Personal notes for the Practical Junior Penetration Tester (PJPT) certification from TCM Security.
Based on the Practical Ethical Hacking course.
- Note Taking - Tools and methodology
- Networking - IP, MAC, TCP/UDP, ports, OSI model, subnetting
- Kali Linux - Commands, navigation, services, scripting
- Python - Basics through sockets and file I/O
- Information Gathering
- Passive recon, subdomains, website tech identification, Burp Suite
- Scanning and Enumeration
- Exploitation Basics
- SMB/SSH enumeration, vulnerability research, password cracking, reverse shells
- AD Overview - Components, data store, logical structure
- Initial Attack Vectors
- LLMNR poisoning, SMB relay attacks
- IPv6 Attacks
| Module | Status |
|---|---|
| Note Taking | ✅ Done |
| Networking | ✅ Done |
| Kali Linux | ✅ Done |
| Python | ✅ Done |
| Ethical Hacker Methodology | ✅ Done |
| Information Gathering | ✅ Done |
| Scanning and Enumeration | 🔶 Partial |
| Exploitation Basics | ✅ Done |
| Active Directory Overview | ✅ Done |
| AD Initial Attack Vectors | ✅ Done |
| AD Post-Compromise Enumeration | ⬜ Not Started |
| AD Post-Compromise Attacks | ⬜ Not Started |
| Domain Compromise | ⬜ Not Started |
| Additional AD Attacks | ⬜ Not Started |
| Post Exploitation | ⬜ Not Started |
| Web Application Enumeration | ⬜ Not Started |
| Web Vulnerabilities | ⬜ Not Started |
| Wireless Pentesting | ⬜ Not Started |
| Legal and Report Writing | ⬜ Not Started |
These are personal study notes. For comprehensive learning, take the official course.
