TheLeopard65
Published on

TryHackMe PT1 Exam Review (August 2025)

AUTHORS
  • avatar
    NAME
    Yasir Mehmood
    TWITTER

Hi, I'm Yasir Mehmood. I recently completed the TryHackMe PT1 (Junior Penetration Tester) exam and wanted to share my honest experience - covering my preparation, the exam structure, the issues I faced, and my final thoughts for anyone planning to take it.

Requirements

Here's what the first-ever offensive certification from TryHackMe offers:

  • Exam Format: 3 realistic penetration testing engagements (Web, Network, and AD)
  • Duration: 48-hour hands-on, unproctored exam
  • Submission: HTML-style report uploaded via a web-based platform
  • Scoring: Automated AI-based grading system
  • Passing Score: 750 / 1000 points
  • Retake Policy: 1 free retake included

My Experience

I took the PT1 exam to validate my foundational offensive security skills and as a warm-up before attempting more advanced certifications like Hack The Box CPTS.

My overall experience was mixed - a solid 6/10. I passed on my second attempt with 775 points, after failing the first one (646 points) due to severe environment issues where no flags were present despite successful exploitation.

  • Exam Date: 21st August, 2025
  • Total Time Spent: ~29.5 hours
  • Format: Hands-on Practical
  • Connection: VPN-based lab Environment.
  • Exam Style: Flags and reporting tasks across 3 domains.
  • Focus Areas: Enumeration, exploitation, and report writing fundamentals.

The TL;DR? It's underwhelming.

I appreciate the idea behind an entry-level penetration testing cert - especially one aimed at newcomers looking for hands-on, realistic scenarios. But PT1 was more frustrating than educational: inconsistent, demoralizing, and at times just poorly executed.

The Web Section: Burnout in a Box

This part felt like it was designed to break the spirits of bug bounty beginners. You dig through vulnerable apps, uncover legitimate issues like XSS, only to discover... it's the "wrong" function. No flag. No points. Just wasted time. (Even though my "XSS" Vulnerabilty was counted towards marking). It's not that your exploit path is wrong - it's that the exam only rewards the one path they expect, even if your alternative is equally valid.

The Network Section - a chaotic lottery.

The Network portion is all over the place. Some challenges are trivial - think plaintext FTP creds or an open-service scan - then, without warning, you're slammed with PDF-reader RCEs or ASPX server-side logic puzzles that feel ripped straight from OSCP-style labs.

Below, I've broken down the positive aspects, frustrating issues, preparation strategy, and the tools I used.

Positives

  1. Beginner-Friendly Design - The PT1 exam does a great job of introducing newcomers to real-world penetration testing. The structure and flow are approachable, and tasks are clearly defined.
  2. Hands-On Learning - The exam rewards consistent methodology and solid enumeration. It's practical and realistic for its level.
  3. Progress Validation - The flag-based checkpoints help track progress and maintain motivation.
  4. Affordable & Accessible - The price point and VPN-based setup make PT1 one of the most accessible entry-level certifications.
  5. Genuine Learning Value - Even if you already understand the basics, you'll discover gaps in your workflow and methodology.

Negatives & Suggestions

1. Unstable Exam Environment

  • The environment stability is easily the biggest flaw. In my first attempt, several vulnerabilities were exploitable but yielded no flags. Later, support confirmed this was an issue with the exam instance itself.

  • My Advice: Before starting, double-check with TryHackMe support that your instance is correctly deployed. If something feels off (e.g., missing flags), reset the instance immediately or contact support.

2. Confusing Report Interface

  • The web-based reporting platform feels clunky. Formatting is inconsistent - headings, bullet points, and numbering often break. Worse, you can't embed screenshots or code blocks.

  • My Advice: Draft your report externally (Google Docs or Word) and paste it in when ready. You can experiment with simple HTML for cleaner formatting, but note that it's not officially documented by TryHackMe.

3. Uneven Difficulty

The overall difficulty feels inconsistent across sections.

  • The Web segment is disproportionately harder than expected. (and stupidly un-realistic)
  • The Network section is moderate and realistic.
  • The AD segment is oversimplified - not a true Active Directory environment.

My Advice: Don't underestimate the Web section. Brush up on intermediate-level web exploitation and logic flaws.

I recommend to start the Web Section at the end and complete Network & AD first.

How I Prepared

My preparation focused on fundamentals and practical repetition rather than memorizing room walkthroughs.

  • Previous Experience: I had already passed the eJPT and eCPPT exams.
  • TryHackMe Paths: Completed around 8 full learning paths related to offensive security.
  • THM Rooms: Focused heavily on enumeration, web, and AD-centric rooms.
  • CTF Practice: Completed ~10-15 Hack The Box boxes and 25+ THM challenges.
  • Notes Review: Revised and updated my eJPT/eCPPT notes before the exam.

If you're planning your study, here's a practical checklist:

  1. Master Nmap enumeration and scripting.
  2. Practice Web app basics - directory busting, SQLi, file upload, IDORs.
  3. Learn common Windows/Linux privilege escalation paths.
  4. Understand credential reuse, pivoting, and lateral movement fundamentals.
  5. Practice efficient note-taking and reporting.

Recommended TryHackMe Rooms:

  • Web: Pickle Rick, Billing, Rabbit Store, Silver Platter, Avenger
  • Network: Blue, Net Sec Challenge, Stealth, Loopback, Linux LPE, Windows LPE
  • AD: Reset, Ledger, K2, AD: Authenticated Enumeration
  • Reporting: Writing Pentest Reports

Note-Taking Tips

For PT1, structured note-taking can make or break your attempt. My setup:

  • Scope Page: Overall exam environment and rule summary.
  • Per-Host Notes: IPs, ports, services, credentials, screenshots, and flags.
  • Command Reference: All used commands and outputs.
  • Time Log: Tracks your workflow and breaks - useful for retakes or reviews.

Whether you prefer Notion, Markdown, or plain text, pick one method and stick with it.

Biggest Concern - No proctoring.

  • This raises a valid concern for employers: how can they be confident a candidate completed the exam without outside help?
  • To strengthen professional credibility, TryHackMe should consider offering optional proctoring - giving candidates a way to demonstrate integrity and employers a reason to trust the results.

Conclusion

The TryHackMe PT1 is a solid introductory certification for aspiring penetration testers. While it's not comparable to advanced certs like OSCP, eCPPT, CPTS, or PNPT, it fills an important niche for those transitioning from learning to real-world simulation.

Final Thoughts: Focus on enumeration and reporting discipline. Don't rely on luck with the environment -- test, reset, and document everything. PT1 is best viewed as a stepping stone that highlights what you need to improve next in your pentesting journey.

My PT1 Certification

VIEW THE BLOG POST ON GITHUB