I passed the eJPTv2 exam. I’m pleased to describe you this awesome journey !

I like this and writing this article is the only way for me to explain to you in detail all my thoughts about the eJPTv2 exam and the PTSv2 course.

The exam is a real-life practical exam lasting 48 hours. The way it's designed is exciting.

What have I learned?

This test shows I'm not good enough at Windows development and spinning, haha! But one thing I learned from hacking is that everything you learn in IT is important (e.g. programming, networking, system administration, etc.).

Let's go through the parts I found enjoyable about the exam:

• 48 hours was far more than I needed, but for others with busy jobs or who are new to penetration testing, it should be enough as long as you are prepared. You will have plenty of time to rest, relax, and get on with your normal life before returning to take the exam.
• The content offered a broad overview, touching upon various exploitation techniques at a fundamental level, with a strong focus on the process of enumeration. Enumeration plays a crucial role in penetration testing, and this was vividly showcased through the questions posed.
• In the context of the examination, INE offers the Penetration Testing Student v2 course. After watching the course and attempting a few lab exercises, it's evident that the course is comprehensive and meticulous, addressing every aspect (and more) required for a successful outcome. If you're new to penetration testing or have limited experience with Capture The Flags (CTFs), I strongly recommend completing all the lessons and lab exercises.

The exam

It took me about 10 hours out of 48 to clear the exam. So I had also enough time to eat, sleep do other stuff lol...

How am I prepared?

I prepared by watching the courses solving CTF challenges and doing TryHackMe in my spare time for the past 6 months. Below I’ll list some THM CTF and walkthrough challenges you can solve to provide a more interactive and fun way to learn. The majority of these boxes are free, I’ve noted the ones that aren’t however. This list will start from complete beginner -> ready to pass eJPT. If you feel you already know the basics, feel free to skip to what suits you best.

Basic Networking Fundamentals

• What is networking? (Free)
• Introductory Networking (Free)
• Intro to LAN (Free)
• Active Network Recon (Free)
• Passive Network Recon (Free)
• Nmap (Free)

General Security & Intro to Penetration Testing

• Principles of Security (Free)
• Pentesting Fundamentals (Free)
• The Hacker Methodology (Free)
• Introductory Research (Free)

Proficiency in Linux & Windows

• Linux Fundamentals 1/3 (Free)
• Linux Fundamentals 2/3 (Free)
• Linux Fundamentals 3/3 (Free)
• Linux Modules (Free)
• Linux Strength Training (Free)
• Windows Fundamentals 1/3 (Free)
• Windows Fundamentals 2/3 (Free)
• Windows Fundamentals 3/3 (Free)

Exploitation

• Vulnerabilities 101 (Free)
• Network Services 1/2 (Paid)
• Network Services 2/2 (Paid)
• Hydra (Free)
• Metasploit: Introduction (Free)
• Metasploit: Exploitation (Paid)
• Metasploit: Meterpreter (Paid)
• Blue (Free)
• Ice (Free)
• Blaster (Free)

Privilege Escalation

• Windows Privilege Escalation (Paid)
• Linux Privilege Escalation (Free)
• Practice Linux privesc (Free)
• Practice Windows privesc (Free)

Independent Challenges to hone skills and ensure success!

• Basic Pentesting (Free)
• RootMe (Free)
• Simple CTF (Free)
• Ignite (Free)
• Startup (Free)
• Blog (Free)
• Erit Securus I (Paid)

This list should suffice for this article, as it covers all the key concepts and provides ample practice opportunities. If you have the time and patience, I suggest going through the INE PTSv2 course. You can then use these THM exercises to further enhance your studies. If you manage to complete both sets of materials, I'm confident that you'll be well-prepared and likely to pass with flying colors on your first attempt.

I hope this article will help you in your eJPTv2 journey.

Eddie GBAGUIDI | Cybersecurity Engineer