Studying for and passing the Practical Junior Penetration Tester (PJPT) certification by TCM Security was both a challenging and rewarding experience. Unlike many certifications that focus primarily on theory, the PJPT is entirely hands-on and mirrors the workflow of a real-world penetration test. During the exam, I was required to enumerate systems, identify vulnerabilities, exploit them where possible, and connect the dots to demonstrate a full attack path. This process forced me to rely not only on technical skills but also on problem-solving and persistence, which made the achievement all the more meaningful.
One of the aspects I appreciated most about the PJPT is that it goes beyond the technical exam. After completing the practical portion, I was tasked with writing a professional penetration testing report that summarized all of my findings. This included documenting the vulnerabilities I discovered, detailing the steps I used to exploit them, and, most importantly, providing clear remediation recommendations. Learning to translate technical results into a format that clients and stakeholders can understand was a valuable skill in itself. It emphasized that penetration testing is not just about breaking into systems—it’s about communicating risk and helping organizations improve their security posture.
The preparation for this exam was made significantly smoother thanks to the courses included with the exam voucher. These courses were extremely insightful and structured in a way that built my skills step by step, from reconnaissance and exploitation to report writing. The labs provided realistic practice scenarios, while the explanations ensured that I understood not just the “how,” but also the “why” behind each step. I found the material so comprehensive that I’ve chosen not to share my notes, as I strongly recommend anyone preparing for the PJPT to dive into the official resources themselves to get the full learning experience.
Earning the PJPT was also an important milestone in achieving my bigger goals for 2025. Alongside pursuing the BTL1 certification from Security Blue Team, I am working to build a well-rounded foundation in both offensive and defensive security. These certifications, combined with continuous learning and hands-on practice, are stepping stones toward landing my first role in the cybersecurity field. The PJPT not only sharpened my technical abilities but also gave me practical experience in professional reporting—skills that will directly benefit me as I move into the industry. Completing this certification has reinforced my motivation, and I’m excited to continue building on this momentum throughout the year.