TCM Security’s Practical Network Penetration Tester (PNPT); A certificate that showcased my gradual progress and grit over the past 2 years as I studied to pass the exam. I remember finishing all 5 courses, especially the acclaimed ‘Practical Ethical Hacker’ course by Heath himself, and thinking to myself “I cant wait to take the examination and pass!”. Boy was I so wrong…
I won’t explain what the PNPT is (If you can’t even google this you’re cooked) in this post. Instead, I’ll be talking about my personal experiences throughout all the failed attempts, especially what was running through my head at each point of time.
1st Attempt - Failed
I’ll be honest; I wasn’t expecting to pass LOL. I only took the exam because I had to enlist into National Service in a month or so, and just wanted to try my luck. “What if I passed? then I could move on to other things!” was the thought running through my head.
How did I fare? Failed miserably. Let alone Internal Active Directory exploitation, I didn’t even get past the external pentest portion of the examination. I struggled so hard and only partially completed the first step of the exam environment. Needless to say, I was pretty demoralized. But looking back, that may not have been a bad thing! It really humbled me, and motivated me to study harder.
- This was probably the catalyst that motivated me to continue studying even while serving in the military (we have no rights, we have no say, and we long to get our 2 years back one day)
2nd Attempt - Failed
I took my 2nd attempt around May 2025 if I’m not wrong, and it was a pretty painful experience. I spent 4 days on the same step I was stuck on, foolishly trying the same things, before something clicked in my brain that told me to enumerate more. Fast forward 8 hours later and I was on the penultimate machine before I got stuck once again and ultimately failed the exam.
At that point in time, I didn’t really mind failing because the euphoria from getting pass that external-portion was good enough for me. Looking back, the reason I failed was most probably due to mental fatigue. I was so defeated by the external-facing portion of the examination that I quite literally did not have the “stamina” to continue compromising the domain anymore. Coupled with the scarce amount of time remaining (<24 hours), it’s not surprising that I performed poorly and failed.
- By the last few hours, I wasn’t even thinking properly anymore and since I didn’t use a checklist, I was searching through the same things over and over again.
- It doesn’t help that the mental fatigue caused me to be careless as well.
3rd Attempt - Failed
Third times the charm, right?… STUCK ON THE PENULTIMATE MACHINE AGAIN. I took my third attempt on October 2025-ish and this attempt mentally broke me. I had just completed HTB Academy’s Pentester Pathway, as well as grinded out ~40 boxes across THM and HTB Labs but still made zero progress whatsoever.
It honestly broke my heart as I felt that all my efforts were fruitless and meaningless. I unironically suffered from self-esteem issues as I couldn’t believe how worthless I was; HTB Academy + Course materials + THM and I still couldn’t pass!?!? I nearly wanted to give up and quit my pen-testing studies entirely but somehow I built my mental fortitude back and kept grinding.
- Looking back, no matter how embarrassing it is to fail the PNPT 3 times, I’m extremely proud of myself for not throwing in the towel, and continuing to study and practice despite all the setbacks and adversities.
4th Attempt - Passed
Before I start talking about finally passing the PNPT, I would like to talk about a quote that has stuck with me for many years, and has helped me persevere even when I feel like giving up.
“Heaven Rewards The Diligent” I originally found this quote while reading this web-novel (No, I’m not kidding) and it really stuck with me as just like how the protagonist was able to achieve mastery through trial and error, I was able to gradually improve and eventually pass the PNPT with relative ease as well.
- This quote re-affirms me that my hard work and consistent practice will lead to qualitative improvements, and that all my blood, sweat, and tears will pay off some day.
I took my 4th attempt on April 2026 and finally managed to pass! And the ironic part was it was extremely easy and only took me ~5 hours to compromise the entire domain. I made it back to where I left off and tried every single technique documented in my notes. I would then continue enumeration to find more information before repeating the same steps again and again.
Eventually, I found out how to progress to the last machine, and IT WAS SOMETHING SO EASY AND SIMPLE. The worst part? I already found that information on my second attempt but didn’t use it properly. That honestly made me burst into laughter as I couldn’t believe I made such a rookie mistake.
I laterally moved to the last machine and compromised it within one hour. It was extremely easy and once I got domain administrator, all I had to do was implement a form of persistence and it’s reporting time! The last attack was quite underwhelming in my opinion and I definitely felt the hardest part was finding the vulnerability.
Overall, I had zero issues with the reporting and was able to complete my debrief within 15 minutes (I think I took about 14 mins?). PNPT was integral in developing my foundation in pentesting and despite failing so many times, I don’t have any regrets taking this certificate.
Should you take the PNPT?
Conversely, I would not recommend this certification for beginners. PNPT, particularly when the company was still under Heath’s ownership, was a certificate that offered comprehensive course materials at an affordable price. However, ever since the acquisition by Educate360, lifetime access to the materials has been removed and replaced with a one-year access model. Combined with several price increases, it is no longer worthwhile to pursue the PNPT over other alternative resources that provide greater value such as HTB Academy (CPTS) and TryHackMe.
As for practitioners who already have a baseline foundation in pentesting? There’s honestly no reason to get the PNPT over other, more prestigious, certifications such as the OSCP, CRTO, or CPTS. Thus, I feel the PNPT is currently in between a rock and a hard place; It’s too expensive to be considered a worthwhile purchase for beginners, while too basic to be considered useful for people trying to advance their skills or get past the “HR Filter”.