Skip to content

This repository contains a roadmap for preparing for the EJPT exam.

Notifications You must be signed in to change notification settings

nyxragon/ejpt-roadmap

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
 
 
 
 

Repository files navigation

Ejpt Roadmap Logo



Ejpt Roadmap

Table of Contents

  1. Overview
  2. Exam Preparation Checklist
  3. Ejpt notes available online
  4. Ejpt Exam Experience

Overview

The eJPT preparation roadmap can help you prepare for the exam in 2 months. The following study plan is based on eJPT study material, TryHackMe rooms (some rooms might require a voucher), and additional reading materials. I have assumed that during the preparation, one will commit 8-10 hours of daily study for 2 months. Note-taking is quite important, so make sure to take full advantage of note-taking apps of your liking.

If you wish to include additional rooms, blogs, notes, or share your exam experience, feel free contribute to this roadmap.

eJPT + 3 months FREE of Fundamentals Quarterly cost $249
Preparation Time 2 months
Study Hours Per Day 8-10 hours
Preferred Note-taking app Notion, Cherrytree, Gitbook

Exam Preparation Checklist

This comprehensive checklist is designed for those completing the Penetration Testing Student course offered by INE, along with relevant TryHackMe rooms and reference blogs. Here are some key points to consider during your preparation:

  • Thoroughly review the PTS course content; it is comprehensive and sufficient for succeeding in the exam.
  • Seek assistance from alternative online resources if you encounter difficulty understanding any part of the PTS material; ensure that your concepts are clear.
  • Go through the labs provided in the PTS course at least twice—first while covering the material and again after completing the course.
  • Practice the TryHackMe labs mentioned in the checklist; they serve as valuable additional practice beyond the labs provided in the PTS course.
  • This checklist assumes a dedication of 8-10 hours per day for preparation. If it is not possible to allocate this much time or the time period seems too long, feel free to adjust your pace accordingly.

Week 1

Planned Content Task Completed
Penetration Testing Student Course Assessment Methodologies - Information Gathering [ ]
Assessment Methodologies - Footprinting and Scanning [ ]
Tryhackme Hacker Methodology [ ]
Intro To Research [ ]
Passive Recon [ ]
Active Recon [ ]
Nmap [ ]
Blogs Ethical Hacking: 5 Phases, Techniques, and Tools [ ]
Active vs Passive Recon [ ]
Understanding Reconnaissance and Foorprinting in Ethical Hacking [ ]
CompTIA Security+: Vulnerability Scanning and Penetration Testing [ ]
Nmap [ ]

Week 2

Planned Content Task Completed
Penetration Testing Student Course Assessment Methodologies - Enumeration [ ]
Tryhackme Nmap Post Port Scan [ ]
Network Services [ ]
Blogs Enumerating a new network with Nmap [ ]
Enumeration guide for beginners [ ]
Remote port and service enumeration – nmap [ ]
Enumerate SMB with Enum4linux & Smbclient [ ]
Scanning for SMB Vulnerabilities with enum4linux [ ]
Nmap Scripts (NSE): The Key To Enhance Your Network Scans [ ]
Network Vulnerability and Scanning: Explanation of Nmap Script Engine (NSE) with Hands on Practice [ ]
How to Use Hydra  to Hack Passwords – Penetration Testing Tutorial [ ]

Week 3

Planned Content Task Completed
Penetration Testing Student Course Assessment Methodologies - Vulnerability Assessment [ ]
Assessment Methodlogies - Auditing Fundamentals [ ]
Host & Network Penetration Testing - System/Host Based Attack (Complete till windows part) [ ]
Tryhackme Vulnerabilities 101 [ ]
Nessus [ ]
Windows Fundamentals 1 [ ]
Windows Fundamentals 2 [ ]
Blogs Vulnerability Research 101 [ ]
What is a CVE? [ ]
Working with Exploits: Using Exploit-DB to find Exploits [ ]
Attacking SMB via Metasploit and PSexec [ ]

Week 4

Planned Content Task Completed
Penetration Testing Student Course Host & Network Penetration Testing - System/Host Based Attack (Remaining part) [ ]
Host & Network Penetration Testing: Network-Based Attacks [ ]
TryHackMe Blue [ ]
Ice [ ]
Linux Strength Training [ ]
Linux Privilege Escalation [ ]
Dirty Pipe: CVE-2022-0847 [ ]
Wireshark: The Basics [ ]
Blogs Privilege Escalation on Linux: When it’s good and when it’s a disaster(with examples) [ ]
Tools analysis: linPEAS [ ]
How to Use Wireshark: Comprehensive Tutorial + Tips [ ]
How I use Wireshark [ ]

Week 5

Planned Content Task Completed
Penetration Testing Student Course Host & Network Penetration Testing: The Metasploit Framework (MSF) [ ]
TryHackme Metasploit: Introduction [ ]
Metasploit: Exploitation [ ]
Metasploit: Meterpreter [ ]
HeartBleed [ ]
Deja Vu [ ]
Blogs Metasploit Tutorial for Beginners – Basics to Advanced [ ]
MSFVenom [ ]
MSF Venom Quick Guide [ ]
Use John the Ripper in Metasploit to Quickly Crack Windows Hashes [ ]
Armitage — A Tutorial [ ]

Week 6

Planned Content Task Completed
Penetration Testing Student Course Host & Network Penetration Testing: Exploitation [ ]
TryHackMe What the Shell? [ ]
Steel Mountain [ ]
Poster [ ]
Blogs Vulnerability Scanning with Metasploit [ ]
How to Use Searchsploit in Kali Linux? [ ]
What are Web Shells? [ ]
Reverse Shell vs Bind Shell [ ]
Use MSFconsole's Generate Command to Obfuscate Payloads & Evade Antivirus Detection [ ]

Week 7

Planned Content Task Completed
Penetration Testing Student Course Host & Network Penetration Testing: Post-Exploitation [ ]
TryHackMe Windows PrivEsc [ ]
Windows Privilege Escalation [ ]
Windows PrivEsc Arena [ ]
Bypassing UAC [ ]
Credentials Harvesting [ ]
Linux Local Enumeration [ ]
Linux PrivEsc [ ]
Linux Privilege Escalation [ ]
Linux PrivEsc Arena [ ]
Wreath [ ]
Blogs OCSP: FILE TRANSFER RECIPE FOR DELICIOUS POST EXPLOITATION [ ]
Linux Privilege Escalation Techniques [ ]
Privilege Escalation in Windows [ ]
Understanding Impersonation via Access Tokens [ ]
Post Exploitation Technique -Pivoting [ ]
How to Dump NTLM Hashes & Crack Windows Passwords [ ]
Linux Gather Dump Password Hashes for Linux Systems - Metasploit [ ]

Week 8

Planned Content Task Completed
Penetration Testing Student Course Host & Network Penetration Testing: Social Engineering [ ]
Web Application Penetration Testing: Introduction to the Web and HTTP [ ]
TryHackMe OWASP Top 10 [ ]
Web Enumeration [ ]
SQLMAP [ ]
OWASP Juice Shop [ ]
Blog [ ]
Vulnversity [ ]
Hydra [ ]
Blogs Gobuster Tutorial [ ]
The Ultimate SQLmap Tutorial: Master SQL Injection and Vulnerability Assessment! [ ]
Web Server Scanning With Nikto – A Beginner's Guide [ ]

Ejpt notes available online

Ejpt Exam Experience

If you wish to include additional rooms, blogs, notes, or share your exam experience, feel free contribute to this roadmap.

Releases

No releases published

Packages

No packages published