Penetration Testing Student(PTS) Course Review | INE

WHAT IS PTS?

PTS (Penetration Testing Student) is a course of novice level for the exam eJPT (eLearnSecurity Junior Penetration Tester) , If you are just starting in the cyber security then it is highly recommended to check it out. The whole PATH consists of three parts:
1>Penetration Testing Prerequisites-> It gives you basic knowledge of ethical hacking like IP, Subnets, HTTP , Cryptography etc.
This particular part focuses on topics like
>Introduction : how to connect to labs and basic things.

>Networking: tells you about networks like Routing, TCP, UDP, DNS , Wireshark etc.

>Web Applications: you will study how web applications work as in what are cookies, Burp Suite ,http protocols etc.

>Penetration Testing: It consists of 2 ppts, one is introduction to penetration testing and other is lifecycle of a penetration tester.

This part has 5 labs , 20 ppts and 7 videos adding up to to become a 9h 48m long part, but you can finish it earlier than this even if you don’t know anything about these topics and learning them for the first time. I practice on TryHackMe and Hackthebox like platforms so I was able to do it quite fast going through the ppts and giving them a little read , watch videos at 1.5x and then finally focus on labs as they are the practical part and hence the most imp too.
With all this our first part of the PATH is DONE now lets move to the second part of the PATH.

2>Penetration Testing: Preliminary Skills & Programming ->This part will focus on basically the programming aspect of ethical hacking, as you will have to go through several codes to find what’s the loophole in any application ,website etc. or may be you want to automate your manual work for that you also need to code some script, which will require basic knowledge of languages in computers. Hence as an hacker knowing some languages is quite necessary if you don’t want to rely on other’s already made scripts or tools which is highly recommended but un till you don’t know the languages use of tools won’t kill. Just Don’t be a script kiddie 😃, because that won’t help you in long run. Okay so finally after all this lets see what this part of the PATH offers us point wise:

>Introduction To Programming : As not hard to guess this will give you proper introduction on what programming is and why it is necessary, with some basics concept of programming , difference between low and high level languages etc. all this will help you to understand programming better if you are new to it otherwise you can just scrim through the ppts.

>C++:Okay so first programming language we will learn is C++ and it an Object Oriented Programming language which means you can use classes in it and make objects and all but this is no OOP language blog so let’s talk about on what is INE teaching us in C++, it starts with C++ IDE, structure of C++ programs, input/output and all the way to pointers, functions and arrays, even if you are new to it you can understand all this very easily and C++ ends with a lab on C++ assisted exploitation. Which you will do easily if you have read everything they have in C++ topic.

>Python: Python is just an awesome language and it is quite famous among hackers because you have different libraries to make your work easy. After knowing all these qualities you should definitely try learning python as it will be a big help for you. Let’s see what INE has to offer in Python, it starts with the same instruction as it started in C++ and then go all the way up to lists, dictionaries, functions , modules , pentester scripting now as this last part seems very interesting it contains the methodology and the modules that will be helpful for a pentester in python. It can be for anything to automate your work or to exploit a vulnerability. INE has a lab for you to perform in the last of Python.
So yeah one more language is completed 😃 and the last language we are going to study is for the command line in Linux.

>Command Line Scripting: We will study command line scripting for Linux(Bash scripting) and Windows

i>Also known as BASH scripting. So why should we learn bash scripting and how will it help us in our pentester carrier. Basically, Bash scripting is command line scripting which means that the terminal you are using is run by bash scripting i.e.; you can interact with the system by using bash script and to make most use of system while having a shell(it can be of any type web shell , rev shell etc.) knowing bash scripting will help you to make most use in your post exploitation or may be help you in exploitation as well their is no limitations to the use of this language on Linux. That’s why it is included in INE course. It starts with introduction and then escalating to commands and programs and then to conditions & loops , there are 2 videos too in this part.

ii>Windows Command Line, it will tell you how to interact with windows command prompt to roam around the system thorough a shell and perform different commands on it to finally exploit it, if that’s the case. It’s content is similar to the content of bash scripting part it has introduction which escalates to commands and programs , using conditions and looping as well and this part ends as well the Second course of PATH also ends here 😃.

This part was fun for me as I knew the languages already and was familiar with bash and windows command prompt as well but after reading all this it did added some more to my knowledge, so no matter what you already know reading all these ppts and watching videos will only add to your knowledge somehow so I insist you go through the course properly.

This course has
Here comes the FINAL PART, Let’s get into it.

3>Penetration Testing Basics: This is the final course , it is the most important and also the biggest one. It has several tools which we use to do pentesting and they do come in very handy. So, pay special attention to this course . This course has 7 parts in it :
>Information Gathering: From the name you can guess that it is about getting all the information you can get from open sources, subdomain enumeration .

>Foot printing & Scanning: In this you will read about how to map a network so that you can get an understanding on how the network is and how can you exploit it. Basically you will read about different usage of NMAP (tool) in this and mass scan as well. It ends with a lab on OS fingerprinting.

>Vulnerability Assessment: As the name suggests you will study on how to check for vulnerabilities on the target to exploit which is basically done here by the help of NESSUS(tool).It ends with a lab on Nessus.

>Web Attacks: Web attacks consists of different tools and methodologies we can use to attack web applications. The tools which are explained here are Netcat ,Dirb ,Dirbuster ,sqlmap etc. and couple of common vulnerabilities are also discussed here such as Cross Site scripting(XSS) and SQL injection. This part has 3 labs on Dirbuster, XSS and SQL injection.

>System Attacks: In this we will study about different ways a system can be attacked like by malwares, making a backdoor, some password attacks , hash cracking using john the ripper and hashcat and in the last Buffer Overflow Attacks.

>Network Attacks: Networks attacks consists of Authentication cracking{HYDRA (tool)}, Windows shares, Null Sessions, ARP spoofing , Metasploit(very imp tool) then about meterpreter and beyond remote code execution(RCE).

>Next Steps: This is the last part of this course and this is about what to do next after reading all this information we are supposed to solve 3 backboxes(machines) on which we can use our whole information and implement it to get root on these machines and this is just the practice for the final exam (eJPT). It is highly recommended to do these black boxes at least once before giving the exam so that you can see how the exam will take place and what will you have to do while giving the final exam.

It also consists of Penetration Testing Approach and Career Paths as in you can know how to approach for a better future in this industry.

At last I would say, overall this is the great course and best part is that you get it free of cost . 😃

I chose this to do eJPT as it is kind of entry level pentesting exam and I have quite a knee interest in security field and want to contribute to Cyber Security field. This PTS course is a great head start, one must take it.

LinkedIn :- https://www.linkedin.com/in/rishabh-rai-858a911b9/