Helped a Fresh Grad get their First Penetration Testing job without experience!
ฝัง
- เผยแพร่เมื่อ 20 ก.พ. 2022
- I lay out a practical plan for your to follow to get your first Penetration testing job!
eLearnSecurity eJPT:
get.ine.com/eJPT
eLearnSecurity Certified Professional Penetration Tester (eCPPTv2)
get.ine.com/eCPPTv2
Note: I may earn a small commission for any purchase through the links above
![ความรักของยักษ์เขียว (ทศกัณฐ์) - เดี่ยว ไออุ่น [OFFICIAL MUSICVIDEO 4K]](http://i.ytimg.com/vi/yCCy-QVHqK8/mqdefault.jpg)
Great video, thanks for the advice! My notes:
Certification Recommendations:
- eLearnSecurity Junior Penetration Tester (eJPT) [great entry point]
- eLearnSecurity Certified Professional Penetration Tester (eCPPT) [optional]
- Offensive Security OSCP [gold standard]
Next Steps:
- Target Weaknesses:
Active Directory - eLearnSecurity or Pentester Academy courses
Web Services - eLearnSecurity web pentesting courses
- Hack the Box, CTF, Bug Bountry, etc. [hands on pen testing practice]
Does the certification path of someone who has the OSCP narrow into specialist areas, or are there higher level "gold standards"?
Also, in your video on uni degrees you said that they're not necessary but are beneficial, do you feel the same way about grad degrees?
Thanks for the summary
Think of OSCP as the beginning of your pentesting journey, from there hopefully you can get a job and learn on the job. You can practice more on Hack the box and get more hands-on. There are a few certs for hacking Active directory that you can do, and also more certs for web hacking and mobile app hacking if you want to do that
Grad degrees I'm not really sure if the return of investment is there, they're expensive so pick a degree that has excellent content and will improve your position. Bachelors and certs are enough to be honest
@@UnixGuy Thanks!
new updated video:
th-cam.com/video/OR8G_Vi5B1U/w-d-xo.html
Great advice, Thank you!
🫡
Hey I got government-funded CCNA classes going for me this year and I'm starting to learn the basics of everything IT/cybersecurity. I have to say stumbling on your channel really helps me figure out a lot of things I should be doing after my cert and what kind of expectations I should hold myself to. Also looking forward becoming a new learner in the field. Just wanted to say thank you ^__^
Thanks mate, really appreciate your kind words! Good luck with CCNA and with your cyber security journey, please keep me posted with your progress
I appreciate the advice. I'm going to break into cyber-security soon. After studying for a while now I completely understand what you mean when you say that if you're not passionate then you won't survive. This really isn't for the faint of heart.
Good luck my friend
Awesome video, very interesting thanks!!
you’re welcome :)
Thank you bro for the information
🙏🏻
Thank you so much!! : )
🙏🏻
God bless you sir
thanks mate 🙏🏻
Hi, great video for us who would still consider to switch to pen-testing field. I'm NFVi engineer who still considering to switch field.
If you have passion for it, go for it! Good luck and keep me posted with your progress
great advice, gonna take that eJPT !
Awesome! I hope you enjoy it! Keep me posted with your progress!
Thank you
🫡
Keep Going😍🙌
thanks taniya :)
hey man , I love your work. Rlly helps me set my footing and understand this beautiful world of cybersecurity better. I do have a question tho, most recruiters have no clue what role needs what certs. I've seen people stack certs on job descriptions that don't even make sense. I'm guessing it just shows the desperation for cybersecurity talent. But my question was, do you think a bachelors degree would suffice to enter the market and do well ?. For those of us who simply lack the funds and time for a masters degree. I'm soon enrolling in the RIT dubai course of computing security, thanks to your advice of specializing directly at a bachelors level. Thanks alot man, love seeing your channel grow.
Thanks for your kind words and glad the vidoes are helping!
You don’t need a masters degree, and yes recruiters are aweful! The list of certs in jobs are usually more of a wishlist. Bachelor’s would be enough, and I highly recommend lab-based certs
Thank you sir
👍
Thankyou sir
you’re welcome friend! keep me posted with your progress!
God bless you
🙏🏻
great content. could you add what pentesting tools you recommend for m1 pro. Or how you would set up m1 pro for pentesting. looking forward to more of your content. new sub from me 👍
thanks. I’ll have a think about it
Great content. Started my Cyber Security Analyst journey last week. Completed first classroom session today Network+ the cert stack they offer is Network+/Network Defender/ Ethical hacking in that order. Would you recommend any supplemental resources?
yes, depends on what you wanna do, if you want to become a pentester then I recommened the certs that I talk about in the video
Hey, i have the security + and am doing the network analysis, active directory, etc courses for my first cybwrsecurity role. What do you think of the CEH? I've heard that it is a controversial cert, but I was also studying for it because my job paid for it. Thanks for the advice, awesome follow!
if your job is paying for it then do it, otherwise do the ones I recommended in this video :)
Hello ,
Im watching your video and found your advice it's very valuable. I started my IT journey since 2 years ago and I have a Good background of Coding and Programming and I'm a fun of Cybersecurity and Ethical Hacking. I take end this Year the CompTIA Network + and will go for Security + . Would only say thanks for your job and keep up your good work .
Good work Rahmani, looks like you’ve been working hard, keep it up 👏🏻
Or get in with ccna and get into cloud after just get re certified. Network engineer is good experience.
network engineering experience does not lead to becoming a penetration tester, it’s a completely different field
Thanks for another great video friend. Is there any advice for someone who isn't sure what branch of cybsec to get into but wants to start learning with 0 experience whatsoever? Is Comptia Security+ still the right choice and similar to eJPT where the assumption is you have NO experience/Knowledge whatsoever?
hey mate, I’d say both sec+ and ejpt are great introductory certifications. It’s perfectly ok and normal not to know what the right specialisation is, start with something, try and get experience under your belt (most important step) and then you can easily pivot to other specialisations once you have some experience
@@UnixGuy appreciate all your help and encouragement!
@@jonathanshane256 👏🏻👏🏻
Great video! Thank you. What are your thought about this new PNPT certification from The Cyber Mentor?
thanks mate! I’m not really familiar with the cyber mentor certs so I can comment on the quality. I would personally stick to OSCP and eLearnSecurity as they’re more recognised in the industry, and compliment that with practise in something like Hack the box
@@UnixGuy great! Thank you!
Hi UnixGuy,
Hope you are well.
Love your content…. Straight to the point no outer world stuff…. thank you for that.
I am in Melbourne, Australia, I been working in Help desk Technician role from last 5 months.
I am thinking of leaving the role and to do some part time job to self study for Cyber Security full time, because of the current job I hardly get the time to study.
My questions are:-
Do you think its a good idea to leave the role and self study full time? I am afraid if I go back to apply for cyber security jobs lets say after 6 months once I crack eJPT or any entry level certification, will companies accept me?
Whats your thoughts on a person doesn’t have any technical job background like help desk or IT technician? Do they still have a chance to directly go to cyber security roles, if they have the skills
My skills are :-
Networking
Linux OS (ubuntu, kali, mint)
Microsoft Azure fundamentals, active directory
Python (currently working on it)
After listening to you I decided to go for eJPT.
Thanks for everything again
Really appreciate your time and effort.
You are the one we need right now.🙏🏻😊
You are most welcome, glad you enjoy the content. The person I mentioned in the video was also Melbourne based
I do not recommend you quitting your job, you can study cyber security part time and do certs part time. try and network within your current job and see if you can get a transfer (I talk about this in my very first video)
If you really want to do pentesting, start with eJPT and then eCPPT/OSCP the hack the box, you dont need to study full time, part time is fine
helpdesk experience is good as you build out your CV, gives you customer service experience and shows that you can work in professional environments.
You can also do free TAFE Cert4 in cyber security which is broad, but it is free and you can learn a lot!
So in summary, please dont quit your job, study part time to build your skills and certs and that wil make getting your foot in the door in cyber a lot easier :)
Brother if you have 1200 Dollars and able to study 2 to 3 hours daily
Here it's not vendor based certification but enough for getting job
CAT (Career Advancement Track)
CODS Specialization
C 👉 Cyber Defense
O 👉 Offensive Pentesting
D 👉 Digital Forensics
S 👉 SCADA
👉Python primer
👉Python Alpha
👉Python Beta
👉Python Gamma
👉Linux Primer
👉Linux Alpha
👉Linux Beta
👉Cissp preparation
👉ISO 27001,27017,27018 Lead Implementer
👉Cyber Security Essential Revisit
👉SCADA, ISO 27019:2013 & NIST 800-82 Connection
👉SCADA Security 101
👉SCADA Prevention and detection a Hands on approch
👉SIEM a Hands on approch
👉PCI DSS QSA Training
👉Vulnerability assessment in line with various frameworks
👉Web application Pentesting, & Ethical Hacking in line with various frameworks
👉Network Pentesting , & Ethical Hacking in line with various frameworks
👉Bug bounty Hunting
👉ISO 2700x Standards review as per Digital Forensic
👉Intro to open source tools in Forensic
👉Network Threat Hunting
👉Security Operation Center Role in Cyber Security
👉Incident Response a Hands on approach
👉Windows Forensics
👉IOS forensics Analysis and IRM
👉Memory Forensics
👉Network Forensics
👉Threat Intelligence
👉Cell phone Forensics
👉Malware Analysis and Reverse Engineering
Data Science Specialization
👉Introduction of Data Science
R Programming
👉Data Collection and data wrangling
👉Exploratory Data Analysis
👉Machine learning: Supervised Learning
👉Machine learning: Unsupervised Learning
👉Capstone Project
👉Data visualization
Sysops(Operating System)
👉Linux Fundamentals
👉User and Network Administration
👉Server App
👉Core Admin
Ghanimah Labs
👉Vulnerability assessment Labs
👉Web Application Pentesting Labs
👉Network Pentesting Labs
👉How to be a bug bounty hunter labs
👉CIS Critical Control Labs
👉PCI DSS Labs
👉ISO 27001 Labs
👉Mobile Hacking Labs
👉GCP vs OVH vs Azure vs AWS Pentesting Labs
👉All things wireless Labs. 👉Advanced Web App pentesting Labs
👉Exploit Development Labs
👉Digital Forensics Labs
👉HIPAA Labs
👉NIST Cyber Security Framework Labs
👉IASME Governance Standard Labs
👉SOC 1,2,3 Type 1 and 2 Labs
👉TC Cyber Labs
👉HITRUST CSF
👉CISQ Labs
👉FEDRAMP Labs
👉GDPR Labs
👉FISMA Labs
👉NY DFS Labs
👉FFIEC Labs
👉NERC CIP Labs
Mathematics for Emerging Pathways (eMath)
👉Linera Algebra- Matrix theory and its real world application
👉Probability- as a tool for decision making under uncertain circumstances
👉Statistics
👉Calculus and Optimization
LinkedIn Course
👉In my 4 Weeks LinkedIn Coaching Focusws yhe following strategic areas.
Introduction to linkedln Opportunities
👉How LinkedIn helps jobs seekers, influencers and businesses
👉LinkedIn profile health check
👉How to Brand yourself on LinkedIn
👉Identifying Headline Keywords
👉Industry focus - How to target and industry
👉How to write a compelling and optimized Summary?
👉Targeted Content Creation
👉Building your personal brand on LinkedIn
👉Relevant and Targeted Networking
👉Connecting with recruiters and influencers
👉Finding the hidden jobs markets
👉Bonus feature
👉Worksheets and practical Assignments
Duration : 9 to 12 Months
Languages: Urdu | Hindi | English | Spanish | Arabic | French | Portuguese | Indonesian| Italian| Russian| Turkish| Bengali| Japanese| Mandarin
Able to earn 100000 Dollars per annum
Pre-Requisites:
Educational background from any discipline
Be able to browse the internet
Be able to use Google translator to translate articles into their native language
career.alnafi.com/ru-cat/#a_aid=Hassantariq
This is my affiliate link
150+ wstg+vulnerability assessment+ iso 27001 labs already released scada labs maybe in a month
If I’m coming from another industry, do I need a entry level job before being a penetration tester. FYI, I watched this video a month ago and signed up for eJPT. Plan on taking it in April. Thank you for the advice.
hey Anthony, no you don’t but you’ll need to frame your previous experience in another industry in a positive way, for e.g. highligh that you worked in a team or thar you’ve done some customer service.
Get hands-on certs and keep applying until you grt something, it wont be wasy but it’s possible!
Even if u dont manage a pentest job right away, apply to anything cyber related whilst you work on ur certification path
Hi Unixguy,whats your opinion on comptia+ security,network,pentest,linux all these comptia certificates then oscp or should i go for ejpt,ecppt then oscp which will be the best?
yes do eJPT then eCPPT then OSCP, alternatively, try these:
th-cam.com/video/OR8G_Vi5B1U/w-d-xo.html
Would you recommend doing the Active Directory course and cert before doing OSCP? Because, AC is now a part of OSCP.
Just start the OSCP, the material in there should be enough. It’ll take time to pass the OSCP so don’t waste more time before even starting. Start and figure it out as you go
@@UnixGuy cool. Thanks
@@Anthony-wg7fn no worries at all - good luck
Hi UnixGuy,
I am thinking about studying in master of cyber security and get some cloud certifications. Do you think getting the degree and certs will be able to get me a job in cyber security in Melbourne? If not enough, what more do I need to do to get my foot in the industry.
it’s a good plan mate but there are no guarantees in life. Getting the masters and certs will improve your chances to land a job. network with people in the industry and work hard, you will get in eventually. There is a big demand for people with skills
@@UnixGuy
Hi UnixGuy,
Can you tell me the name of some of the network events in Australia particularly in Melbourne where I can attend to network with cybersecurity professionals.
@@justarandom4747 looks up appsec melbourne and cyberconf melbourne
So, I always thought that eJPT, eCPPT, and OSCP wouldn't teach very much about web pentesting. Can I also do web pentest with those certs or only (internal pentesting) like on premise? I know there's certs like eWPT and OSWE, but once I get to the OSCP level, I might need to be ok to fly alone since I see certs as directions, and OSCP is a cert that opens doors. I think that would be enough. But maybe I'm wrong, please feel free to tell me if you disagree.
You answered my question on the video. Thank you.
Anyone feel free to talk about it.
you’re welcome my friend, good luck and let hs know how you go with your plan :)
BSCP will help u a lot about Web pentesting
@@endritzejj5586 thank you. I’m gonna take the BTL1 next week. PJPT and PNPT are already paid. I’ll take OSCP in 2025.
@@FaLkraydz do u work as Pentester ?
If i have bachelor of science in computer information system can i work in cybersecurity? or can i persue master degree in cybersec?
you definitely don’t need a masters degree. watch the rest of my videos. Like this video, I provided you with a list of certifications to follow, that should be enough to get your foot in the door
I have a Bsc degree in Statistics and all my dreams is to turn my future career into IT profession, particularly Cebersecurity or Cloud Computing. You once recommended me one of these two like 2 months ago, but the basic knowledge to have before investing in one of these two is becoming doubtful to me. Please need more light about.
Hi unixGuy, i am looking for the eJPT certificate on the official eLearn Security website but it seems that its been removed, any other certificates you suggest instead of eJPT?
ine.com/learning/certifications/internal/elearnsecurity-junior-penetration-tester-cert
Hi,I'm interested in cyber security but i have two problems,Where do I learn from what sources and what should I learn?, and which entry level certificates that i need as junior to make the companies accept me to interviews and work for them?
Well in this video I’ve given you a pathway to become a penetration tester with the courses and certs. I have another video that also give you the same pathway for cloud, check them out and pick the one you’re more interested in/enjoy :)
Mr. Unix Guy, would you mind making a review about PJPT? like is it better than eJPT as PJPT is more hands-on than eJPT.
I believe they’re both extremely similar, you can’t go wrong with either :)
@@UnixGuy thank you. i am indeed preparing for the PJPT, just wanted to confirm by an experienced cybersec proffesioal. i wish i know your channel bit earlier hahah. you got a new sub.
@@cypherhats all the best!
hi, i'd like to ask if i want to be a penetration tester do i need to get a CompTia network+ or compTiaSec+ certificate first? can i skip that CompTIA certificate and just take the ejpt, eccpt and then oscp?
hey Rinaldy, you can absoltely skip those and start straight into pentesting, start with eJPT and then eCCPT and OSCP, no need for comptia.
Alrernatively, these are some different certs than can accomplish the same thing in this more recent video:
th-cam.com/video/OR8G_Vi5B1U/w-d-xo.html
@@UnixGuy thanks sir!!, You helped me a lot
@@rinaldyzhou7769 my pleasure; thats why I make these videos :)
Hello sir, my brother is MBA marketing graduate and 2016 passed out,present he would like enter in to networking (IT side) pls what do you recommend for him? In networking what will be the work? Pls suggest...
I do not recommend that people get into networking anymore, there aren’t that many networking roles out there
Tell you what... I failed this ejptv2 twice once I got 31% and then 65%. The gap is of 14 days in my retry. I wonder if anybody here has failed this exam. I quit my job to pursue this and am not gonna stop till I get better and become valuable.
good luck! once you finish eJPT, this is also another roadmap for you:
th-cam.com/video/OR8G_Vi5B1U/w-d-xo.html
Sir I checked some of the recommended certificate online I find out that they are costly compare to my countries currency (Nigeria) . But with what I see online I am planing to save for both eJPT and eCPPT but for the OSCP it is too high, sir pls what is your advice on this wise.
Take it one step at a time, eCPPT is a bit commitment, once you pass it hopefully you can land a better paying role that will enable you to afford OSCP - it’s an investment
@@UnixGuy thank you sir
Bro can you pls tell me which Sans or CompTIA cert. course should I choose to get into the field of ethical hacking and cyber security.
I am just a beginner and know pretty much only about computers and know HTML and CSS only.
Pls help me out.
If you can tell me more than one course in a line {one after another} it will be more helpful as I want to crack OSCP exam.
Note I got all the material and videos of CompTIA and SANS for free.
But ultimately I want to crack OSCP and more tougher certification exams.
Also I have PWK course completely for free but dont know where to start with as I am just a beginner and dont know even basics of programming languages like C, java and python.
Have you watched the video? I literally tell you which certs to do and in which order. eLearnSecurity eJPT, then either eLearnSecurity eCPPT or OSCP. Please watch the video and take notes, it answers all your questions
@@UnixGuy oh okk sorry.
@@HydrousVerified no worries friend, make sure you watch all the videos, I have a lot of recommendations for ethical hacking career path :) welcome to the channel!
@@UnixGuy Bro I have all Sans courses can you pls recommend one of them for better preparation of OSCP exam pls.
Cause as you know OSCP is much practical based and most of its material is pretty complex.
I got these SANS courses luckily from somewhere for Free.
Thank you
Hello sir
I am start my learning in penetration testing but I Confused because which concept I learning first please you recommend courses i learn penetration testing😊
follow the plan in the video
I asked a security engineer at the company I work for if he ever thought about becoming a pentester and he told me: "As sexy as it sounds, when you have 3 kids, a wife and a house, it doesn't sound that sexy anymore as pentesters travel quite a bit, as well as Red Teamers."
Is that true? If it is, I'm gonna stay in Blue Team and only do offensive as side hustle (Bug Bounty).
everyone is different! i know many people with kids who work as pentesters, stay tuned for my next video ;)
@UnixGuy Did you every get time to release your next video
Like from india
Greetings to you friend, a lot of my colleagues at work are from India :)
Hello UnixGuy,
I hope you are doing well. I have got offers from University of Queensland and Monash University for master's In cybersecurity. I'm bit confused which to accept. Can you help me with this?
They’re both excellent, I would personally pick Monash for a bigger city and the degree is solid
@@UnixGuy Hi, Monash or rmit?
@@alphavm5080 Monash for sure
@@UnixGuy Sorry for disturbing you. Have you ever compared course structure of Monash and Queensland? On my perspective Queensland have a deeper course structure for cyber security.
Monash have python, java, databases. As core subjects. What's your opinion?
@@alphavm5080 I’m familiar with the Monash course more than the Queensland course and I know people who did the degree from Monash and they enjoyed it. I’m sure the Queensland course is good too, but I woule choose Monash based on the course but also Melbourne is a bigger city with more opportunities and a larger international student community
Could you give me a job for learning ethical hacking and not having a formal degree.
you can score a job if you have the skills but it’ll be more challenging as a lot of organisations want you to have a degree. Harder not impossible.
You can do a degree part time or online
I have my A+ and Network+ and am about to get Security+. Do I need a degree for this or no?
short answer no you don’t. This video explains it:
th-cam.com/video/GPmVphOqSGY/w-d-xo.html
eJPT is the same level cert as CEH, but not as recognized. CEH will help you get a job, eJPT won't, or at least not nearly as much.
I’m gonna have to disagree. Whilst more people have heard of ‘CEH’, the eJPT is far more superior. in eJPT you will actually learn the basics of penetration testing and actually get to practice the material but in CEH you just memorise a bunch of multiple choice questions.
Real world pentesters know that CEH has zero value.
@@UnixGuy yes i completely agree with you but at job view eJPT is not recognised in IT companies however ceh is globally popular cert . In Indian IT companies ceh cert lots of demands and this cert give you job too!
@@prathmeshchaudhari7613 your goal should be to learn the skills that will make you a penetration tester so you need to aim to get OSCP. Getting eJPT first is good stepping stone. No serious penetration testing job will take CEH into consideration as it adds zero value.
If you just want to do CEH and work a general IT role then sure you can do it, if its for a pentesting career then CEH is a gigantic waste of time and money
@@UnixGuy yes i agree with you at skills point eJPT and OSCP best cert ,ceh is only bunch MCQ that's not give hands on practical knowledge or skills and now I will prepare for eJPT cer thanks for responsing me love your videos and love from India :-)
@@prathmeshchaudhari7613 good luck my friend, glad the videos are helping you 🙏🏻
Are the oscp materials just pdf or video materials
Google it
Can i learn online self study from courses and get some online certificates and get a job? i mean without study cyber security in a college
yes
@@UnixGuy thank you so much for replying God bless you
@@MM-ry7yv you are most welcome friend! I recommend you watch all the videos I have, they’re short and they will answer a lot of the questions that you have :)
@@UnixGuy I have graduated from law college do you think this will be a problem because i don't have an IT background or computer science degree
@@UnixGuy yes i will do for sure, i just have one problem I'm from Egypt and when i searched on certificates i have found that some of them cost 400$ and when i exchange to my local currency it's a very big amount of money that's why i was trying to know which certificates are only the nessccury for entry level to get interviews and job
Is PNPT as good as eJPT?
The answer is in this video:
th-cam.com/video/OR8G_Vi5B1U/w-d-xo.html
Has anyone here got a job in melbourne in pentesting? Just finished my google cybersecurity course and signed up for hackthebox, then going to study for the ecppt exam. Wondering if i will need a degree
you’re commenting on a very old video, please follow this updated roadmap:
th-cam.com/video/8K7iAJ9BNl0/w-d-xo.html