eJPT - First entry into the world of PenTesting

supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
Hey everyone.

I am a security professional for about 10 years and have been introduced into the world of pen-testing. I decided to go with eLearnSecurity PTSv3 course. I feel for the money it has been a great choice. I am also using other resources since if you want to get into this field you need to get your arsenal of resources growing. Its a growing knowledge base that never ends. I will continue to post about my experience as it goes in case anyone else is interested.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan:​ AWS-SAA, OSCP, CISM
Book/CBT/Study Material:​ Max Power

Comments

  • Mike-MikeMike-Mike Member Posts: 1,860
    this is on my 2016 roadmap
    Currently Working On

    CWTS, then WireShark
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    Good luck on this one guys! Hopefully you'll have as much fun as I did studying and taking this exam. I'm thinking of doing the eCPPT as well before going for the OSCP.
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    I'm slowly working on it now but I think that I'll get more into it. I have to focus on a few areas though. It's a good course to go through. You'll learn a lot. I also suggest getting "The basics of Web Hacking" as well. Also, scripting in Bash is a big help at times.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    I'm slowly working on it now but I think that I'll get more into it. I have to focus on a few areas though. It's a good course to go through. You'll learn a lot. I also suggest getting "The basics of Web Hacking" as well. Also, scripting in Bash is a big help at times.

    Thank you for the info. I am currently reading Counter Hack Reloaded. Once I am done with that one I will move into the web hacking. Its a pretty cool course since it starts at the basic level, but I see it building pretty fast.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    Just finished the first set of modules. Intro, networking, web apps, and pentesting. All just covering the basics terminology and (for me) relearning some networking fundamentals. Its really a great course. I am certain you need a basic foundation to start this course, but to get through it like a person able to pentest as a consultant you will need some more background. There is a lot of great resources as part of the training. I am excited to hit the next module... programming with C++ and Python.

    Stay tuned for the next part.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    What plan did you get? Thinking of doing this but didn't know if stuff like the elite was worth it.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    I got the PTSv3 full version. I wasn't sure if I would really get it so I didn't want to get too invested financially. I am really enjoying it.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    I brought books for the C programming and Python part. Got a little lost with Python but the book I brought helped a little.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    I brought books for the C programming and Python part. Got a little lost with Python but the book I brought helped a little.

    I noticed that I do need some extra time and resources for the programming section. I am working on a course for pyhton for supplemental work.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Good luck with the course and the exam. I had a blast with it. Don't be afraid of moving slowly so that you grasp everything. I'm currently preparing for the eCPPT exam.
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    Good luck with the course and the exam. I had a blast with it. Don't be afraid of moving slowly so that you grasp everything. I'm currently preparing for the eCPPT exam.

    Did you get the GPEN prior to the eJPT? Was it harder?
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    It's kind of hard to compare. I learned a ton from the GPEN course. However, I didn't participate in person (I took the course OnDemand) so I think I lost out on a lot of the practical hand's on you get with the eLearnSecurity course. I would say they were complimentary. The knowledge is advanced compared to the eJPT. I'm now using a great deal of the knowledge/material from the 560 course to supplement and increase my options for exploitation, pillaging and escalation of privileges.
  • xXxKrisxXxxXxKrisxXx Member Posts: 80 ■■■■□□□□□□
    JasminLandry - I would recommend doing either eCPPT or the OSCP. Both cover same arena (Network Penetration Testing). If I had to pick a rank the courses I took on Network Penetration Testing course it would be OSCP > GPEN > eCPPT. Offensive Security's courses are always going to be top notch (I am a bit bias here). Just make sure you have enough time set aside to go through the material.

    supasecuritybro - No one should compare eJPT to GPEN. The SEC560 material is very solid. Even if the examination is open book for the GPEN, it's not easy.
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    xXxKrisxXx wrote: »
    JasminLandry - I would recommend doing either eCPPT or the OSCP. Both cover same arena (Network Penetration Testing). If I had to pick a rank the courses I took on Network Penetration Testing course it would be OSCP > GPEN > eCPPT. Offensive Security's courses are always going to be top notch (I am a bit bias here). Just make sure you have enough time set aside to go through the material.

    supasecuritybro - No one should compare eJPT to GPEN. The SEC560 material is very solid. Even if the examination is open book for the GPEN, it's not easy.

    Not really looking to compare, more of a since I doing this would it be redundant to go GPEN or what. I am looking at the opportunity to sit for the GPEN next year out of my own pocket but I'd like to make sure I'm moving in a good direction.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • xXxKrisxXxxXxKrisxXx Member Posts: 80 ■■■■□□□□□□
    I would pick one of the 3 and move on to a more advanced course (such as SEC660, Cracking the Perimeter, etc). CTP content is pretty old. I wouldn't say it's worth the money anymore. I'm sure the course content is still relevant and any OSCE's here will encourage you sign up. If you're going out of pocket for a SANS course, I recommend waiting until they have a 20-25% off coupon running or try signing up with their work study program and facilitate some classes. The win is facilitating a vLive course online, you get the course content, exam, and on-demand bundle (bringing a course total to around $6k - 7k) for $900. If you get picked to facilitate a course (in-person) you'll take that $900 fee and tack on travel to the destination, factor in staying at an expensive hotel where their events are for about a week long. It would all add up! Great opportunity though!
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    Completed the course. I cannot recommend this course any higher. The fact you get to get in and do something as you learn is great. The material and videos were spot on. I loved it very much and it wasn't breaking the bank, which is important when you are attempting something you are new at. If anyone has questions feel free to hit me up. And to answer the first question on anyones mind... this course is better than the CEH... by a lot!
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    Yeaaa I had a few problems with the lab. Using the XFINITY wifi login for stuff didn't help so I had to hard wire into the laptop to do things. I'm sure I would fail the test.
    Booya!!
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • lugerluger Member Posts: 52 ■□□□□□□□□□
    Completed the course. I cannot recommend this course any higher. The fact you get to get in and do something as you learn is great. The material and videos were spot on. I loved it very much and it wasn't breaking the bank, which is important when you are attempting something you are new at. If anyone has questions feel free to hit me up. And to answer the first question on anyones mind... this course is better than the CEH... by a lot!

    Hi, i'm very interested in taking this course as i would like to get into the world of pentesting and doing lots of self study mainly Linux, Python, Nmap and Wireshark before going on to OSCP. Just wanted to ask a few questions regarding this course.

    Is there much Linux covered in the course as I cant see anything listed in the course syllabus. How is the Python part? Having a hard time getting on with Python at the moment even though i have very good study material at hand.....was never really too much into coding so really having a rough time in the area mostly.

    Any comments highly appreciated :) Thanks
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    luger wrote: »
    Hi, i'm very interested in taking this course as i would like to get into the world of pentesting and doing lots of self study mainly Linux, Python, Nmap and Wireshark before going on to OSCP. Just wanted to ask a few questions regarding this course.

    Is there much Linux covered in the course as I cant see anything listed in the course syllabus. How is the Python part? Having a hard time getting on with Python at the moment even though i have very good study material at hand.....was never really too much into coding so really having a rough time in the area mostly.

    Any comments highly appreciated :) Thanks

    The PTS course does not go too far into any subject. It starts off very basic but builds one topic over the other. Some complain that it's spoon feeding but I see the value to someone (I.e me) who is interested, has foundation but is lacking direction. The programming was more for information as it never tied the two together. It gave me the base for learning Python on my own and explained how it works, which I wasn't clear on before this course. Not much Linux, so I'd recommend for anyone not strong in Linux to learn some basics.

    All things considered, I'm glad I did this course. I'm debating continuing with them for the PTP or just self study the things I'm weak at and move to the OSCP later this year.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • lugerluger Member Posts: 52 ■□□□□□□□□□
    The PTS course does not go too far into any subject. It starts off very basic but builds one topic over the other. Some complain that it's spoon feeding but I see the value to someone (I.e me) who is interested, has foundation but is lacking direction. The programming was more for information as it never tied the two together. It gave me the base for learning Python on my own and explained how it works, which I wasn't clear on before this course. Not much Linux, so I'd recommend for anyone not strong in Linux to learn some basics.

    All things considered, I'm glad I did this course. I'm debating continuing with them for the PTP or just self study the things I'm weak at and move to the OSCP later this year.

    Thanks for the feedback....much appreciated. Seems like this course is what i need to seriously get me kick started in pen testing :)
  • Sheiko37Sheiko37 Member Posts: 214 ■■■□□□□□□□
    How long did the course take to complete and how many hours do you estimate you put into it?
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    Sheiko37 wrote: »
    How long did the course take to complete and how many hours do you estimate you put into it?

    It took me three months, about an hour a night with weekends off. I did spend some time researching outside the regular study which if this is a must if you want to become a pentester.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
Sign In or Register to comment.