• Diving into PNPT
  • The exam

PNPT certification from TCM Security

Is the PNPT certification from TCM Security worth it?

Written on 2023-09-21
Written by Remco Kersten

Cybersecurity, a term that is becoming increasingly significant, not just in the world of IT but in our society at large.

Every day hundreds of software products are designed, thousands of servers get deployed in data centers, all interconnected by the magic of the internet, making our lives ever more convenient. "Order today, receive it tonight," "maintaining a travel blog for those at home," and "letting AI automatically fill in my calendar" have become norms.

However, while these technological advancements bring numerous benefits, they also conceal a significant threat: cybercrime. We all know the stereotype – men in white masks, stealing your holiday photos!


Just kidding! No holiday photos, nor white masks, but it’s still something we need to think about.

Software and networks are becoming more complex, and every day it becomes harder to manage your IT infrastructure. The art remains in maintaining your network as stable, fast, and, most importantly, as secure as possible.

To enhance my knowledge in cybersecurity, I decided to go for a practical cybersecurity certification. I heard great reviews about PNPT by TCM security. Some even claim that the level of PNPT and OSCP are very comparable, there are at least Active Diretory focused.

(Yes, certifications like CEH or Pentest+ are options, but I wanted a practical exam.)

Diving into PNPT

I decided to enroll in the course and get started. The course comprises videos with labs. Some labs are downloadable as VM, and some are from Hackthebox and Tryhackme, which offer some of the used labs for free. Additionally, during the course, you set up an local Active Directory environment to test for vulnerabilities. The course is segmented into five modules, which I'll summarize below.

Practical Ethical Hacking

In this module, you’ll learn the fundamentals of cybersecurity and penetration testing. You are introduced to basic networking, phases of ethical hacking, OSINT (open source intelligence), common services (HTTP, SSH, DNS, etc.), their associated vulnerabilities, Active Directory, web application, and numerous labs.

Linux Privilege Escalation

Suppose you succeed in hacking a Linux machine. You've managed to secure a user account, but this user doesn’t have enough privileges to access valuable information or execute other tasks on the machine. Privilege escalation refers to gaining more rights, either by exploiting a vulnerability on the machine or "hack" a service account used by a process, and so on. This module dives deep into these aspects, offering a hands-on learning experience.

Windows Privilege Escalation

Yeah, the same as Linux Privilege Escalation, but this time focused on Windows.


OSINT is a crucial component in cybersecurity. It educates you on how to find public information on the internet. This encompasses social media, but also details about a website's infrastructure that can be uncovered through DNS, extracting information from images, and much more!

External playbook

In this section, you will learn what an external playbook is. You'll be guided through the process of crafting a plan for conducting an external penetration test, collecting information in a structured manner, and writing a advice report on your findings.

The exam

The exam consists of a penetration test that you perform in a network environment. The exam lasts a total of 7 days, of which you have 5 days to conduct the penetration test itself and subsequently 2 days to write a report. In this report, you present your findings along with advices to patch those findings.

Unfortunately, I am not allowed to disclose too much about the exam itself, but I can assure you that it is a very enjoyable experience, and the exam is based on a real-life scenario. Thus, by passing the PNPT certification, you truly demonstrate relevant penetration testing skills!