Getting Started with Pentesting – My Experience with the eJPT
🧠 Introduction & Motivation
I completed the eJPT certification in June 2024. It was my first certification in the field of penetration testing. I didn’t do it for a job title or to impress anyone – I did it for myself, as a starting point into the world of pentesting.
Since I don’t have a formal background like a degree or an apprenticeship in IT, I knew I had to build credibility through certifications and CTF platforms. The eJPT seemed like a good place to begin.
From what I had read and heard, it’s a well-respected entry-level cert, with a practical focus and a reasonable price tag. That convinced me to go for it – and looking back, I think it was the right choice.
📦 What is the eJPT?
The eJPT (eLearnSecurity Junior Penetration Tester) is a hands-on certification from INE. You get access to a lab environment with a few machines, and your task is to explore the network, find weaknesses, exploit them, and answer a set of technical questions.
It’s not a multiple-choice test. You need to actually perform a full pentest workflow: information gathering, enumeration, exploitation, privilege escalation. The questions guide you through the process and make sure you’re not just poking around blindly.
The exam is time-limited, but there’s enough time to take a structured approach. I dedicated a few hours to it, which worked out well.
🧪 Preparation
The certification includes access to INE’s “Penetration Testing Student” training course. It covers the basics: TCP/IP, scanning, service enumeration, network and host-based attacks, web vulnerabilities, and some Windows/Linux exploitation.
A lot of the content wasn’t new to me – I had already worked through platforms like TryHackMe and Hack The Box – but I still found the course helpful to fill in some gaps and get a more structured understanding.
I worked my way trough all of the course material, and started my first exam attempt very quickly after that, because i had no clue how the exam really looks like and I was very excited to start.
🧠 The Exam Experience
The exam was the best part for me. It’s guided, but not hand-holding. You still need to know what you’re doing, and a few tasks definitely required me to slow down, think, and double-check my work.
There were no surprises – if you know the material and understand the workflow, the exam is very doable. Still, I found it rewarding and well-structured.
For my first exam experience I liked the fact that it was a bit “guided”, because even now I often find me in a situation where I dont know exactly where to look or to find a good structure.
✅ What I Liked
- Structured, practical learning – not just theory
- The exam feels realistic and hands-on
- Clear progression through the pentest stages
- Affordable price for what you get
❌ What Could Be Better
- For me there was no negative point, it’s an entry level certification and for that it covers a lot of stuff
🎯 Who It’s For
If you’re just getting into pentesting and want a structured, practical certification to start with, the eJPT is a good option. You should be comfortable using the terminal and have basic knowledge of networking and common tools (like nmap, Burp, etc.).
It’s not for absolute beginners with zero exposure, but you don’t need a lot of prior experience either. If you’ve done some TryHackMe or CTF-style challenges, you’ll be in a good position.
🧭 Final Thoughts
For a first certification, I was very satisfied with the eJPT. It gave me a realistic assessment of where I stand and helped me understand what I still need to work on.
I’m glad I did it. It’s not just about getting a cert – it’s about proving to yourself that you can apply the concepts and actually make progress. That’s what mattered most to me. Big shoutout to @Alexis Ahmed for this great learning experience during the course.
Next up? Maybe the PJPT or PNPT(Quick spoiler, there will be a blog post soon for both of them). But for now, I’m continuing to learn and practice. There’s still a lot to discover.
— If you’re thinking about the eJPT or already working toward it, feel free to reach out. Always happy to exchange thoughts and experiences.
(No sponsoring or any like that)