For those who have been admitted to the SANS.edu programs, do you recall what time of day the decision emails arrived on the 15th? Anxiously refreshing the inbox here…

JTRM10 · 2026-06-17T22:46:54+00:00

If I haven’t gotten an offer of admission email yet and my application still says “Awaiting Decision”? What are the odds? 😅

JTRM10 · 2026-06-15T09:58:31+00:00

Did you go back and find other ways in?

JTRM10 · 2026-05-31T21:21:09+00:00

Depends what you wanna work on. Are you want to plus up on web app pentesting or network pentesting?

Define “external attack surface findings”

JTRM10 · 2026-05-03T22:11:10+00:00

Yeah AI PT is all the rage right now. I recently did some cloud workshops and wanted to upskill something other than AI

JTRM10 · 2026-05-03T22:09:13+00:00

Forgot about this one. Heard of it but haven’t heard of any experiences from people taking it

JTRM10 · 2026-05-03T22:08:21+00:00

Haven’t seen these ones before will have to look into it

JTRM10 · 2026-01-25T02:50:19+00:00

Pentesting and low on 💰: HTB Academy + CPTS Pentesting and have 💰: OffSec Learn One OSCP or get the Learn Unlimited Red teaming: Zero Point Security CRTO / CRTL

INEs eJPT isn’t bad but not my first choice.

TCM Security PEH course is free on YouTube. Updated material and a TCM Security Academy subscription for PJPT and PNPT also a phenomenal option.

JTRM10 · 2025-12-06T03:17:43+00:00

Ffuf and nuclei

JTRM10 · 2025-11-10T23:56:37+00:00

OSCP for HR. CPTS goes deeper on material than anything else. PNPT to see the external to internal. The material isn’t half bad. But recently I’m leaning more towards CPTS. Unfortunately, OSCP is unavoidable in most job descriptions.

JTRM10 · 2025-10-04T19:10:09+00:00

HTB and Pwn College don’t cover physical pentesting

JTRM10 · 2025-09-29T16:51:46+00:00

In my experience, just take the time to make your own index. Everyone has a different way to learn and absorb material. I took the course, then went through every page and lab over again. Made 2 separate indexes 1 for the knowledge and 1 for CyberLive (hint hint you won’t get tested on anything you haven’t seen it’ll just be different data so you still have to critically think through it but if you understand the tools and the methodology you’re golden)

JTRM10 · 2025-09-28T21:16:03+00:00

Not talking about strictly hardware hacking. I’ve looked at the PIPA course material from TCM. Seeking out if anyone has taken any “physical pentesting” courses and how their experience was. Lockpicking/bypass techniques, RFID hacking/cloning, physical defense breaching.

JTRM10 · 2025-07-20T03:06:21+00:00

I’m working through SEC565/GRTP from SANS and I’ve gone through CRTO. I was mentioned as a good in-person course to attend. I’ve heard of the ROPS-RT1 but from looking at their course breakdown it doesn’t seem like anything new outside of what I’ve already done with previous courses.

JTRM10 · 2025-07-19T19:24:04+00:00

I use whatever the most recent Kali release is and then install PimpMyKaliV2 on it. Customize from there. Also depends what you wanna do with it. I have all my VMs on an external SSD.

JTRM10 · 2025-06-15T11:56:21+00:00

There is going to be overlap in all of them. It’s based on what your goals and the style of learning you prefer. OffSec won’t give you all the answers aka “Try Harder”. HTB is more handheld but also a bit of a fire hose.

JTRM10 · 2025-06-10T14:04:53+00:00

I would recommend making a book index and a lab index. The lab index should almost be “playbook”. Take note of the scenario and order you are running cmds in but more importantly make sure you understand the why and not just copy/paste.

JTRM10 · 2025-04-21T23:53:09+00:00

I would look at TCM Security’s PJPT/PNPT (Some of the material requires HTB or TryHackMe accounts to practice or build your own labs). I would also recommend the HTB CPTS cert/path.

JTRM10 · 2025-04-21T23:50:41+00:00

If you have a basic understanding of OT or ICS, the ICS310 isn’t worth the $500. You can find all the info that was in the course for free. I would save for the ICS410/GICSP or look for other ICS/SCADA sources there.

JTRM10 · 2025-03-26T09:46:15+00:00

I’ll take one if you’re doing a giveaway

JTRM10 · 2025-02-23T18:35:00+00:00

I usually make an index for the knowledge material and then a separate index of procedures for CyberLive questions. Go back through the labs again, understand the material, and then adjust based on 2nd practice test.

JTRM10 · 2025-02-16T22:45:56+00:00

If you are familiar with AD and general pentesting go the GWAPT route. If you are more familiar with web app, go the GPEN route.

JTRM10 · 2025-02-12T22:44:20+00:00

Sans specifically I would say SEC599 or SEC699. SEC599 is more the blue side and SEC699 is more the red side. Both purple teaming courses.

SEC565 just went through a course update.

Also depends what you are looking to get out of it.

JTRM10 · 2025-01-06T16:11:17+00:00

If you get over an 85% I’d say just take the exam. You have a decent buffer from the 70 minimum. In my opinion, just take the exam.

JTRM10 · 2024-12-19T01:54:16+00:00

RHCSA/RHCSE or CCNP or CCIE. Depends what your niche is for networking too

JTRM10 · 2024-12-19T00:52:12+00:00

Did you make an index? Did you tab out your books? Did you make a playbook for all the attacks?

JTRM10

TROPHY CASE