PJPT: Your First Step into the World of Cybersecurity and Penetration Testing
Introduction
A little while ago, I achieved a significant milestone by successfully passing the Practical Junior Penetration Tester (PJPT) certification exam offered by TCM Security. With this write-up I hope to help and inspire others interested in embarking on this journey. Through my experiences, I intend to shed light on what it takes to conquer the PJPT exam and provide some valuable insight on your first steps on the way of becoming a Pentester.
Who is this certificate designed for?
If you’re just starting out in the cybersecurity world or thinking of leveling up your current IT career, this certification is the right one. Even if you are already an experienced IT professional and want to back up your penetration testing skills or simply love soaking up new knowledge, it’s got you covered.
What and how do I study for it?
“PEH is all that is needed for PJPT” is a sentence I see daily in the TCM discord and it is 100% true. You can take the exam right after finishing the PEH and you are more than ready. So what is the PEH? The PEH (Practical Ethical Hacking) is the course you get when you purchase the PJPT exam voucher and is in my opinion the right way to start your journey into the amazing world of Cybersecurity. You are going to learn things like Active Directory, Web Application Penetration Testing, Hacking Methodology and much more.
The most important thing you have to do is to take good notes. Not only for this certificate, but for yourself going forward on your journey in this field. You are always going to come back to your notes so keep that in mind when you take them.
What do I need to start the Exam?
As I was finishing up this write-up, I saw this question asked in the TCM Discord and thought I might add it here. While working through the PEH, you’ll set up a VM with Kali Linux, and that is really all you need. No Windows labs, no paid software, or anything else. If you run into any problems, then write TCM support an email, and you’ll be amazed at how good and fast they are in resolving issues.
The Exam
Unlike most certificates, the PJPT is not a multiple-choice exam where you can simply memorize material in a short amount of time, show no practical skills whatsoever and then go pass it. Instead, the exam replicates a real-life internal penetration test which shows your hands on skills and understanding of the methodology. Since it’s an open book exam, you can use your notes and look things up if you are stuck. Start the exam any time you want, read the ROE (Rules of Engagement) that you are going to receive when you start the exam and go for it!
Advice
Ever heard of KISS? No, not the band, but the acronym “Keep it simple, stupid!”. I failed the exam because I wanted to do things outside of what was taught in the PEH and not only wasted time but felt like giving up. A lot of people ask what other materials they should add to get ready for the PJPT but like I said, all you need is in the PEH.
If you ever get to the point where you want to stop trying or feel like you are not making any progress — take a break. Breaks are very important and you should take them by drinking water, eating something, or simply going for a walk and allow your brain to rest.
So, what’s next?
For me it would be the PNPT (Practical Network Penetration Tester). It builds on what you learned with the PEH and is an industry recognized certificate that is going to help you on your journey to become a Pentester.
Before we finish
At the end, I would like to thank the man himself, Heath Adams, better known as The Cyber Mentor, for giving me the opportunity to prove myself and for helping me go in the right direction towards my goal of becoming a Pentester. And I could not have done it without the support of the TCM Staff and the community for being by my side and helping me on the way.
Happy hacking! :)
