A few weeks ago I signed up for eLearnsecurity’s(eLS) Penetration Testing Student(PTP) course along with vouchers for the eLS Junior Penetration Tester(eJTP) certification exam. This was all due to the overwhelmingly positive responses I was seeing throughout the security community surrounding the eLS certs.
But could the training and certification experience be THAT good? I liked what I was hearing about it and the ‘Elite’ package for eJPT was only $500 for a practical pentesting certification with dedicated labs, 3 retake vouchers, etc; how could I say no?
In the realm of cybersecurity, one of the more exciting jobs is that of a Penetration Tester. You get to legally hack real production networks looking for vulnerabilities and hopefully gaining root, system/nt authority, orDomainAdmin(DA) access.
This can conjure up images of firing off your latest exploits to pop a reverse shell, then running your best priv–esc scripts, and finally issuing that whoami command to reveal your admin level access. What a job! But…
The job isn’t over yet, now you need to write up your findings into a professional-looking report for the client. This, after all, is ultimately the final product you sold them when bidding on the job. I’m going to show you what many clients are looking for in reports and give you a sample report that I created.
Have you ever thought, “There’s got to be a better or easier way to do this?” Maybe, you’ve thought, “This tool already exists, but if it did <THIS> then it would work so much better in my weird, edge-case scenario?”.