While there are so many different PNPT reviews, I wanted to throw my review out there from a perspective of a non-traditional route into the cybersecurity/penetration testing career field.
In all honesty, I have finished the exam, written the report but have still yet to hear of my results or when I will do my client out brief. But I am confident in my product and know I will be notified soon.
So, what is the PNPT?
The Practical Network Penetration Tester certification is a ethical hacking certification exam that assesses a student’s ability to perform an external and internal network penetration test at a professional level.
In order to receive the certification, a student must:
· Perform Open-Source Intelligence (OSINT) to gather intel or how to properly attack the network
· Leverage their Active Directory exploitation skillsets to perform A/V and egress bypassing, lateral and vertical network movements, and ultimately compromise the exam Domain Controller
· Provide a detailed, professional written report
· Perform a live 15-minute report debrief in from of assessors, comprised of senior penetration testers
Whoami?
I am 44 years old and retired from the United States Air Force after 23 years of service. While in the Air Force, I worked in Law Enforcement and Security my entire career. I was a Military Working Dog Handler/Trainer for most of my career. But while I was on Active Duty, I saw the need for better security on the Internet and set out to get my bachelor’s degree in Information Systems Security. So, post retirement, I was looking for a career change.
Thankfully, I was able to work as an Intern for Digital Defense for about 5 months using the SkillsBridge program. Right when my internship was about to be over, I notified my management that I was going to start job hunting and I maybe out doing interview, etc. About 2 days later, my manager notified me that there was a position opening and they would love for me to stick around if I was interested. OF COURSE, I WAS, who wouldn’t be. So, one of the prerequisites was to get Security +, which I did and started working full time as Vulnerability Analyst for the 1st year post military.
From there, I started to do a lot of CTF’s and was introduced to Hack the Box and also continued to study hard. I took the eJPT course from eLearnSecurity and passed that certification. It was awesome because it was a practical exam, not a standard multiple choice only type of exam. This led me to the path of Penetration Testing.
When I started out on this journey, I honestly knew nothing, so I turned to the internet to start my journey to knowledge…Insert TheCyberMentor here…aka Heath Adams…aka hmaverickadams. His videos really started to assist me in learning. Another opportunity opened at work to transfer over to the Penetration Testing team, and I was really excited about it but nervous at the same time, because to be honest, I’ve never done anything like it before. The office let me know if I was wanting to do this type of work that Certified Ethical Hacker (CEH) was a necessary certification to obtain. So back to the grind I went, I am just a year into an Analyst position and trying to set myself up to be on the Penetration Test Team…Hell yeah!!! So, I smash the books again. This material for CEH felt like an extension to Security +. Almost the same stuff with some hacker terms inserted here and there. The whole CEH experience was odd, still no hands-on experience, just be ethical in your decision making. Of course, I passed this multiple-choice exam as well and was ready to start my venture down the road of Ethical Hacking.
Now at work they didn’t just throw me to the wolves, I have great mentors and colleagues. I was conducting a LOT of Remote Social Engineering Engagements, A LOT, did I stress A LOT, for the first 6 months or so. But this gave me the great understanding of the End User and how vital they are for a penetration tester and understand the method needed to extract passwords from them. Also, a lot of studying was still happening. I was accepted to SANS and used some of my GI Bill to take some of the courses through SANS but realized these course and exams really weren’t helping me…They provided a TON of book knowledge, but I don’t learn like that, I’ve tried it over and over, I just don’t learn well like that… I must DO IT…TRY IT…FIGURE IT OUT. That is how I learn. I took the Incident Handler (GCIH) and Web Application Penetration Testers (GWAPT) courses from SANS and realized this path of learning just wasn’t for me.
In comes the PNPT and the eCPPT courses. I purchased both courses based on the reviews I was seeing and started both at about the same time. I chose that I needed to focus on one of them at a time and chose the PNPT.
The PNPT package that I purchased was $499, it included the exam (with a retake) and 5 courses, and I ended up paying $320 with a coupon code. The courses are Practical Ethical Hacking, Linux Privilege Escalation for Beginners, Windows Privilege Escalation for Beginners, Open-Source Intelligence (OSINT) Fundamentals, and the External Pentest Playbook. Right now, that exact bundle is $399 on the tcm-sec.com website. In comparison to the $1556, I paid for the eCPPT course material.
To me, this was a STEAL of a deal! I was ready to hit the books…the good news is, these courses aren’t books, they are videos of Heath doing live work showing you examples and walking the student through doing the same thing on multiple platforms, like Hack the Box and Tryhackme, as well as building your own Active Directory Lab environment to play around in. Heath explains what things are, why certain things work and what to do, IF something doesn’t work. It was a refreshing experience to be able to go through all the material. To top things off, if you get stuck, there is a Discord channel you can ask questions in to help you troubleshoot your issue. I honestly never had to ask a question in Discord because the search feature. Someone had already encountered the issues I encountered and were already addressed. Alright, enough about me and my journey…let get into this journey of the exam.
PNPT EXAM TIME
Once you notify the academy that you are ready to take your exam, you will be emailed a link to schedule your date. I wanted to take this over the weekend so, I scheduled it for Friday May 6th, 2022 at 8:00am. On the day of the exam, I was emailed a scoping document with all the rules and out of bounds areas you need to know as well as how to submit your report and how to contact assistance if you have issues during the exam environment.
In my exam environment, I was met with having to conduct OSINT, testing targets on an external network, pivot to an internal network and then testing a Windows Active Directory (AD) environment to try and find a path to Admin on the Domain Controller. To say the least, I was confident in my AD work, since that is what I see almost every day at work. I knew the attack vectors in AD and knew what I could do with different types of account and how to utilize certain types of credentials to get further into systems. But first, I had to get there…I had a few different roadblocks that I will not disclose, but let me tell you something, you have 5 days to finish this exam and on day 2, I was worried I wasn’t going to get it done. But trust your training and pay attention and you can get it done. I was able to get to Domain Admin at the beginning of day 4 and was so relieved, then I went to sleep, without anything on my mind. Going into the test, make sure you understand Linux environments, Web Applications and of course Widows Active Directory environments. Don’t take for granted your OSINT!!!
Looking back at the entire thing, it has been a great experience. I loved the opportunity to be in an exam environment and learn while I am under pressure. There were instances where I was stuck but knew I had enough time to research and even re-watch some of the course material to ensure I was conducting things as I should, which was a huge relief. Everything that I encountered in the exam was a topic in the course material, although you need to understand every topic because some of them are covered more extensive than others. I also wanted to applaud TCM and his crew for a stable environment. I had no issues, and my updated Kali image had no issues where I had to revert to older tools to get things to work.
All in all, wonderful experience as I sit here and wait to hear from TCM on the validity of my exam and report and allow me the opportunity to give my 15-minute out brief. From this old, retired Security Forces E8, if I can learn new tricks, so can you and the TCM Security Academy will get you to where you want to be!
I was hesitant to publish this before I got my results…, but as you can see, I passed. On to the next one, eCPPT.
