From Delaying Certifications to Passing eJPT: My Real Journey

infosecwriteups.com · Ehtesham Ul Haq · 8 days ago · tutorial
quality 2/10 · low quality
0 net
Tags
bug-bounty
From Delaying Certifications to Passing eJPT: My Real Journey | by Ehtesham Ul Haq | in InfoSec Write-ups - Freedium Milestone: 20GB Reached We’ve reached 20GB of stored data — thank you for helping us grow! Patreon Ko-fi Liberapay Close < Go to the original From Delaying Certifications to Passing eJPT: My Real Journey Free Article Link: Click for free! Ehtesham Ul Haq Follow InfoSec Write-ups · ~4 min read · March 25, 2026 (Updated: March 25, 2026) · Free: No Let's be honest — certifications always sound like a good idea… until you actually try to fit them into your daily life. Back in 2024, I started thinking seriously about doing some cybersecurity certifications. Not because everyone was doing them, but because I wanted to build a stronger foundation for myself. But there was one problem — work. Between freelancing, bug bounty hunting, and managing everything else, it's honestly not easy to stay consistent with studies. Days pass, weeks pass, and suddenly that "I'll start soon" turns into months. And that's exactly what happened. Starting Small in 2025 In 2025, I finally decided to stop delaying and just start. Instead of jumping straight into something big, I began with a few certifications on Coursera, including the Google Cybersecurity Professional Certificate, IBM Cybersecurity courses, and some other beginner-friendly programs. I've also shared my full experience with the Google certification here: https://medium.com/bugbountywriteup/google-cybersecurity-certificate-and-why-its-the-easiest-way-to-step-into-the-field-4292d2ec1f3a These helped me a lot. Not because they made me an expert, but because they helped me understand how to think in security . At the same time, I was already doing bug bounty — testing applications, exploring endpoints, finding small issues, and learning in my own way. But still, something felt missing. I wanted something more practical. Something that actually tests you. Why I Chose eJPT According to my roadmap, the next step was clear: eJPT. I had heard about it before — a practical certification focused on real penetration testing. It felt like the right step forward, especially since I was already exploring bug bounty. So I decided to go for it. Preparing for eJPT I didn't rush into it. I spent around 3–4 months preparing for the exam. Not every day was perfect — some days I studied, some days I didn't — but I tried to stay consistent. What helped me the most was following the official material properly, watching YouTube reviews, reading other people's experiences, and collecting as much information as possible before starting seriously. That last part really matters. Before jumping in, I made sure I understood what the exam looks like, how it works, and what to expect. The Experience (What I Learned) Even though I was already doing bug bounty, this course was honestly an awakening experience for me. It helped me understand the full penetration testing process in a more structured way. Instead of randomly testing things, I started thinking step by step — recon, enumeration, exploitation — everything with a clear approach. It also improved how I look at targets. I became more patient, more methodical, and more aware of small details that I might have ignored before. In bug bounty, we sometimes jump straight into testing. But eJPT teaches you to slow down and follow a proper flow. And that made a difference for me. The Exam The exam itself is practical. You get access to a lab environment where you have to scan, enumerate, exploit, and answer questions based on your findings. You usually get two attempts , which gives some peace of mind. For me, I was able to pass on the first attempt . Nothing special, honestly. I just followed the material, understood the concepts, and stayed calm during the exam. My Advice (If You're Planning eJPT) If you're planning to take eJPT, here are a few simple things that can help: -Don't rush the process. -Go through the official material properly. -Watch multiple reviews and walkthroughs. -Understand the exam format before attempting. -Take notes while studying. The more clarity you have before starting, the smoother your preparation will be. My Certification I successfully completed the INE Junior Penetration Tester (eJPT) certification. It covers areas like assessment methodologies, web application penetration testing, host and network testing, and auditing. Issued on: February 21, 2026 Valid until: February 21, 2029 You can view my certification here: https://certs.ine.com/e32d53b0-9ef9-446b-a811-d42d12f98571#acc.QlgDM06R What's Next? This is just one step in the journey. Moving forward, I'm planning to prepare for OSCP , and hopefully attempt it this year. It's one of the most important certifications in this field, and I'm really looking forward to the challenge. Conclusion Looking back, starting this journey wasn't easy — especially with a busy schedule and everything else going on. But taking that first step made all the difference. eJPT didn't magically turn me into an expert, but it gave me something more important — a solid foundation and a better way of thinking. If you're someone who's unsure about where to start, or you keep delaying like I did, just begin. Even small progress matters. Consistency beats perfection. And if you're on this path too — just start. Thanks for reading. I really appreciate your time. If you're interested in bug bounty, penetration testing, or real-world security learning, feel free to follow — I'll be sharing more experiences, write-ups, and insights along the way. #bug-bounty #bug-bounty-tips #cybersecurity #cyber-security-awareness #cybersecurity-training Reporting a Problem Sometimes we have problems displaying some Medium posts. If you have a problem that some images aren't loading - try using VPN. Probably you have problem with access to Medium CDN (or fucking Cloudflare's bot detection algorithms are blocking you).
← Back to stories