PJPT | TCM Security

Hello everyone, today I’ll be discussing my experience with the Practical Junior Penetration Tester exam by TCM Security.

Some background information on me. I’ve been dabbling with computers since 2021, I decided to YouTube “how to build a PC for gaming” and well one thing led to another. I had an insatiable appetite to understand what I was working with. I went to my local book store and picked up all sorts of hacking books and along the way I came across platforms like THM and Hack the Box and placed my energy there.

The course material is absolutely amazing Heath is a great speaker and had me immersed every step of the way. Building the lab environment before compromising it was pivotal for me. I say this because most of the time, I’m the type of person who thinks a million miles a minute and has to read the same page 3 times because I didn’t really read what I was looking at the first few times. From the way it was structured, to the actual exam experience it was as close to a day in the life of where i’d like to be as I could get.

My work is mainly built around Customer Service (bartending), and agriculture (farming) at 60 hours a week. During this I had two family members in critical condition I put over studies. I studied 2–5 hours a day until I was at 67% of the PEH course. This exam took me two attempts, 4 days apart. I know a lot of articles you’ll read before and after mine will tell you that everything you need to use is in the PEH course. For me, it was about 99% true but more on that later. I’ll tell you how I prepared brick by brick from conception to tangibility.

1. I developed my own methodology from enumeration to compromise. I’d draft this on my notes everyday during lunch break, and moved it to my note taking app on my desktop after work. I’d close my eyes and simulate myself taking the exam with everything I’d be trying and slowly crafted a step by step for myself. I feel this gave me the confidence to follow through and deter the stress of time.
2. I woke up earlier. My work is early in the morning at 7AM so I’d wake up at 4:30AM to exercise, plan the rest of my quarter, document my thoughts in my journal, and study an hour before work. I’d leave sticky notes on my screen with any questions I didn’t have time to look up or to ponder when I returned.

This is how I studied.

Now, I will write why I failed the first attempt below.

I requested four days off from both my jobs for this exam. I got really good sleep the night before and started at 10AM. The night before, I received some disturbing news and that did shake my center but I was determined to pass the exam! Perhaps a little too determined.

1. I didn’t sleep or eat for 40 hours from start to finish, and I took one 15 minute break during the exam.
2. I should’ve created a new Kali image separate from the one I use for HTB & THM, so the different versions of the tools used with “pimpmykali” would be less of a problem to troubleshoot because of other dependencies not being compatible with other versions of python.
3. I followed my methodology but failed to be flexible with new information, i didn’t realize if a route wasn't there it simply wasn't. This however has a lot to do with the way I think in general, I take this reason as one of the wins acquired from failing, just roll with the punches, sit with the feeling and then get up again. My friends, this is a journey for us all wherever we reside.

This is how I actually passed the exam:

1. I took breaks every 4 hours. I ate, had really amazing smoothies and took a walk for 15–20 minutes while listening to lofi.
2. I made sure all the tools I wanted to use worked 100% of the time.
3. I used cherrytree to organize my findings and flameshot to carefully document important images. When I got stuck and enumerated thoroughly, I had the brightest idea to go about it a different way, and it was the last straw on the camel’s back to take down what I thought at the time to be a Dark Soul’s boss.

This time around, it took me 12hours to compromise, I went to work 2 hours later, and wrote the report using the demo template provided when I came back home in 8 hours. I got my results the very next day.

PJPT FELLED