So this year I have been trying to get into the pentesting/offensive side of security and trying to get my certifications going. Already having EC-Council C|ND (Certified Network Defender) and C|EH (Certified Ethical Hacker), I wanted to get some more "practical" certifications as the other two are more theory than anything else.

My next certification goal is the OSCP (Offensive Security Certified Professional) but with the price tag of it at the moment I just cannot do it right now so i am now just focusing on the smaller certifications, like eLearnSecurity's eJPT and then finish the C|EH Mastery which requires the C|EH Practical. I have also been considering CompTIA Security+ and CompTIA PenTest+.

So for the past month I have been contemplating doing eJPT first and have literally been procrastinating on purchasing it and waiting for the dollar to rand echange rate to come down as it's been pretty crazy the past few months.

So on 16 Decemeber I purchased the eJPT exam. the courseware (called PTS, penetration testing student) is free through INE with the starter pass and I had a quick run through of it and seems very easy as I have already been dabbling in this sort of stuff for a while. I waited 2 days for any details on the exam but I didn't receive anything. I emailed support who quickly sent through the details for the exam. The exam voucher is valid for 6 months but there was no ways I could wait that long. I decided I was gonna wait 2 weeks before I do it. You have 3 days to complete the exam, answering 20 questions and you have to get 15 answers correct to pass.

Sunday morning, 20 December, I decided, why wait two weeks when I can do it today. It should be easy enough! I spoke to a few people before who said that they did it in 3 - 10 hours which would be more than enough time.

1:45pm I hit start and received my letter of engagement and VPN files to connect to the network. The letter of engagement is basically the letter which states the scope and what is required for the assessment, just like any other engagement from doing a real pentest.

Without going into detail about the exam of course, it was a very enjoyable pentest. For me it was pretty straight forward, but so straight forward that I literally wondered why is this so easy which made me miss some vital information in the beginning which I wasted an hour or two on. What should have been a 2 hour pentest for me, turned into 6 hours. It was annoying because I was overthinking, but it was a great feeling being in that situation. I had to take a break at one point because I was pretty overwhelmed by the amount of windows, shells, tabs and everything I had open. I went for a 35 minute run, had something to eat and then carried on with the last 2 questions that remained unanswered.

At hour 3 I already knew I had the 15 points required, but really wanted 20, so I spent quite a bit overthinking the simplest of things. Once I decided enough was enough I clicked submit and was welcomed with

I got 18/20 and I am not even sure which 2 questions I had wrong, they don't tell you! I really want to know!

This is definitley a good exam to start as a stepping stone into the offensive side. eLearnSecurity has some awesome paths to the various branches and I hope to someday continue those paths but right now, the price tag on the yearly subscription is too much for my pocket sadly, even with the 30% discount they offer on a regular basis.

Lessons learned:

• DON'T OVERTHINK! I did so many times and I spent too much time overthinking the smallest of things.
• TAKE NOTES! Jot down WHERE you get your information from. I lost out on a point because I had information about something but could not remember where I got it from so I just thought I made a typo.
• TEST EVERYTHING! Just because you think something is too easy and you think, surely they won't do that, TEST IT!
• TAKE A BREAK! At one point I was overwhelmed. Too many windows, terminals, tabs, etc. I walked away from my PC and went for a 35 minute run. Came back refreshed.

Just some tools that I used:

• fping
• nmap
• gobuster
• hydra
• smbclient
• enum4linux
• nessus
• zap
• msfconsole
• sqlmap
• john