(this hilarious logo was created via Bing Image Creator - Spelling is courtesy of Bing AI)
Welcome to my eLearnSecurity eJPTv2 Certification Notes repository. Here, you will find comprehensive notes and resources that I compiled during my preparation for the eJPTv2 certification. These notes cover key topics, tools, and techniques that are essential for success in the eJPT exam.
Feel free to explore the content and use it as a study guide for your own eJPTv2 journey. If you find any errors or have suggestions for improvement, please don't hesitate to contribute or reach out.
You can find more information on their site here
- Introduction
- Preparation
- Exam Format
- Topics Covered
- Tools and Resources
- Hints For A Successful Penetration Test
- Additional References
#introduction
The eLearnSecurity Junior Penetration Tester (eJPT) certification is designed for individuals looking to start their career in penetration testing. It focuses on practical, hands-on skills, making it an excellent choice for those new to the field.
#preparation
To be successful during the exam one should be comfortable with the following topics:
- Locate endpoints on a network
- Identify open ports and services on a target
- Identify operating system of a target
- Extract company information from public sources
- Gather email addresses from public sources
- Gather technical information from public sources
- Identify vulnerabilities in services
- Evaluate information and criticality or impact of vulnerabilities
- Compile information from files on target
- Enumerate network information from files on target
- Enumerate system information on target
- Gather user account information on target
- Transfer files to and from target
- Gather hash/password information from target
- Identify and modify exploits
- Conduct exploitation with metasploit
- Demonstrate pivoting by adding a route and by port forwarding
- Conduct brute-force password attacks and hash cracking
- Identify vulnerabilities in web applications
- Locate hidden file and directories
- Conduct brute-force login attack
- Conduct web application reconnaissance
#exam-format
Understanding the format of the eJPTv2 exam is crucial for success. The exam has a 48 hour time limit and to pass the exam, you must receive an overall exam score of at least 70%.
#topics-covered
Detailed notes on the key topics covered in the eJPTv2 certification are outlined here. From networking basics to web application security, each topic is broken down with relevant information and practical insights.
#tools-and-resources
INE suggests familiarity with the following tools. The actual exam doesn't have internet access so only tools that INE has pre-installed will be available unless copy and pasted over which is a bit burdensome with some applications.
- Nmap
- Dirb
- Nikto
- WPScan
- CrackMapExec
- The Metasploit Framework
- Searchsploit
- Hydra
#hints
Based on my experience, I've compiled a set of study tips that can aid you in your preparation. These tips cover time management, hands-on practice, and effective note-taking strategies.
- BadByte
- GoldenEye
If you'd like to contribute to this repository by adding notes, fixing errors, or suggesting improvements, please feel free to submit a pull request. Your contributions are highly appreciated!
This project is licensed under the MIT License.
Disclaimer - this excellent README was compiled by our good friend ChatGPT. Will fill out some of the sections at a later date. The notes are the important part.