Introduction to TryHackMe PT1 Certification
TryHackMe has introduced a new certification called PT1, targeting junior penetration testers. This article provides a thorough and honest review of the certification.
The THM PT1 certification is lauded for its affordability, realistic environment, and comprehensive approach to evaluating penetration testing skills. While it has its limitations, especially the intense time frame and potential overreliance on AI grading, it stands out as a significant and promising addition to the cybersecurity certification landscape.
Who is TryHackMe PT1 For?
THM PT1 is ideal for individuals who want to move into red teaming or penetration testing. It gives a realistic glimpse into what the actual job entails by simulating full engagements, including vulnerability exploitation, lateral movement, and report writing.
If you’re already working in a blue team role (e.g., in a Security Operations Center or doing detection work), PT1 helps develop an offensive mindset. Understanding how attackers think and move can enhance your defensive strategies and broaden your career prospects.
The certification is not aimed at those simply looking to add another name to their resume. It’s for learners who are ready to invest time, effort, and critical thinking into acquiring real, applicable skills. PT1 demands that candidates show they can analyze environments, document findings, and manage real-world scenarios, making it much more than a theoretical test, it’s a job simulation.
TryHackMe PT1 Exam Structure
The TryHackMe PT1 exam is composed of three core parts: web application, network, and Active Directory testing. Unlike traditional CTFs (Capture The Flag), PT1 emphasizes real-world scenarios, requiring candidates to write professional reports with CVSS scores and remediation suggestions. The exam environment is designed to simulate an actual penetration test engagement.
Rather than focusing on popping shells or finding flags, the exam demands a holistic approach, discovering and understanding a broad range of vulnerabilities. This aligns with how professional penetration testers evaluate systems in real-world settings.
The PT1 requires candidates to write a professional pentest report, including:
- CVSS scoring of vulnerabilities
- Suggested remediations
- Clear and structured documentation
Exam weighting: Web App (40%), Network (36%), AD (24%), indicates a broad skill assessment.
Candidates undergo ID verification but are not proctored, allowing for a less stressful testing environment. The exam is randomly generated per attempt, enhancing uniqueness and security.
Candidates have 48 hours to complete the exam and report, and they can freely switch between the three environments. The platform is stable, which contrasts with the frequent glitches seen in other exams.
TryHackMe PT1 Exam Cost
In terms of cost, PT1 at $297, which is slightly more expensive than PJPT or EJPT (around $249). However, it includes three months of TryHackMe premium access and one free retake, which adds value.
TryHackMe PT1 vs Other Certs
THM PT1can be compared to several other certifications like CompTIA Pentest+, TCM’s PJPT and PWK/OSCP. While PT1 is not the cheapest, its practical, hands-on focus sets it apart. PT1 is favored over theoretical certs like Pentest+, which rely heavily on multiple-choice questions and lack practical depth.
PT1 stands out for being entirely hands-on, with no multiple-choice questions. It contrasts with Pentest+, which is described as largely theoretical, with only a few practical or performance-based tasks. I feel that Pentest+ does not truly assess one’s readiness to be a penetration tester.
Areas for Improvement
The 48-hour window is deemed unrealistic for conducting thorough testing and reporting across three different environments.
The use of AI to grade reports raises concerns about the accuracy and depth of evaluation. Moreover, there is a lack of TryHackMe content that truly prepares candidates for this exam’s comprehensive approach.
Preparing For THM PT1
Do not to approach the exam with a CTF mindset. Understanding and respecting the scope is essential, glossing over details can result in failure. Preparation using the provided learning path is vital, and candidates should allocate dedicated, uninterrupted time to complete the exam. It integrates hands-on practice using tools like Burp Suite, Nmap, and Metasploit, fostering practical knowledge over memorization.
THM PT1 Study Notes
Coming very soon, stay tuned. You can check out other study notes from below link:
THM PT1 vs THM SAL1
THM SAL1 is TryHackMe’s counterpart to PT1 in the defensive domain. It focuses on developing the skills required to detect, analyze, and respond to security incidents. Candidates learn about SIEM tools, log analysis, threat hunting, and incident response processes. However, THM PT1 is a practical certification aimed at individuals aspiring to enter red teaming or offensive security roles. It features a fully hands-on exam with no multiple-choice questions. Instead, candidates break into machines, escalate privileges, pivot through networks, and write detailed penetration testing report.
While PT1 and S1 serve different purposes, they are not mutually exclusive. In fact, mastering both offers a 360-degree understanding of cybersecurity. Knowing how attackers exploit systems (PT1) enhances one’s ability to detect and defend against them (SAL1), and vice versa.
TryHackMe Walkthroughs
Checkout the playlist below on my YouTube channel for TryHackMe Walkthroughs.