🔐 eJPT — Junior Penetration Tester

Personal study notes, command references, and cheatsheets for the eJPT certification by eLearnSecurity / INE.

---

📋 Exam At a Glance

Property	Details
🏷️ Certification	eJPT – Junior Penetration Tester
🏢 Provider	eLearnSecurity / INE
📝 Format	35 Questions + Practical Pentest Lab
⏱️ Duration	48 Hours
✅ Passing Score	70%
📖 Open Book	Yes
🧩 Domains	Networking · Web Apps · Host & Network Pentesting

---

🗂️ Notes Index

Click any topic below to jump directly to its notes.

🕵️ Reconnaissance & Information Gathering

#	File	Description
01	📄 Information Gathering	OSINT, passive & active recon techniques
02	📄 Footprinting & Scanning	Network mapping, Nmap, host discovery

---

🔬 Assessment & Enumeration

#	File	Description
03	📄 Vulnerability Assessment	Identifying and analyzing vulnerabilities
04	📄 Enumeration	SMB, FTP, HTTP, DNS, SNMP enumeration
05	📄 Auditing	Security auditing concepts and checklists

---

⚔️ Attack Techniques

#	File	Description
06	📄 Network-Based Attacks	MitM, ARP spoofing, sniffing, MITM tools
07	📄 System & Host Based Attacks	Windows & Linux local exploitation
08	📄 Web Application Pentest	SQLi, XSS, file inclusion, Burp Suite
09	📄 The Metasploit Framework	msfconsole, exploits, payloads, sessions

---

🚀 Exploitation & Post-Exploitation

#	File	Description
10	📄 Exploitation	Exploiting services, CVEs, manual attacks
11	📄 Post Exploitation	Privilege escalation, pivoting, persistence

---

📋 Quick Reference

#	File	Description
12	📄 CheatSheet	All key commands in one place

---

🧠 Exam Topic Coverage

Information Gathering      ████████████████████  100%
Footprinting & Scanning    ████████████████████  100%
Vulnerability Assessment   ████████████████████  100%
Enumeration                ████████████████████  100%
Exploitation               ████████████████████  100%
Web Application Attacks    ████████████████████  100%
Post Exploitation          ████████████████████  100%
Metasploit Framework       ████████████████████  100%

---

🗺️ Pentesting Methodology

┌─────────────────────────────────────────────────────┐
│                                                     │
│  1. Information Gathering  ──►  2. Scanning         │
│         │                              │            │
│         ▼                              ▼            │
│  3. Enumeration           ──►  4. Vuln Assessment   │
│         │                              │            │
│         ▼                              ▼            │
│  5. Exploitation          ──►  6. Post Exploitation │
│                                        │            │
│                               7. Reporting          │
└─────────────────────────────────────────────────────┘

---

⚡ Key Tools Quick Reference

Tool	Use Case
nmap	Port scanning & service detection
netdiscover	Host discovery on local networks
gobuster / dirb	Web directory brute-forcing
nikto	Web server vulnerability scanning
hydra	Online brute-force (SSH, FTP, HTTP)
john / hashcat	Offline password / hash cracking
metasploit	Exploitation framework
msfvenom	Custom payload generation
sqlmap	Automated SQL injection
wireshark / tcpdump	Packet capture & traffic analysis
enum4linux	SMB/Samba enumeration
netcat	Bind/reverse shells, port listening
burpsuite	Web app interception & testing

---

📚 Official Resources

• 🌐 INE Learning Platform
• 📖 eJPT Exam Page
• 💬 INE Community Discord
• 🗂️ PTS Course (Penetration Testing Student)

---

Made with 💻 for eJPT exam prep