Physics Wallah (PW) VAPT Interview Experience — A Fresher's Story

If you're a cybersecurity fresher looking for VAPT roles, this blog might help you. Here's my complete Physics Wallah (PW) VAPT interview…

Chhavi Rohilla

~3 min read · December 20, 2025 (Updated: December 20, 2025) · Free: Yes

If you're a cybersecurity fresher looking for VAPT roles, this blog might help you. Here's my complete Physics Wallah (PW) VAPT interview experience, from application to waiting for results.

How It All Started

Like most cybersecurity opportunities, this one also started on LinkedIn.

I saw a post from PW's HR team mentioning openings for SOC and VAPT roles. The best part? 👉It was open for freshers, final-year students, and recent graduates.

Without thinking twice, I filled out the Google Form for the VAPT role, uploaded my resume, and hoped for the best.

1) Resume Shortlisted (Faster Than Expected)

Surprisingly, on the same day evening, I received an email saying my resume was shortlisted.

At this point, excitement kicked in but I also knew the real test was coming.

2) VAPT Assessment & Report Submission

The email contained the VAPT assessment.

The labs were CTF-style, similar to platforms like DVWA.

The difficulty level was easy to medium
If you have practiced on platforms like PortSwigger, PentesterLab, or CTFs, this part should be manageable

Vulnerabilities Covered: XSS, SQLi, CSRF, SSTI, Rate limiting, IDOR, Command Injection, XXE, File Inclusion, Unrestricted file upload, Insecure Deserialization, Broken Authentication, API hacking, Captcha Bypass and Path Traversal.

Each category had 3–8 labs, Although the labs themselves were not very difficult, the quantity was quite large, and the deadline was only 3 days.

Luckily, I had a college break at that time, so I practically lived inside Burp Suite for those 3 days 😅.

Report Submission: PW didn't just want flags. They wanted a proper VAPT report, including:

Proof of Concept (PoC)
CVSS score
Impact
Mitigation

I submitted a detailed report, hoping it would stand out.

3) Technical Interview — Finally Face to Face

On the same evening I submitted my report, I got a call from HR.

Good news: 👉 I was shortlisted for the technical interview, scheduled for the very next day.

Platform: Google Meet
Duration: ~30 minutes

What They Asked:

Introduction
OWASP Top 10
Common web vulnerabilities
Mitigation techniques
CSP (Content Security Policy)
Nmap
Scenario-based questions (like ransomware response)

The interview felt smooth and engaging.

At the end, I asked for feedback. The interviewer said I did well and mentioned he would forward my name to HR for the next round.

That felt reassuring.

4) Techno-Managerial Round — Short and Confusing

The very next day, HR called again to schedule the techno-managerial round for the same evening.

Honestly, I expected some managerial or behavioural questions — but it turned out to be mostly technical, similar to the previous round.

A few things felt off:

The interviewer joined late (they were in another meeting)
The interview was supposed to be 30 minutes
It ended in about 10 minutes

The interviewer seemed less interested, which made me a bit uneasy.

When I asked for feedback:

"HR will tell you."

When I asked about the result timeline:

"HR will tell you."

And… that was it.

Waiting Phase (The Hardest Part)

It's been 2 days since that round.

I've already messaged the HR, but there's no response yet.

Now comes the most relatable phase of every fresher's journey:

Refreshing inbox 📧
Overthinking every interview answer
Wondering whether I'll get an update or get ghosted

I'll update this blog once I hear back.

Final Thoughts

The VAPT assessment was genuinely good and practical
The technical interview tested real concepts
The final round felt rushed, but that happens sometimes, why this time!

Regardless of the outcome, it was a great learning experience and gave me confidence in my VAPT skills.

#physics-wallah #vapt #freshers #cybersecurity-interview #owasp-top-10