Inspiring the Next Generation with INE and the eJPT, Bootcamp Schedule - Part 2/8

As mentioned in my first post Inspiring the Next Generation with INE and the eJPT - Part 1/8 About Bootcamp I am hosting a Hacker Bootcamp this summer for 10 lucky students!

As a reminder, to get started with all of this course material is free (with INE Starter Pass INE | Checkout), and more information about the eJPT certification can be found here eJPT Certification - eLearnSecurity

For a quick summary of what is below please see our high-level schedule:

Here is the detailed schedule so that you can emulate this bootcamp for yourself and see what we will be up to this summer.

Week 1: Setup lab environment, perform Lab 0 Lab 0 - Beginner Series on Prepping for Your 1st INE CyberSec Lab, get familiar with Linux.

  • This week is all about preparing yourself for the rest of the bootcamp, and understanding how to connect to the INE Lab environment.

  • To brush up on Linux, the students will be playing OverTheWire Bandit OverTheWire: Bandit but you could also supplement with TryHackMe’s excellent Linux Fundamentals Course TryHackMe | Linux Fundamentals

Week 2: Getting started in Penetration Testing Prerequisites
In Week 2 of bootcamp we will be using the INE Course material to learn the penetration testing lifecycle, basics about HTTP(S), and how to “Find the Secret Server”. In the “Penetration Testing Prerequisites” section we are skipping the “Web Applications” Section, as we will come back to that in the later lessons when we do more web app pentesting. We are also having our first Guest Speaker who will be having a QnA Session with the students.

Read and Watch the Content from the following sections in Penetration Testing Prerequisities:

  • Introduction
  • Networking
  • Penetration Testing Lifecycle

Perform the following labs:

  • HTTP(S) Traffic Sniffing
  • Find the Secret Server
  • Data Exfiltration

Week 3: Information Gathering/OSINT
Here we are moving on to the “Penetration Testing Basics” section of the Penetration Testing Student course materials. Unfortunately, we don’t have time to hit the “Penetration Testing: Preliminary Skill and Programming” section of the course materials, but if you want to learn that material, feel free!

We are starting Week #3 with the most important part of a penetration test: Info Gathering!

Read and Watch the Content from the following sections in Penetration Testing Basics:

  • Information Gathering (this section incorporates alot of useful information for pentesting including OSINT, subdomain enum, and the reasons why info gathering is important)

Perform the Following Labs:

  • Subdomain Enumeration

Week 4: Footprinting/Recon/Nmap
In week 4 we will be getting into some more common tools like nmap, masscan, and understanding why we need to port scan. Week 4 will also introduce our second guest speaker for QnA to the bootcamp participants.

Read and Watch the Content from the following sections in Penetration Testing Basics:

  • Footprinting and Scanning

  • Vulnerability Assessment

Perform the following labs:

  • Nmap

  • Nessus

Week 5: Web App Pentesting
In week 5 we will be focusing entirely on web app pentesting, using Burp Suite, and going back to “Penetration Prerequisites” so that we can touch on the basics of Burp Suite and how the web works!

  • Read and Watch the Content from the following sections in Penetration Testing Prerequisites:
    • Web Applications - this will give students an overview of web apps, how they work and how to use the basics of Burp Suite

Read and Watch the Content from the following sections in Penetration Testing Basics:

  • Web Attacks

Perform the following labs:

  • Burp Suite Basics (from Penetration Testing Prerequisites)
  • Burp Suite (from Penetration Testing Prerequisites)
  • Dirbuster (from Penetration Testing Basics)
  • Cross Site Scripting (from Penetration Testing Basics)
  • SQL Injection (from Penetration Testing Basics)

Week 6: Exploitation
Finally in Week 6 we are getting to true exploitation of network-based targets! Students should now have a great grounding in penetration testing to be able to start popping some shells! Week 6 is also when we will have our 3rd speaker who will do a QnA session with the students.

Read and Watch the Content from the following sections in Penetration Testing Basics:

  • System Attacks
  • Network Attacks

Perform the following Labs:

  • Bruteforce/Password Cracking
  • Null Sessions
  • ARP Poisoning
  • Metasploit

Week 7: Black Box Labs and Career Advice
My intention for week 7 is that it would be a fairly relaxed week for the bootcamp participants so that they can deload the brain before the eJPT exam, re-organize their notes and try their hand at the blackbox labs. Those labs are definitely harder than the exam, but it will give them a good perspective on what is next in penetration testing.

Read and Watch the Content from the following sections in Penetration Testing Basics:

  • Next Steps/Career Advice

Perform the following Labs:

  • Blackbox 1, 2, and 3

Week 8: Take the eJPT Exam
Finally, we have reached the end of the road and it’s time to take the eJPT exam! Give yourself up to 3 days to take your time on the exam, and pass it with flying colors! In our real bootcamp, we are dedicating Sunday, Monday, Tuesday, and Wednesday for the students to take the exam, and in the last 3 days we will be having mock interviews to help the students improve their resumes, and to improve their interviewing skills.

I hope you enjoyed this blog post and can implement this schedule for yourself to stay disciplined with the Penetration Testing Student course materials, and so that you may consider offering a similar bootcamp for your own students!

Peace,
Aaron

How Can I Get A Chance to Attend This Bootcamp?

I have already selected the students, and it is only open to Penn State students since I am an alumni and I am supporting their internship requirements for their degree program.

But, I’m releasing the “Secret Sauce” so that you can follow this schedule at your own leisure. If doing this by yourself, I would recommend watching one long 45 min video from any of the following channels in replacement of “Speakers” from this bootcamp schedule:

I hope that helps, and let me know if you are going through this yourself and I’ll be happy to help!

1 Like

I actually have completed the Bandit Wargame and I follow Both John Hammond & The Cyber Mentor. They have been sources of inspiration to me. And I Plan To Take the eJPT soon and the timeline and resources you have provided would surely be a lot of help for me and help me stay on my path.

Thanks A Lot !

2 Likes

This is a well-done schedule! Thanks for sharing!!

1 Like