Preparing for the TryHackMe Junior Penetration Tester (PT1) exam. Detailed writeups for each room completed as part of the certification journey.
Comprehensive introduction to penetration testing concepts, methodologies, ethics, and practical application. Essential foundation for PT1 certification.
Fundamental security principles including CIA triad, privilege management, security models, threat modeling, and incident response. Core knowledge for pentesting.
Systematic web application exploration techniques including source code analysis, developer tools usage, and network monitoring for security assessment.
Techniques for discovering hidden content, directories, and files on web applications including manual methods, OSINT, and automated tools.
Expand attack surface by discovering subdomains using OSINT (CT logs, search engines), DNS bruteforce, and virtual host discovery via Host header fuzzing.
Practical auth testing: username enumeration, brute force with ffuf, logic flaws, password reset abuse, and cookie tampering.
Access control testing: spot IDORs in query/path/API calls, test predictable IDs (base64/hash), and use two-account swaps for random IDs.
Exploit LFI/RFI and directory traversal: ../ payloads, common file targets, filter bypass patterns, and report-ready remediation.
SSRF fundamentals: entry points, regular vs blind SSRF, common impacts, and bypassing deny/allow lists (DNS tricks, open redirects, path normalization).
XSS fundamentals: reflected/stored/DOM/blind XSS, payload intentions, escaping contexts, filter bypass tricks, and a blind-XSS callback lab.
TOCTOU and concurrency bugs: double-spend, duplicate coupons, and inconsistent state. Test with parallel requests in Burp Repeater.
Command Injection (RCE) basics: detect blind vs verbose execution, use safe payloads for Linux/Windows, and understand core remediation patterns.
SQLi essentials: identify error/union/boolean/time-based injection, confirm impact with minimal proof, and report proper remediation (prepared statements + least privilege).
