How I Passed INE’s eJPT v2 : Exam Review
Recently I passed my eJPT v2 exam from INE Security. In this article I’m going to share my experience throughout the exam.
Before that I would like to make you clear about what exactly eJPTv2 certification exam is all about ?
INE Security’s eJPT is for entry-level Penetration testers that validates that the individual has the knowledge, skills, and abilities required to fulfill a role as a Junior Penetration Tester.
Okay that’s enough for the intro, Now let me tell you how it all started, I bought the certification bundle which comes with exam voucher + 3 months of Fundamental Subscription, which is priced at $249. Since I was waiting from a long time for a discount, I was able to buy it at $149 from their monthly discount.
Tip: If you are thinking to buy the exam, Keep an eye on their (X)Twitter account, They come up with various discount every month, and special discounts on Black Friday(November).
Alright, moving further about the training, the course duration is 149 hrs, divided into 4 sections :
Assessment Methodologies
Auditing Fundamentals
Host & Network Penetration Testing
Web Application Penetration Testing
The course content is well organized and fully packed with 229 Videos, 153 quizzes, 121 Labs. In my opinion, I dedicated 6h/day to study, So it was possible to finish all the videos and labs on time before my subscription ends.
Tip: I watched training videos on one tab and also practised the labs on the other tab, trust me it saves lot of your time.
Yeah! One more thing, do not waste your time taking notes with a paper & pen instead use tools like Cherrytree, Keepnote or Notepad also works! It becomes much handy while in exam where you can copy and paste commands.
I also solved few CTF challenges on tryhackme, Below there is list of free tryhackme rooms especially made for eJPT exam.
I also read few blogs on exam reviews of people who already attempted and shared their reviews. By this time, I was confident to attempt the exam.
Note: Read all the exam and lab guidelines before starting the exam.
On a sunday morning I started the exam.
The exam consist of 35 questions, I went through all the questions at a glance and made a mind map of the target.
The different kind of questions you can exam expect at the exam are : Multiple-choice questions,Flag-submission questions,Scenario-based questions.
The exam scenario was like this, On my first step, I had to find my target IP addresses running on your subnet, enumerate all the services running on each target, find vulnerable services. Secondly, exploit each target and get meterpreter session on all the target. Then you need to do Privilege Escalation and Lastly I had to pivot through the systems to find out the Internal Network.
Tools which will be useful in the exam :
Nmap — To scan the target systems and services
Metasploit — Your all in one tool for exploitation.
Hydra — For bruteforcing login forms, SMB
SQLmap — To find databases
Xfreerdp — Connecting to RDP
John — crack password hashes
GTFObins — find binary exploits
If you get struck at somewhere Google is your best friend to search for suitable exploits and also it helped me get few answers also.
I used to keep a notes of all the finding duration the enumeration which was helpful at later stages of the penetration test.
Tip: Once you gain access to the target system, check all the files and folders for flags.txt file, Save users and password you gather in a note.
Finally, I found Pivoting was little bit complex and diffult to complete, where you have to add a route to pivot then further enumerate which I couldn’t do in the exam.
Overall the exam was a fantastic experience. I had to thank many people who cleared my doubts during my exam. and finally I was able to pass the exam.
Conclusion.
I believe if you make use of your time effieciently and put all your efforts and with hard work, you will be able to pass the eJPT v2 exam and become a Certified Penetration Tester.
Thank you for reading, Feel free to reach out to me anytime for any kind of doubts related to exam. click on the link below.
