Exploring the Frontier of Mobile Security: My Beta Test Experience with TCM Security’s Practical Junior Mobile Penetration Tester (PJMT) Exam

Hello, dear readers! It’s been a while since I last penned down my thoughts, and I couldn’t be more thrilled to mark my return with an exciting update. Recently, I had the unique opportunity to be among the first to take the beta test for TCM Security’s “Practical Junior Mobile Penetration Tester” (PJMT). And guess what? I passed!

A Gentle Re-introduction

Before diving deep, for those who might be joining me for the first time or have forgotten the rhythm of my tech adventures, I’ve always been intrigued by the ever-evolving landscape of cybersecurity. This exam was a significant step in my journey, especially focusing on the niche area of mobile security.

Why PJMT?

With the exponential growth of mobile devices, ensuring their security is no longer a luxury; it’s a necessity. The PJMT by TCM Security isn’t just another certification — it’s a testament to the holder’s ability to understand, dissect, and secure mobile environments practically. This is exactly what drew me to it.

PJMT Exam Overview

Exam Cost: $199 including coursware.
Voucher Validity: lifetime voucher (with the free retake).
Exam Duration: 2 days to work in the lab environment and 2 days for reporting any discovered vulnerabilities.

The Beta Test Experience

On 16/09/2023, after work, I was traveling from my hometown to Bangalore. On the bus, boredom struck as sleep eluded me, so I started reading some blogs. Suddenly, on the TCM Discord channel, a notification popped up, announcing a need for five volunteers to beta test their mobile security certification.

The message :)

Without hesitation, I expressed my interest, and to my delight, I was among the first five to respond. Shortly thereafter, I received a message from Heath Adams, also known as TheCyberMentor. He inquired about my email to verify if I had completed the mobile pentest course. Truth be told, I hadn’t. Nonetheless, I did have work experience in mobile pentesting. To this, he responded that my experience sufficed and promised more information the following week.

True to his word, a week later, an email from TCM Security graced my inbox with all the necessary details. By the 21st of September 2023, I had secured access to the exam environment and promptly initiated the exam. I was pleased to find all the required tools for both static and dynamic testing already installed in the environment.

The examination criteria required identifying the maximum vulnerabilities, and furthermore, gaining administrative access to the API Gateway. I managed to accomplish the dynamic part and achieve the stated goal within an hour of starting, given it’s my strong suit. Following that, I tackled the static segment, completed my testing, and proceeded to the reporting phase. Once done, I uploaded my findings to the portal.

Two days later, a satisfying update landed in my inbox — I had successfully passed the exam.

Being part of a beta test is thrilling. It’s like being handed an uncharted map and embarking on a treasure hunt. There’s the inherent joy of discovery, combined with the challenge of navigating the unknown.

The PJMT exam was structured, concise, and to the point. What truly impressed me was its beginner-friendly approach. Often, tech exams can be daunting, filled with jargon that can scare away novices. This was not the case here. TCM Security seems to have taken extra care to make the exam accessible to those just dipping their toes into mobile penetration testing. Every task felt like a logical progression, building upon the previous one.

LINK: https://api.accredible.com/v1/frontend/credential_website_embed_image/certificate/85083900?key=9e5d79f6ae6e14571834392efc5d187009fac577bbb49a50957e5b4845b4fbda

PJMT: https://certifications.tcm-sec.com/pjmt/

Learning Points

1. Mobile Application Penetration Testing: https://academy.tcm-sec.com/p/mobile-application-penetration-testing
2. Damn Vulnerable Bank: https://github.com/rewanthtammana/Damn-Vulnerable-Bank

A Heartfelt Thanks

A huge shoutout to TCM Security for crafting such a well-thought-out exam and for offering me the chance to be part of the beta test. To everyone looking to delve into mobile penetration testing or broaden their cybersecurity horizons, I can’t recommend the PJMT enough!

In closing, I promise not to stay away for too long this time. With the PJMT under my belt, there are so many more adventures I’m eager to share. Until then, stay curious and keep learning!

Cheers,

Anil Tom

wanna connect

Twitter : Anil Tom

LinkedIn : Anil Tom