance, exploitation, credential access, privilege escalation and post exploitation steps like lateral movement and pivoting. The above diagram depicts the same.

However one more thing I would like to mention is : If one has mastery over Metasploit framework and has good command over most of the commonly used standard tools (used in pentesting engagements), they’re gonna breach through the network with ease and fun. But, one can also attempt to do the same thing without using any C2 framework at all or using any other C2 of their choice. If you use metasploit throughout the exam, it’ll feel like metasploit heavy, and genuinely majority of the courseware presses upon metasploit to begin with. I did exploitation manually for some parts, and tried the same via metasploit and vice versa because sometimes it depends on circumstances, your tool might break, you might have to tweak exploits to make it work, you might end up troubleshooting so be prepared for that as usual.

Rating it challenging for beginners, if eJPTv2 is your first certification, make sure you trained really hard. I know you’re gonna make it eventually but it’s gonna be a lot to go through, exam’s network is awesome and fairly big.


eJPTv2.0 vs eJPTv1.0 vs Other Certifications


Initially I had plan to make a separate post for reviewing eJPTv1, but v2 rolled out. Keeping it brief, this is the perfect spot to discuss the difference between these two. The courseware of eJPTv1 is good enough for its exam, meanwhile eJPTv2 is thicc and high on steroids (in terms of content and its evaluation). The eJPTv1 exam comprised of 20 MCQs, no Dynamic Flags, they gave VPN connection pack. Questions and scenario were unnecessarily tricky (on some parts), yes pivoting was there, and as usual the standard attack scenario. I scored 18/20 on eJPTv1 exam. eJPTv1 has been a desired cert for entry level job roles in cybersecurity, however go for eJPTv2, it’s much better in every regard and its the latest one.

I found more value in the courseware of eJPTv2 than v1, same goes for their respective exam. For any beginner I would highly recommend eJPTv2’s course + exam. It’s a great learning experience, I wish there was something like this while I was getting started in cybersecurity.

eJPTv2 vs other certifications: at the moment of writing this blog post, I find remaining other certs as a combination of “professional” and “intermediate”. Again the same debate, each cert has its own specifics which has its own clientele. I would place eJPTv2 as an entry level cert (so far the best in terms of ROI), because it doesn’t comprise of Active Directory pentesting, or custom exploitation or Buffer Overflows, or complex full fledged web app pentesting and so on… It’s a perfect mix of elements which are required for any person starting from scratch to become a Junior Penetration Tester.

I would rather not drive the discussion towards certs like CompTIA A+, Network+, Security+ or Pentest+. CompTIA (A+, N+ & S+) could be stacked up in the corner for specializations in certain areas, morever it doesn’t test your ability to actually do hands on assessments (keeping aside their performance based questions). These certs have great value in them as it strengthen your foundations. CompTIA Pentest+ 002 is geared towards professionals with proven intermediate level skillsets in penetration testing.

In conclusion, if you wanna have a decent cert under your belt, which proves your ability to fit in the penetration testing team as Junior one, here it is, eJPTv2. Good luck and lemme know if this review was helpful.


I am looking forward to attempt CPTS by HTB. So stay tuned I will review it all here. It’s a fun learning experience.

If you have any questions or need personal guidance then feel free to contact me here

Thanks for spending your time and giving it a read.
© 2024 Siddhartha Shree Kaushik