welcome back to another video and today we'll talk about how to prepare for the pwpt or practical web penetration tester exam I'm going to do my best to not spoil the entire thing but give you some insights into how best to prepare and approach the exam if you're thinking about taking it on or you're just curious to find out some ways to approach it then this is the video for you and of course if you have questions you can either leave them down in the comments below or swing by one of our weekly live streams as cyber threats grow so does the need for skilled professionals TCM security certifications are here to elevate your skills to meet these challenges our courses are tailored to give you an edge with practical scenario based exams step into the world of advanced cyber security at certifications dotcms sec.com and make your mark as always if you enjoy the video don't forget to like And subscribe and let's dive in so similar to other TCM exam you'll have a number of days to carry out a pentest on a Target and then extra time to write a report for the pwpt though there's no debrief so as usual you'll log into the platform you'll be given a VPN file to connect to the environment and then begin your pent test and remember that the emphasis on the exam is to treat this like a pentest it's going to require you to work through the target methodically and your report should include low medium and high finding things you shouldn't skip out and just report the things that you think are high impact but let's talk about the prerequisite knowledge so first up everything you need to know in the course is in the TCM courses practical API hacking and practical web hacking if you go through these and complete the exercises take notes and absorb the material then you're going to be well prepared to take on the exam I've built the exam box not to catch you out but to mimic real world issues that I've found during pentests that were overlooked by scanners and would require knowledge of the vulnerability and a solid testing methodology and troubleshooting skills to find throughout the courses I talk about trying to understand the application behavior and how it responds to our input and whenever you're testing a part of the application think about what the intention of the functionality is and try to consider what vulnerabilities might be relevant and edge cases that might exist I also want to emphasize that here knowledge of modern web applications and Technologies is definitely something to strive towards the pwpt won't be an old PHP app vulnerable to NB injection therefore knowing about things like rooting and templating engines and apis is definitely going to help you out a lot of this is covered in the course material but of course if you've never built a small modern web app before then I recommend spending an hour creating something in flask or a small API a driven application using node and express and it's really going to help you grasp the fundamentals of how modern web applications behave now let's talk about the path to pwpt and what we can do along the way to maximize our chances of success first up if you're new to web app pen testing or bug Bounty or absc then aiming for PJ WT based around the Practical bug Bounty course is a good place to start the exam follows a very similar format but by no means is a requirement for pwpt so if that's what you're after then skip that and dive straight in next we really need to get comfortable with HTTP and understanding different headers content types and also common authentication and authorization mechanisms including things like Json web tokens session tokens etc etc luckily to get a lot of this Insight all we need to do is follow the courses and take good notes and absorb the exam material but make sure to pay special attention to requests and responses and Google anything that you see that you don't understand at First Sight you need to continue to build that Foundation of knowledge we also need to know about common security controls like input filtering and be able to test these controls to make sure that they're effective or find any weaknesses and finally putting together a game plan for your exam it's all well and good having detailed notes but if you have to spend a lot of time rereading those notes or trolling through them and then creating tests and then double-checking them and then going off on tangents and making sure that you didn't miss anything you're going to be wasting a lot of time so personally I have checklists for different Technologies like jwt's as well as different vulnerabilities like injection attacks or xxe or race conditions so that when I see a search box I think okay my input is probably used to query the database so I need to test for SQL or no SQL injection my input is also reflected back to me on the page so I need to test for cross-site scripting and if the application is using a templating engine then I would need to think about template injection 2 for all of these attacks I have checklists and payloads that I can use to get started with and given the extra context that I will have gathered from testing the application I can add or remove checks as I go at the very least it's going to help me identify which word lists I might want to use for fuzzing just to get started or it's going to help me uncover and exploit p on vulnerabilities once you have the fundamentals down start to think about the impact of attacks and what I mean by this is really thinking about how your payload is impacting the application its users and the administrators and this has two major benefits first it helps us correctly assess if the vulnerability is actually a major issue or just a minor bug and second it will help you identify the potential for chaining vulnerabilities together to achieve a larger goal so whenever you find something even if it's it's just quirky Behavior think to yourself so what what does this really mean what does this enable me to do next we want to get into the habit of verifying our findings and documenting proof of Concepts your PC doesn't necessarily need to be something like a standalone script that goes from nothing to rooting the box but putting together simple instructions that other Engineers can easily follow is going to be ideal and it's going to be useful as notes for you in the future when you come across a similar issue finally make sure that you have your environment prepped and ready to go and that means having burp Suite configured how you like it with the extensions that you want to use already installed word lists and payloads ready to go or at the very least bookmarked so that they are easily accessible now if you feel like you need some extra practice before taking the exam or you just want to sharpen your skills in your spare time then I recommend you try the practitioner level mystery Labs on ports sger also revisiting challenges from the course material is a great way to practice there will likely be small details or alternative payloads to uncover you're focusing on attacking a particular piece of functionality and this can help us tune into what attacks to use and when now to wrap up I have some exam tips that I wanted to share and some of these are generic advice for any practical exam but still really really important so first up we have taking regular breaks even during my daily work every time I take a break make a cup of tea or step away from my desk for a minute when I return I pretty much solve the problem that I was stuck on or make some kind of meaningful progress second as you test functionality create a to-do list of tests and edge cases as they come up into your head and then come back to them the reason I say this is that it's easy to test something and then come up with an idea and then go off on a tangent and test that idea before you've fully exhausted the tests that you were already doing and if we Revis visit my search bar example from earlier where we had the potential for injection into the database cross-site scripting and template injection if we were testing xss and then suddenly thought ah maybe template injection and started to do that before we'd even completed our xss testing we might be overlooking a vulnerability and it would go undiscovered or at the very least we would have to come back to it later on and waste time retesting or trying to figure out what we already covered and what we didn't and my last tip is to take your time we've created the exam box so that you have time to complete it and you'll likely run out of ideas before you run out of time itself therefore you have the time to take good notes to make sure that you test thoroughly and if you finish testing everything and feel like you've missed something there will be time to go back and reassess anything that you want to check over once again nothing in the exam is designed to trick you it's designed to show you that you can find and exploit real world World issues and that's it for this video I hope it helps you on your journey to pwpt and if you have any questions then once again let us know down in the comments below or swing by one of our weekly live streams and I will catch you next time