pnpt review and guide
PNPT Review and Guide
after a few years since i got the oscp in 2021 and a ton of other certs, i decided to start writing reviews and personal guides to how others can succeed.
what is the pnpt
the pnpt or practical network penetration tester certification is a pentesting cert that focuses on AD networks. this cert also incorperates osint as part of the course and examination, which so far in my journey is unique.
this cert however lacks in many areas as ill come to talk about.
the content
the content can be described as sub-par. this content is all exclusively video content, and you can buy it seperately without the exam attempt, or with the exam.
the content is organized in topics, however, they are videos with no timestamps like youtube videos so you kinda just have to watch the entire thing everytime you are looking for a specific tactic. moreover, a lot of the content is very very entry level. this cert is advertised as being a intermediate level cert; however, this far from intermediate. if i had a gun to my head and you told me to give you my honest opinion i would say this cert is as entry level as it can get (pjpt proved me wrong).
as an osint course, and examination its not too bad. hack the box has definitely done a way better job with their osint module. nevertheless the osint on the exam is fun. however, the course material is not necessarily tied in with the exams. its almost like the course material is its own thing and the exams were built around the existence of the course material if that makes any sense.
as an ad course, its horrible. it barely touches on any of the major topics that you see in corperations. nothing is ever beyond the complexity of a tool. what i mean by that is a tool is almost always out there that solves your solution, you don’t have to think your way through the course, you can just keep trying tools till you get it right. this doesn’t completely apply to the exam but you get the point.
the exam
5 days with an osint, external, and internal portion of the exam, you also need to provide a report. they give you two days to do that after the 5 day period, or before if you’re fast. and then they give you a 15 minute debrief which is just roleplaying like you did a real pentest. i can see how that can be cool for someone who is new to the field but for anyone that isn’t, its not necessary at all…
i don’t want to say anything about the exam, because i like my cert and i dont want it revoked, but the exam is not hard, its super easy and infact even heath says it is. if you find yourself over thinking it then you’re doing something wrong. a seasoned pro can do it in 1 day. i did it in 2 cause i suck.
who should get the pnpt
honestly i can only recommend this to the absolute beginners, that are too intimidated by hackthebox. otherwise, don’t take it.
how to prep
watch the videos
the exam is an after thought for the company, they worked on the videos first and did the exam based off the videos. if you can focus only the content in the videos then you can easily pass the exam.
do hackthebox
doesn’t hurt, it’s obviously the best platform
conclusion
get the cert if you’re a beginner, don’t if you’re not.
best, gerbsec