Every week someone asks me what certification to start with. Not what to get after two years of HTB and home lab practice. Not what comes after OSCP. The first one — the one for people who know they want to break into offensive security but don’t know where to start.

My answer in 2026 is still the eJPT.

Not because it’s prestigious. Not because it’ll make a hiring manager’s eyes light up. Because it does something more important than that: it teaches you what a penetration test actually feels like, before you’re in over your head.

This is an honest review of the eLearnSecurity Junior Penetration Tester (eJPT) — what it tests, what it costs, who should take it, and where it fits in the certification landscape alongside PNPT and OSCP.

What Is the eJPT?

The eJPT is an entry-level penetration testing certification developed by eLearnSecurity and now delivered through INE (Information Network Engineering), which acquired eLearnSecurity in 2021. It’s a fully practical exam — no multiple choice, no memorizing CVE numbers.

The goal is simple: demonstrate that you understand the basics of network penetration testing methodology. Not that you can compromise a hardened enterprise network or pivot through three network segments. Just the fundamentals — scanning, enumeration, exploitation, and reporting at a beginner level.

It’s the first rung on a very long ladder. But it’s a real rung.

Who It’s For

The eJPT is explicitly designed for people who are new to offensive security. That’s not a caveat — it’s the whole point.

Take the eJPT if:

  • You’re coming from an IT or networking background and want to pivot into pentesting
  • You’re a student or recent graduate building your first cert stack
  • You want to validate your fundamentals before committing to a harder exam like PNPT or OSCP
  • You need hands-on experience to confirm this career path is actually for you

Skip the eJPT if:

  • You already have solid HTB or TryHackMe experience — you’re probably past this level
  • You’ve worked in IT security for a few years and understand basic recon/exploitation concepts
  • You’re targeting mid or senior roles — recruiters won’t weigh this heavily at that level

The eJPT is not a career-defining certification. It’s a foundation builder, and it’s best treated as exactly that.

Exam Format (2026)

INE updated the eJPT exam structure in 2023 and the current version is noticeably more practical than the original. Here’s what you’re working with:

  • Format: Fully practical, browser-based lab environment
  • Time limit: 48 hours (you don’t need all of it)
  • Questions: 35 questions answered from within the lab environment — you find answers by actually doing the work
  • Passing score: 70%
  • Retake: One free retake included
  • Connection: VPN-based lab, accessible via browser

The exam simulates a basic internal network. You’re given a target scope and asked to perform recon, enumerate services, exploit vulnerabilities, and answer specific questions about what you find. The questions force you to engage with the environment rather than guess — if you can’t enumerate a service correctly, you won’t find the answer.

Compared to the old eJPT format, the current exam is more coherent and better reflects what a real beginner-level internal assessment looks like.

How long does it take? Most candidates finish between 8 and 16 hours. If you’ve completed the preparatory course material, you won’t need the full 48.

Difficulty

Honest assessment: the eJPT is accessible. It’s designed to be.

That doesn’t mean you can walk in cold and pass it. You need to be comfortable with:

  • Basic Linux command line
  • Nmap scanning and output interpretation
  • Simple web application enumeration (directory busting, finding exposed endpoints)
  • Basic exploitation with Metasploit
  • Fundamental networking (subnets, routing, common ports and protocols)

What you don’t need: experience with Active Directory, custom exploit development, AV evasion, or anything that requires deep offensive tooling knowledge. The exam stays in the beginner lane.

If you’ve worked through INE’s Penetration Testing Student (PTS) course — the primary prep material for this exam — you’ll find the exam difficult but manageable. If you’ve skipped the course and just watched YouTube, you may find specific questions harder than expected.

Cost

The eJPT exam voucher is included with an INE Starter Pass, which costs $199/year. That pass also gives you access to the Penetration Testing Student course — so you’re effectively getting your study material and your exam in one package.

If you already have an INE subscription, exam vouchers are available separately.

What’s includedPrice
INE Starter Pass (annual)$199
Penetration Testing Student courseIncluded
eJPT exam voucherIncluded
One free retakeIncluded

For context: OSCP runs $1,499+ and PNPT runs ~$400. At $199 all-in, the eJPT’s price-to-value ratio is hard to argue with.

Study Resources

INE’s Penetration Testing Student Course (PTS)

The official prep course is the obvious starting point. It’s included with the Starter Pass and covers:

  • Networking fundamentals (TCP/IP, routing, protocols)
  • Web application attack basics
  • Information gathering and footprinting
  • Scanning with Nmap
  • Exploitation basics with Metasploit
  • Manual exploitation concepts

It’s well-structured for beginners. The lab exercises connect directly to what the exam tests. Don’t skip them.

TryHackMe

TryHackMe is the best free supplementary resource for eJPT prep. Their Pre-Security and Jr Penetration Tester paths cover the same material in a more gamified format. If you find the INE course dry, TryHackMe is a good parallel resource.

These books aren’t required for the eJPT, but they’ll give you a depth of understanding that lab exercises alone don’t build. Both are investments that pay off well beyond this exam.

The Linux Command Line by William Shotts

If you’re new to Linux, this is the book. Clear, comprehensive, and practical. A solid Linux foundation will accelerate every technical exam you take from here on out.

Hacking: The Art of Exploitation by Jon Erickson

Not required for eJPT, but if you want to understand why exploits work instead of just running them through Metasploit, this is where to start. It’s foundational reading for anyone serious about offensive security.

eJPT vs PNPT vs OSCP: Where It Fits

Here’s the honest positioning:

eJPTPNPTOSCP
LevelBeginnerEntry-to-midMid-to-senior
Price$199/yr (all-in)~$400~$1,499
Exam format48-hr practical, guided questions5-day network + report + debrief24-hr exam + 24-hr report
FocusFundamentals, basic exploitationActive Directory, real-world internal networkBroad scope: web, AD, buffer overflow, pivoting
Report required?NoYes — professional deliverableYes — professional deliverable
Industry recognitionLow-moderate (entry level)Moderate-high, growingHigh — still the gold standard
Best forFirst cert, confirming the pathFirst serious pentest certCareer-defining mid-level credential

The path that makes sense for most people entering offensive security in 2026:

eJPT → PNPT → OSCP

The eJPT builds your fundamentals and confirms this is the right direction. PNPT validates you can actually do a real engagement — including the AD attack chain and client deliverables. OSCP is where you prove mid-level competence to enterprise employers and senior hiring managers.

You don’t have to take eJPT before PNPT. If you already have hands-on experience from labs and CTFs, PNPT is likely your right entry point. But if you’re starting from zero, eJPT removes the paralysis of not knowing where to begin.

Common Mistakes

Over-relying on Metasploit. Metasploit is allowed on the eJPT — and you should use it. But understand what it’s doing. The muscle memory of why exploits work matters more than the speed of exploit -j.

Skipping the networking fundamentals. The INE course spends time on IP addressing, subnetting, and routing for a reason. Don’t rush past it. Understanding how traffic moves is how you understand what you’re attacking.

Treating it as a finish line. The eJPT is a starting point. The people who get the most out of it are the ones who use it as a confidence signal to go deeper — into HTB, into PNPT prep, into building a home lab.

Is It Worth It in 2026?

Yes — with the right expectations.

The eJPT will not land you a penetration testing job on its own. Nobody is hiring junior pentesters based on a single entry-level cert. But that’s not what it’s for.

What it does: gives you a structured learning path, hands-on lab experience, and a tangible credential that signals to yourself and to entry-level reviewers that you understand the basics. At $199 all-in with course materials and a free retake, there’s almost no downside.

If you’re serious about breaking into offensive security and you’re starting from square one — take the eJPT. Get the reps in. Then keep going.

The certification matters less than the knowledge it forces you to build.

Next steps:

All affiliate links — we may earn a small commission at no extra cost to you.

The Linux Command Line by William Shotts

The best book for building a real Linux foundation. Essential reading before any hands-on security certification.

Hacking: The Art of Exploitation by Jon Erickson

Teaches you how exploits work at the level below Metasploit. If you want to understand the craft rather than just run the tools, start here.

The Hacker Playbook 3 by Peter Kim

Once you’ve passed eJPT and are preparing for PNPT or OSCP, this book is essential. Covers real-world red team methodology with practical attack chains.

Written by a certified security professional (CISSP, OSCP) with 14+ years in offensive security and security leadership.

Need Cybersecurity Content Written by Practitioners?

RedTeamGuide is powered by CipherWrite — a cybersecurity content service run by OSCP and CISSP-certified practitioners with 14+ years in offensive security and security leadership.

If your company needs blog articles, whitepapers, or LinkedIn content written by someone who’s actually done the work — not a generalist writer with a SEO checklist — check out CipherWrite on Fiverr .