TryHackMe PT Study Notes (Unofficial)
THM PT1 study notes is an unofficial study guide and companion for the TryHackMe Junior Penetration Tester (THM PT1) exam. This guide is…
THM PT1 study notes is an unofficial study guide and companion for the TryHackMe Junior Penetration Tester (THM PT1) exam. This guide is designed for both students and professionals. It provides a comprehensive, hands-on approach to penetration testing, simulating a real-world engagement from start to finish. The book covers three key domains: Application Security, Network Security, and Active Directory, giving you the practical knowledge needed to identify and exploit vulnerabilities across various systems.
This guide goes beyond theory, offering detailed breakdowns of crucial topics such as networking basics, web pentesting techniques, and advanced exploitation methods. It includes practical examples for using essential tools like Burp Suite, Nmap, Metasploit, and BloodHound. Whether you’re preparing for the THM PT1 exam or looking to refresh your cybersecurity fundamentals, this book serves as an all-in-one resource to help you master the skills required to become a junior penetration tester.
About PT1
THM PT1 is ideal for individuals who want to move into red teaming or penetration testing. It gives a realistic glimpse into what the actual job entails by simulating full engagements, including vulnerability exploitation, lateral movement, and report writing.
If you’re already working in a blue team role (e.g., in a Security Operations Center or doing detection work), PT1 helps develop an offensive mindset. Understanding how attackers think and move can enhance your defensive strategies and broaden your career prospects.
Table of Contents
- About The Authors
- About This Guide
- Exam Prep
- Web Pentesting
- Networking Basics
- Programming Basics
- Network Pentesting
- Cryptography
- Metasploit
- Exploitation
- Linux Fundamentals
- Linux Privilege Escalation
- Windows OS Fundamentals
- Powershell
- Windows Privilege Escalation
- Active Directory
- Lateral Movements & Pivoting
Page count: 385
Format: PDF
Disclaimer: Unofficial Study Material
This study guide is an unofficial, independently written resource created solely for educational purposes. It is based on personal exam experience and publicly available information. This product is not affiliated with, endorsed by, or authorized by TCM, or any of their partners. It does not contain any copyrighted material, proprietary courseware, or confidential exam content.All trademarks, logos, and brand names are the property of their respective owners.
What’s Inside
This guide contains detailed notes on a wide range of topics essential for a junior penetration tester. Here’s a look at what you’ll find inside:
- Exam Preparation: Get a clear overview of the PT1 exam structure, including its hands-on format and focus areas, which are split into Application Security (40%), Network Security (36%), and Active Directory (24%). The guide also recommends key tools like Burp Suite, Nmap, and Metasploit for each section
- Web Pentesting: Learn about the core characteristics of web applications, the technologies used in their development (frontend and backend), and the HTTP/HTTPS protocols. The book provides an in-depth look at HTTP requests and responses, along with common web attacks like SQL injection, XSS, and CSRF.
- Networking Fundamentals: A comprehensive overview of networking is provided, covering packets, protocol layers (TCP/IP and OSI models), and IPv4/IPv6 addressing. Youll also learn about key protocols like TCP and UDP, common ports, and how to use tools like netstat and Wireshark for analysis.
- Linux and Windows Exploitation: The book includes sections dedicated to the fundamentals of both Linux and Windows operating systems. Youll find information on common directories, system information commands, and detailed methods for privilege escalation, including exploiting SUID binaries, cron jobs, and scheduled tasks.
- Active Directory Attacks: A significant portion of the guide is dedicated to Active Directory, covering user and group enumeration, password policies, and various attack vectors. It explains how to use tools like BloodHound to visualize attack paths and exploit misconfigurations in group policies and permissions.
- Credential Harvesting and Lateral Movement: Learn about techniques for moving through a network after an initial compromise. The guide details how to abuse writable shares, perform Pass-the-Hash and Pass-the-Ticket attacks, and use SSH and socat for port forwarding and dynamic tunnels.
Get it below
Good luck !
