So, is this why I’ve not posted anything for these past four months? Well, in part yes. I took the summer off from writing to work on a number of projects outside my day job and recharge as I’ve not really done that sort of thing for a while.
Which leads us to this goal. I finally took the time to take this exam and let me tell you, it was well worth it.
For those of you who are not aware, the PNPT is the Practical Network Penetration Tester certification from our friends at TCM-Security (https://certifications.tcm-sec.com/pnpt/).
Roughly 2 years ago, Heath Adams, the owner and founder of TCM Security, created the PNPT certification for the purpose of filling many gaps in Cybersecurity training. At the time, there wasn’t a certification and related training program that provided the real world experience of a simulated penetration test from start to finish.-
What does the PNPT exam entail?
The PNPT certification exam is a one-of-a-kind ethical hacking certification exam that assesses a student’s ability to perform an external and internal network penetration test at a professional level. Students will have five (5) full days to complete the assessment and an additional two (2) days to write a professional report.https://certifications.tcm-sec.com/pnpt/
You can either purchase a voucher (includes one free retake) for the exam standalone or the entire course and exam voucher. I would recommend purchasing the entire course and voucher. The reason being as the course materials are updated periodically and you have lifetime access to them. It can be one of the ways you can keep your skills up to date. The certification expires every three years and yes, you can use Continuing Education Credits to renew the certificate. Details are available at: https://certifications.tcm-sec.com/continuing-education-credits/.
I won’t go into the details of my exam report nor the what I presented in the live 15 minute debrief, yes, you read that correctly. There is a live debriefing meeting where you present your findings.
For the debrief, you can either go over specific portions of your report or create a high level presentation. I would recommend going the route of the presentation as that’s what you do in real life. You only have 15 minutes for the debrief and doing a presentation allows you to hit the high points from the report in a way, I feel, makes everything flow easier.
As for what to do to prepare for this exam. I will say that everything you need to know is in the course materials. There are five separate courses that are bundled into the course with exam voucher:
- Practical Ethical Hacking. This is the core of the material and what many OSCP candidates still recommend for study prior to taking the OCSP exam.
- Windows Privilege Escalation, one of the recommended sources of material for OSCP studies.
- Linux Privilege Escalation, again, one of the recommended sources of material for OSCP .
- Open-Source Intelligence (OSINT) Fundamentals, this is a great introduction to OSINT, highly recommend this.
- External Pentest Playbook, this covers things like your Rules of Engagement, Scoping and the very important and whole reason for a penetration test, the report.
These five courses provide a hugs amount of knowledge for the money that’s beyond compare anywhere else. That’s not to say they are the end all of what you need to know. You should still study the concepts presented elsewhere to hone those skills. Try Hack Me is a great place to go and it’s not very expensive.
Now then, if you are like me, you need to practice your skills to ensure that you have absorbed the materials. These are some of the additional items I would highly recommend:
- Movement, Pivoting and Persistence (MPP) from TCM Security Academy. Currently this not part of PNPT materials but it does make a good addition to your training for both the PNPT and the OSCP. It reinforces some concepts and provides you with your own local AD lab for practice.
- Wreath, this is included with the $10 monthly subscription to Try Hack Me. Here you will learn pretty much everything you need on pivoting. It does cover some of the material in the TCM course but give you yet another lab environment for practice.
- Throwback, this costs $60 for 30 days access in addition to your monthly access. Here you encounter a live AD lab where you use everything you learned in the PNPT and MPP course materials.
Some closing thoughts here. If I were to do this all again, I think I would have actually done the PNPT Exam before attempting the OSCP training and exam. Much of the material I had taken to help me along with the OSCP is part of the PNPT and I think I would have had a much easier time in pursuing the OSCP.
So, for anyone who is looking to make the jump into a penetration testing career, I would recommend the following. This of course is not a comprehensive list. Your personal preference, knowledge level and goals will drive much of what you will do, but I think these are the basics that you should have under your belt:
- CompTIA Security+ as it’s a requirement for many jobs.
- CompTIA Network+ is very useful especially if your IT experience is limited.
- The PNPT as this covers so much, provides you context for further study and really sets your expectations for both real world work and continuing your learning/training.
- The OSCP is a personal choice. It is expensively hard to reach but I still think it was worth the time, effort and money. It’s still a gold standard that will round out your certifications well. The current version of the exam finally does cover Active Directory as a passing requirement, but it still lacking in that real world experience you gain from the PNPT.
Until next time!