Certified Penetration Testing Consultant

Gain the advanced skills to become a Certified Penetration Testing Consultant, mastering network infrastructure and protocol attacks for IT security professionals targeting large corporate environments.

Course Thumbnail

Essential Skills Gained

Checkmark

Design effective penetration testing strategies for complex network infrastructures.

Checkmark

Implement advanced techniques for Layer2, Layer3, and VPN attacks.

Checkmark

Analyze network traffic using cutting-edge tools to identify vulnerabilities.

Checkmark

Understand and apply methods to evade IDS/IPS and implement secure protocols.

Format

  • Instructor-led
  • 4 days with lectures and hands-on labs.

Audience

  • IS Security Officers
  • Cyber Security Managers/Admins
  • Penetration Testers
  • Ethical Hackers

Description

The vendor neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in conducting Penetration tests against large network infrastructures similar to large corporate networks, Services Providers and Telecommunication Companies. Instead of focusing on operating system level penetration testing, this course covers techniques on how to attack and prevent underlying network infrastructure and protocols. The training starts from basic packet capturing and analyzing by using both commercial and open source tools. From there, the student continues with Layer2 attack vectors, Layer3 based attacks; including both IPv4 and IPv6 stacks, routing protocol attacks (OSPF, BGP, etc) and then hops over to service provider level attacks related with very common used MPLS, how to use relays and pivots, VPN attacks including IPSEC protocol suite, and SSL attacks. Finally, the class will cover NIDS/NIPS evasion and implementation techniques. This course uses in-depth lab exercises after each module. Students may spend 16 hours+ performing labs that emulate a real world Pen Testing model. Students will make use of scores of traditional and cutting edge Pen Testing tools (GUI and command line, Windows and Linux) as they make their way through mile2’s time-tested methodology.   Mile2 Accreditations:

  1. Accredited by the NSA CNSS 4011-4016
  2. Is approved and has been placed on Homeland Security's National Initiative for Cyber Security Careers and Studies (NICCS) training providers and maps to the National Cybersecurity Workforce Framework
  3. Preferred cyber certification for the FBI

Calendar icon

Upcoming Course Dates

No upcoming dates. Please check back later.

Course Outline

Download PDF

Module 1: Packet Capturing

  1. Packet capturing using libpcap

  2. Capturing using ncap

  3. Packet Capturing Software

  4. Windump / TCPDump Usage

  5. Wireshark General Settings

  6. Capture Options Menu Shortcuts

  7. Packet Reassembly

  8. Capturing VOIP Calls

Module 2: Layer2 Attacks

  1. FBI/CSI Risk Assessment

  2. Different Types of attacks

  3. Switch Learning Process

  4. Excessive Flooding

  5. Mac Flooding

  6. Spanning Tree Basics

  7. VLAN Hopping Attack

  8. ARP Spoofing Attack Tools

Module 3: Layer3 Attacks on Cisco Based Infrastructures

  1. BGP Route Injection

  2. DDoS detection and prevention

  3. MPLS Router integrity checking

Module 4: Pivoting and Relays

  1. Netcat Backdoors

  2. Persistent Listeners

  3. Simple Netcat Relay

Module 5: IPv6 Attacks

  1. ICMPv6 Neighbor Discovery

  2. DAD DoS Attack

  3. IPv6 Attack Tools

Module 6: VPN Attacks

  1. IPSec Detection

  2. Main Mode PSK Cracking

  3. IKE-Scan Techniques

Module 7: Defeating SSL

  1. Setting up IPTABLES

  2. SSLSTRIP Technique

  3. Certificate Revocation

Module 8: IDS/IPS Evasion

  1. Evasion Networking Standards

  2. Fragmentation-Based Techniques

  3. Sending Overlapping Fragments

  4. Javascript Evasions

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.