Hello, I’m Talha Tariq, and I recently completed the EJPT certification on January 19, 2024. Before diving into the EJPT journey, I solidified my foundational knowledge by completing TryHackMe’s Jr Penetration Tester path — a highly recommended step to establish a strong understanding of the basics.

The eLearnSecurity Junior Penetration Tester (EJPT) certification equips individuals with the core skills and hands-on training needed to kickstart a career in penetration testing at an entry-level position andcovers pre-requisite topics introducing information security, programming and pentesting

In this blog post, I’ll share my personal experience and key suggestions on how I successfully passed the EJPT exam. Remember, it’s not just about conquering Capture The Flag (CTF) challenges; it’s about adopting a true penetration tester’s mindset.

While the EJPT PTS course (145+ hours of videos and 121 labs) can be completed in 2–2.5 months, it’s crucial not to rush through the material. Take the time to thoroughly understand each topic and practice your skills in the lab environment. Set a realistic study schedule that aligns with your commitments and stick to it. Consistency is key, but so is understanding the material deeply rather than just skimming through it.

Notekeeping is an absolute must throughout your EJPT journey. From the moment you start the course to the final exam, keep detailed notes of concepts, methodologies, tools, and any unique findings. These notes will serve as a valuable resource during the exam preparation phase and act as a quick reference guide when you face similar scenarios. Consider organizing your notes by topics.

Although it is a must to take notes by yourself, you can find some helpful notes online. Some well-organized and useful notes and cheatsheets I’d like to suggest :

• https://blog.syselement.com/ine/courses/ejpt/ (highly recommended)
• https://github.com/cocomelonc/ejpt
• https://github.com/n0y4n/eJPT/tree/main
• https://0xv3r4x.github.io/posts/ejpt-cheatsheet/

One of the first and most crucial pieces of advice I received was to approach the EJPT exam as a real-world penetration tester would. While CTF challenges are valuable, understanding the practical application of your skills in a simulated environment is equally important. This mindset shift allowed me to think beyond just solving challenges.

The EJPT labs are a goldmine for hands-on experience. Especially the Windows and Linux Blackbox penetration testing labs in the Penetration Testing Student course. Dive into each lab with a curious mindset, explore different attack vectors, and experiment with various tools. The more scenarios you encounter in the labs, the better prepared you’ll be for the exam. Take the opportunity to go beyond the provided exercises and try to apply your knowledge creatively.

As you gear up for the EJPT exam, enhancing your understanding through hands-on labs is crucial. Although the PTS course alone is sufficient for success, adding practical exercises further solidifies your knowledge.

Here are some recommended free labs to enhance your skills and ensure success:

• Ignite (Free)
• Startup (Free)
• RootMe (Free)
• Blog (Free)
• Erit Securus I (Free)

Engaging with these labs will not only deepen your understanding of key concepts but also provide a practical application of the skills required for the EJPT exam. By integrating these resources into your preparation strategy, you’ll be better equipped to tackle the challenges that come your way during the certification journey.

The cybersecurity community is vast and supportive. Engage with fellow EJPT aspirants on discord, reddit, etc. Share your experiences, ask questions, and learn from others who have successfully navigated the EJPT journey. The insights and tips from the community can be invaluable in refining your approach and addressing any challenges you may face.

• Ensure a well-rested start for optimal performance.
• Kick off the day with a wholesome breakfast, a refreshing shower, and a moment for your pet (if you have any).
• Energize yourself with a cup of coffee before diving into the exam.
• Read the Lab Guidelines and Letter of Engagement carefully before starting.
• Make the most of the generous 48-hour exam duration.
• Resetting the lab will delete all the data, so take note of every lead you get like interesting ports, users and their passwords, versions etc.
• Read the questions carefully as they can give you hints.
• Carefully submit the flags as they cannot be changed or edited once you submit.

Personal Exam Strategy:
- Initial 6 hours: Answered 8/35 questions.
- Break for lunch.
- Additional 6 hours: Tackled 5 more questions but hit a roadblock.
- After a dinner break and a restful sleep, resumed with a fresh perspective.
- Next day: Answered many questions, achieving 32/35 by 11pm.
- Successfully completed and submitted the exam, securing a passing grade.

The journey to passing the EJPT exam requires a combination of a pentester’s mindset, dedicated notekeeping, and hands-on practice. By embracing the practical aspects of penetration testing, setting a realistic study schedule, and actively engaging with the cybersecurity community, you can confidently navigate the challenges posed by the EJPT exam. Remember, it’s not just about passing the exam; it’s about acquiring the skills and mindset necessary to excel in the world of ethical hacking. Good luck on your EJPT journey!