Practical Network Penetration Tester (PNPT) Certification and Training Review

Introduction

I wanted to improve my active directory skills to help me develop sharper penetration testing and red teaming skills, and the PNPT certification exam and training seemed to appeal to me. What interested me most was the emphasis on active directory attacks. As someone who is mostly self-taught I thought I’d try TCM Security’s training and certification offering as I’ve been following Heath’s work for the last couple of years.

In this blog, I will provide an in-depth review of the PNPT exam, training, and certification process as well as some additional benefits after passing the exam for applying to the Synack Red Team program.

PNPT Course and Training

Currently, you must purchase the entire course and exam package in order to have access to the material with your 2 exam attempts. There is no option to take the exam without the training.

At the time of this writing, the training and exam package is priced at: $499

For up-to-date information on the course and exam – you can check it out directly on their site here: https://certifications.tcm-sec.com/

The course is designed to equip you with the knowledge and tools necessary to succeed in the exam and, more importantly, in real-world penetration testing scenarios. Everything in the exam is found in the coursework. So you don’t have to feel like you need to go outside of the provided training

The course content is comprehensive, covering a wide range of topics, including:

  • External Reconnaissance/OSINT: Gathering information about a target network from publicly available sources
  • Vulnerability Scanning and Exploitation: Identifying and exploiting vulnerabilities in network services and applications
  • Active Directory Exploitation: Attacking and compromising Active Directory environments
  • Privilege Escalation: Gaining higher-level privileges on compromised systems – Windows and Linux
  • Domain Persistence: Maintaining access to a compromised network

The course is delivered through a combination of video lectures and hands-on labs – some labs can be downloaded directly and setup as a VM to attack on your local network. Additionally, you will be taught to setup an AD environment from scratch to attack, which I thought was incredibly insightful.

The labs are particularly valuable, as they allow you to practice the techniques you learn in a realistic environment. Heath is very knowledgeable and experienced, and he provides clear explanations and demonstrations on the videos.

PNPT Exam

The PNPT exam is unlike any other certification exam I’ve taken as it is less “CTFy” and more realistic. It’s a 5-day, entirely hands-on penetration test of a simulated corporate network. There are no multiple-choice questions or theoretical scenarios. You’re given a target network and tasked with finding and exploiting ALL vulnerabilities.

Disclaimer: I failed this exam twice and had to use up my free retake, and pay $100 for the 3rd attempt. One of the unique selling points of this exam is that TCM does not profit from failure. And they also give you a hint to help you pass the exam on the next attempt. 

Having the CTF mentality set me back as I was trying to pwn all of the machines. I had to switch to a different mentality and think about what I’d do in real life which helped me push through and pass in the end.

The exam is challenging but incredibly rewarding. It pushes you to apply your knowledge and skills in a realistic setting, forcing you to think creatively and adapt to unexpected challenges. The time constraint adds an extra layer of pressure, simulating the urgency of real-world penetration tests. 

From my experience, I’ve had penetration tests that were required to be completed in 1 week aka 5 business days, just like this exam. And I’d be writing up the report on the weekend if I was on a time-crunch. More on this in the next section.

PNPT Report and Debrief with Live Assessor

After completing the penetration test, you have two days to compile a professional report detailing your findings and methodology. This is a crucial part of the exam, as it demonstrates your ability to communicate technical information clearly and concisely to non-technical stakeholders. Don’t worry, report writing is covered in the course and they also give you access to templates you can use. I ended up using templates I’d used for other “similar” exams.

The final step is a live report debrief with a TCM Security assessor. This is your opportunity to present your findings, answer questions, and defend your methodology. I’ve had the chance to do this in real life at my job, but for someone who is just starting out, I think this is a very valuable experience as it helps you prepare for actual on-site work when you have to debrief to your client. This is also a chance for you to practice your public speaking skills if you struggle with it.

PNPT Certification Benefits and Synack Red Team Pathway

Earning the PNPT certification is a significant accomplishment. It’s a testament to your skills and knowledge as a penetration tester and a valuable asset for your career. The certification is recognized by prominent organizations and institutions and is gaining more and more recognition in the cybersecurity industry. TCM has a really good marketing team, and they are always promoting at the big cybersecurity and hacker conventions like Defcon.

One of the main benefits of getting the PNPT is that you can get an expedited onboarding experience at Synack Red team through their Pathways program. More information here: https://www.synack.com/red-team/pathways/

Synack Red Team is a “Penetration Testing as a Service” platform where companies can crowdsource security. Think of a bug bounty program like HackerOne except that this is completely private and you don’t have to compete with other bug bounty hunters. 

By passing the PNPT and taking their PCRP(Practical Career Ready Professional) program afterwards, you can get the following perks:

  • Resume bypass
  • Technical review bypass for web and network skills on the HTB platform

IMO, if you are looking for your first job in offensive security, this would probably be a good place to start or you can use Synack Red Team to supplement your current income.

My Overall Impression: Highly Recommended

I highly recommend the PNPT exam, training, and certification to any penetration tester or cybersecurity professional looking to validate their skills and advance their career. The training is comprehensive, the exam is challenging but rewarding, and the certification is a valuable asset for your resume.

The PNPT is not for the faint of heart. It requires dedication, hard work, and a passion for cybersecurity. But if you’re up for the challenge, the PNPT is an excellent way to prove your skills and take your career to the next level.

If you are interested in taking the PNPT training, exam and certification, check it out here: https://certifications.tcm-sec.com/

More Posts

Discover more from Hidden Door Security

Subscribe now to keep reading and get access to the full archive.

Continue reading