My eJPT Experience

Hello TE,

I recently passed the eJPT with a perfect score! Just wanted to write my personal opinion on it. I want to continue the tradition as I typically do this with all of my certs. Also, thank you TE for introducing me to this cert.

Payment/Package:

I paid $300 for the Full version of the PTS course. The PTS is the study material that will help you take the eJPT exam. This package includes study material in the form of outdated Flash slides, ~4 hours of video examples, 30 hours of lab time and an exam voucher to take the exam (they give you 2 attempts).

I felt the Full package is more then sufficient for anyone decent in IT. Decent being someone that can do desktop support type work. After completing the course I still have 25.5 hours left and that was with taking my time on the labs. I did however power off the labs once I had gotten the results, or did not need to use the network anymore such as for password cracking.

One nuisance was the payment system they use. I was required to email them a picture of my drivers license. This was a pain in the ass, and I blacked out some sensitive information to be safe. They accepted and then processed but it took 24-48 hours. I could not get access to the study material until after it was fully processed so wish I had planned ahead and paid for it few days before the weekend I was going to start my studies.

Course/Exam Review:

In terms of content, everything about the course was top notch! The slides were to the point with hardly any fluff. A rarity these days. Excellent and easy to follow videos that add extra concepts and then relevant labs where I actually LEARNED. I went through the course just once. I basically skimmed the slides pretty quickly since it is just a review for me from my other certs/experience. Then I would watch the video, and then the lab. Took detailed notes especially for certain commands/syntax.

My MAIN problem with the course/eLearnSecurity is that the Full version package gets the Flash version of the slides. This was REALLY annoying at times because of the following reasons:

1. Flash is not even supported by many main stream browsers anymore out of the box.
2. In fact, Adobe Flash is responsible for six of the top 10 bugs used by exploit kits in 2016. LINK. After all, eLearnSecurity is a security company... they should be aware of this!
3. There were a few times where the training slides would not even load! I would have to refresh several times or restart my browser. There were even 1-2 nights where I gave up studying because it was so persistent. Mind you I tried several different computers and OS's and I have 150/150 Fiber hardwired connection with i7/Xeon CPU's and min 16GB on each machine.
4. Some training material took an entire minute or two to load. Mind you once loaded, you can see the entire chapter/section but still annoying and time is money.
5. I did make a complaint about replacing Flash with HTML5 in the forums but staff never followed up with me afterwards.

In short, Flash is utter crap, please get rid of it. It is so bad that I think it hurts the companies reputation.

Moving on, I really did enjoy the exam. Everything you need to know is in the study material and mainly from the labs. My complaints with the exam is that 2 questions in particular did not have clear English wording and typos. In fact I had to message staff to understand one question because it could easily have 2 interpretations and thus 2 answers. I was really surprised by this because the English in the study material and labs were near perfect. Must have been a different translator that made the exam questions. Also, the staff in the forums were really friendly, prompt and helpful when I had some odd issues/questions.

Anyone that is really focused can complete the course and take the exam in about ~1.5-2 weeks. Just do 2-4 hours per day on work days and then 8-12 hours on weekends. Granted that is with skipping the programming section because that is not on the exam.

Overall, in terms of learning and enjoyment the eJPT was my favorite. CISSP was my second favorite in terms of enjoyment/learning. If you do all of the labs, you will keep applying what you learn from prior exercises and thus actually LEARN through repetition. They say, to really internalize something you must go over it 2-3 times. The course applied that concept perfectly because first you read the material via slides, then you watch a video about it and then you actually apply it in the lab.

The eJPT was what I WISH the CEH would have been. My thirst now has been fulfilled for the time being anyway!

I do enjoy penetration testing and it was great to get a small sample of how an attacker thinks/works especially for a blue team guy like me. However, I am still not sure if I want to be a full time penetration tester so if I ever were to do the eCPPT or OSCP, it would be more for fun. Also, I have been on many job interviews lately including 2 of the Big4's and honestly many have not even heard of the OSCP let alone the eJPT. At least it was a good conversational piece in the interview. It basically tells a story that you are passionate about security and trying to learn/grow which is essential for this particular industry. Do this strictly for learning and to help see if pen testing is for you. Great value overall for $300.

What's next? Honestly, I think I am going to take a break from certifications for a while. I want to start doing more real-world lab simulations with my VMware boxes. I want to configure business grade firewalls instead of my pfSense, setup Splunk and send logs to it from my various devices and also create dashboards, analyze traffic on my network etc. I also want to just read some of the top security books per dfir.

Edit: The course is not that difficult. I personally had to slow down and pay special attention to the Burpe/XSS/SQLi/Metasploit sections due to not having much experience with them so I really wanted to understand/learn them. I actually had a really bad flu during the last week when I took the exam. Even had fever during exam. It took me about 8 hours to complete and that is with taking bathroom/food breaks. I highly recommend going for a little walk around the house when you are stuck. You will be surprised how things just come in to place soon after. Also, had my Kali VM not gotten corrupt somehow and me having to re-install VMware Tools... I'm sure I could have completed the exam in 6.5-7 hours.

Find more posts tagged with

Comments

tedjames

Thanks for the highly detailed writeup! Glad you got so much out of this course. I'm in the middle of it myself. Just started the Footprinting and Scanning section.

I actually have the option of slides, HTML5, or PDF. Odd that you didn't get HTML5. I got the Elite version with 60 hours of lab for $400. Luckily, my boss paid for it.

I loved the Burp Suite video and lab. What has helped me so far has been to document every instruction from the video, complete with screen captures (Used to be a technical writer, so it's second nature). Now I have my own little instruction guides, and those have helped me through the labs. I've also found it's good to do the labs a few times to make them sink in.

I still have a ways to go before I'll be ready for the exam. I highly recommend this course for anyone who wants to get their feet wet with penetration testing. I set up a lab with Oracle VM Virtual Box and Kali Linux, and that's where I do my labs. I had been trying to do them through Windows, but it was such a pain. It's so much easier using Kali.

ZzBloopzZ

tedjames wrote: »

I actually have the option of slides, HTML5, or PDF. Odd that you didn't get HTML5. I got the Elite version with 60 hours of lab for $400.

The Full package is the Flash Slides ONLY. HTML5 and PDF is considered an "extra feature" for ELITE. I think this is stupid, and Full should have HTML5 with Flash fully removed. IMHO anyway.

Good luck with course, hope you enjoy it overall as much as I have.

tedjames

I agree that you should've gotten the HTML and PDF options. Seems kind of lame to charge so much extra just for that. Glad you did so well with the course!

yoba222

Nice writeup. I agree about the flash criticism. How did you feel about the Python/C++ content? To me, it didn't really feel like it belonged in the training.

tedjames

The Python/C++ content has no bearing on the exam. But eLearnSecurity explained that the extra knowledge will benefit you as a penetration tester. The testers I've worked with would often create their own tools using these and other languages.

ZzBloopzZ

tedjames wrote: »

The Python/C++ content has no bearing on the exam. But eLearnSecurity explained that the extra knowledge will benefit you as a penetration tester. The testers I've worked with would often create their own tools using these and other languages.

+1, I did not even end up going through the programming content in the course. I did C++ back in college and don't see when I would ever use it again. Python on other hand I plan to properly learn via dedicated books later this year.

ivandavids

Hi ZzBloopzZ

I hope you can help with my query.

I noticed the full package has the "eJPT Regular Certification Voucher" vs the Elite package "eJPT Infinity Certification Voucher - No Expiry". Does this mean that you have to sit the course and exam within a certain time period once registering for the full package?

thanks

ZzBloopzZ

ivandavids wrote: »

Hi ZzBloopzZ

I hope you can help with my query.

I noticed the full package has the "eJPT Regular Certification Voucher" vs the Elite package "eJPT Infinity Certification Voucher - No Expiry". Does this mean that you have to sit the course and exam within a certain time period once registering for the full package?

thanks

Yes, for the full package you have 180 days to complete the course and take the exam. More then enough time for majority of people IMO.

Also, if you move the mouse cursor over the "eJPT Regular Certification Voucher + Printable Certificate + 1 Free retake" on the pricing plan page it gives you specific details. I found this out by accident my self.

ivandavids

Thanks !!

Chilltech

Thanks For the write up.

Mike-Mike

now that i got the CISSP out of the way, i hope I can get into some of the elearnsecurity stuff

yoba222

Mike-Mike wrote: »

now that i got the CISSP out of the way, i hope I can get into some of the elearnsecurity stuff

I did eJPT right after CCNA as sort of a "reward" cert. It was like getting to eat dessert for the first time after being stuck on a flavorless diet.

carlettus

Hi,
next week I'll start my journey ..... I have just one question: is the eJPT exam like the eCPPT one? in few words do I need to root boxes or is a question based exam?
thank you
C

jamesleecoleman

eJPT is a question based exam where you use the tools to discover the answers. It's an awesome course with a fun exam.

carlettus

Thank you .... just started, reading the networking prerequisites and enjoy the clear of the exposure of concepts.
Bye

iAmLearningg

Thanks for sharing your experience with eJPT.

I just PASSED my eJPT with 100/100. I would like to share my experience with eJPT-

My background:
I used to work at a Security Firm as a Security Consultant and I have a background in Mobile Application Audits (Android, iOS, Windows). I never had a background in Penetration Testing until now. However, my experience as a Security Consultant helped me a lot in knowing some of the tools before hand and I was pretty well versed with them. So for instance, I knew how to Intercept traffic with Proxies, Metasploit, etc.

Current Situation:
Currently I am working Full Time with a small Lab as a Security Engineer (again in application audits!!!). The only time i got to read through the Slides and perform the labs was early in the morning or late in the night.

I honestly finished the Slides, Labs for all modules in just 4 days (I had purchased the Elite plan a month ago however due to some other commitments I did not get enough time to start with it).

Slides, Labs Review:
I believe eLearnSecurity has done a great job in explaining how things actually work and not just Tool execution. This helped me a lot in understanding the basics. This can be observed both in Slides and Labs.

Labs are really interesting and they will test your understanding about the content from the slides and videos. So never skip the Labs/Videos.

eLearnSecurity explains really well about SQLi, XSS, OS Fingerprinting, Enumeration etc. Make sure that you are taking notes, as they will be very helpful during the actual exam.

Exam review:
I started my exam at 9 pm Sunday and I submitted my exam on 3 am Monday. i.e. it took me 6 hours to complete the exam.
Interestingly, I spent the first three hours in troubleshooting my routes. It was stupid.But I learned from my mistakes. The exam is really straight forward. It will be identical to the labs with some modifications and hints and clues. Pay close attention to them.
My mantra to success has been - Look everywhere in the machine, check each directory and file, exploit all possible machines and leave no stone unturned! You will surely find what is required!

Last but not least, do not forget to Enumerate. Also pay close attention to hints, clues found in some machines!

Good luck!