I've never had so much fun taking an exam before. I have no pentesting experience outside of this exam so I was pretty nervous about taking it. It took me a little over 11 hours to finish. The main problem for me was trying the same thing over and over and expecting different results. There were situations where something I was doing should've worked, but it kept failing. I really had to think outside the box because there's usually multiple ways to exploit and achieve something. Although I did all of the training material (multiple times), there was one lab that I didn't fully understand, but I figured it wouldn't be a big deal... that was a mistake lol. Overall, I'm glad I passed and I can't wait to get a pentesting job so I can apply it. Being a Penetration Tester/ Ethical Hacker has been my dream job for as long as I can remember.
What I used during the exam (that most people probably didn't):
- draw.io - used it to create a networking diagram of all the hosts, routers, etc that I could find during the exam. This was a HUGE help for me.
- OneNote - I used OneNote to keep documentation on pretty much everything as I worked through the exam. Steps, things I tried, things to try, stuff I found, etc.
- VirtualBox - I did all of the training course and the exam using Virtualbox (specifically pfSense and ParrotOS).
- ParrotOS - To each his own, but I don't like Kali Linux. I've loved ParrotOS since the first time I used it and I used ParrotOS exclusively during throughout my entire eJPT journey.
Not sure. I'd love to study for eCPPT or OSCP, but both are pretty expensive and my job no longer pays for my certifications. I can't take CEH til next year (I only have 1 year of Security experience). I think for the month of April I'm just going to learn a little Python and then figure out where to do from there. I could do PenTest+, but my Security+ doesn't expire until October 2020 so I'm not in a rush to take PenTest+ yet. I think it's still new as well so I'd like to wait until there is more study material to choose from.
Certifications: A+, N+, S+, CCNA: CyberOps, eJPT, ITIL, etc.