eJPTv2
Introduction
To take this certification, in my case, I got an offer, but what you pay for is a subscription and access to INE content.
I recommend doing it because it gives you a lot of tools and methodologies that you will be able to use in the exam. Also in the course itself, there are practical classes, with labs where you can try the techniques that you will learn.
The course is very complete, and even if you already have notions you can use it to strengthen your knowledge, it consists of 4 main sections:
Section 1: Assessment methodologies
In this section you will see different methods for recon, such as different types of scanning, footprinting, enumeration, etc.
Section 2: Host & Network Auditing
This section is quite short. It teaches you things at a more conceptual level, such as security frameworks, some scanning tools and little else.
Section 3: Host & Network Pentesting
This is the most practical section of the course. Here you go directly to the mud and exploit vulnerabilities on machines prepared for it.
It is the most extensive section of the course, since they teach you exploitation techniques for both Windows and Linux services.
My recommendation here is that you write down the most used tools, since in the exam they will be the ones you will use the most or they can make things easier for you.
Section 4: Web Application Pentesting
A very introductory section to what would be the security in web applications. It deals with protocols, techniques to obtain information, etc. It is quite short, but it serves to give you an idea of what is pentesting at web level.
Link
Última actualización