My journey to take and pass the eJPT began with ZERO experience in ethical hacking and just a basic background in IT, networking, and security. Prior to taking the exam, I worked my way through the Professor Messer CompTIA A+, Network+, and Security+ courses. I took the A+ but just did the coursework for the Net+ and Sec+ to save some money and not go overboard on certs..

Materials:

To prepare for the eJPT I worked my way through the MASSIVE amount of coursework by INE (156h 17m) and also completed all of the hack the box Starting Point labs and also completed their Linux Basics course.

To complete all of this took me 3 months of studying about 3-4 hours per day while working a full time job (it is possible..).

After taking and passing the exam, I will absolutely say that taking INE’s course is enough to pass the exam and if you’ve gone through and completed all of the labs associated with their training videos you’ll absolutely be prepared.

I will say, oftentimes it feels easy to just skip through the labs and crush the videos, but I highly recommend going through and just completing all of the labs anyways, even the easy ones. I found that even though a video was pretty straightforward, I’d end up getting stuck in a lab because of maybe a syntax error, or me making a mistake with setting up a listener, etc. So I really can’t say enough, just do all of the labs.

Speaking of the INE course, I will say I had to skip most of the Josh Mason material. Nothing against Josh personally, he seems great, I just felt like there was a disconnect with his presentation of material. Alexis was awesome throughout the course. Definitely pay attention to the enumeration bits from Josh, though! The last section about web app hacking did not appear on the exam really so I actually skipped that and completed Nahamsec’s web app hacking course on Udemy which I liked.

I can’t recommend enough, take notes when you’re doing the INE course if you decide to do so. I had a word document on my laptop for the course which is currently at about 75 pages of notes which made it great for the exam. I could just control+f a service I found during an nmap scan and then be brought to the section that covered that from INE. I was very detailed in my notes and I feel it paid off huge. It’s a lot of material so being able to just dive back in was game changing.

With hackthebox, I’d recommend completing the boxes: Devel and Analytical.

You don’t need to go too crazy with hack the box, though, for the exam. Like I said, the INE material was definitely more than enough. When I was preparing, I had about a week between my scheduled exam date and when I finished the course material, so I decided to practice what I had learned with htb and I was glad I did.

The Exam

The exam for me took about 8 hours which did include taking breaks, taking the dog out for a walk, sitting down for lunch, etc. I felt like I definitely could have moved faster through it, but I was determined to take my time and be thorough.

My biggest advice for the exam is to TAKE NOTES. To do this, I’d highly recommend opening up a word doc and for all of the active machines you find during your scan, make a header with that IP, put your nmap results underneath it, put any passwords, etc. you find underneath it too. This is how I set it up (granted I started doing this about halfway through..).

127.0.0.1 – Hostname

21 open tcp FTP

80 open tcp HTTPD

135 open tcp net-bios

139 open tcp net-bios

Root:password

Hashdump results:

Root::Asjdndsjgajfngag

User::aksdjgdsajgas

I highly recommend taking your time with enumeration when you start as well.. I tried just diving in based on each question, but I wish I had just taken some time at the start of the exam to get a real lay of the land and do broad enumeration, write it all down, gather host names, IPs, nmap scans, etc, before moving on to actually exploitation.

Overall, I felt the exam was challenging but I was confident that I had everything I needed to pass.

If I was to do it again (which I am for the eCPPT), I would absolutely recommend shelling out the extra money for the INE course. Stick with it and you won’t be disappointed. Not only does it help prepare you for the exam, but Alexis is genuinely a fantastic instructor and you learn A TON of material that has helped me solve several boxes on htb totally on my own. So it’s definitely worth checking out.

Best of luck on the exam!