Certified Penetration Testing Consultant

Transform your cybersecurity skills by becoming a Certified Penetration Testing Consultant, mastering advanced techniques and strategies to thwart hackers with this comprehensive, hands-on training designed for aspiring security experts.

Course Thumbnail

Essential Skills Gained

Checkmark

Design and execute comprehensive penetration testing strategies.

Checkmark

Implement non-technical breach methods to assess system vulnerabilities.

Checkmark

Understand business risk implications of security vulnerabilities.

Checkmark

Optimize security controls to effectively mitigate threats.

Format

  • Instructor-led
  • 5 days with lectures and hands-on labs.

Audience

  • Pen Testers
  • Ethical Hackers
  • Network Auditors
  • Cyber Security Professionals

Description

A Certified Penetration Testing Engineer imagines all of the ways that a hacker can penetrate a data system. You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system. Our C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants. In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk. CPTE Exam Prep, Exam Voucher & Free Retake are included

Calendar icon

Upcoming Course Dates

No upcoming dates. Please check back later.

Course Outline

Download PDF

Module 1 – Business and Technical Logistics of Pen Testing

  1. What is Penetration Testing?

  2. Today’s Threats

  3. Staying up to Date

  4. Pen Testing Methodology

  5. Pre-Engagement Activities

Module 2 – Information Gathering Reconnaissance- Passive (External Only)

  1. What are we looking for?

  2. Keeping Track of what we find!

  3. Where/How do we find this Information?

  4. Are there tools to help?

  5. Countermeasures

Module 3 – Detecting Live Systems – Reconnaissance (Active)

  1. What are we looking for?

  2. Reaching Out!

  3. Port Scanning

  4. Are there tools to help?

  5. Countermeasure

Module 4 – Banner Grabbing and Enumeration

  1. Banner Grabbing

  2. Enumeration

Module 5 – Automated Vulnerability Assessment

  1. What is a Vulnerability Assessment?

  2. Tools of the Trade

  3. Testing Internal/External Systems

  4. Dealing with the Results

Module 6 – Hacking Operating Systems

  1. Key Loggers

  2. Password Attacks

  3. Rootkits & Their Friends

  4. Clearing Tracks

Module 7 – Advanced Assessment and Exploitation Techniques

  1. Buffer Overflow

  2. Exploits

  3. Exploit Framework

Module 8 – Evasion Techniques

  1. Evading Firewall

  2. Evading Honeypots

  3. Evading IDS

Module 9 – Hacking with PowerShell

  1. PowerShell – A Few Interesting Items

  2. Finding Passwords with PowerShell

Module 10 – Networks and Sniffing

  1. Sniffing Techniques

Module 11 – Accessing and Hacking Web Techniques

  1. OWASP Top 10

  2. SQL Injection

  3. XSS

Module 12 – Mobile and IoT Hacking

  1. What devices are we talking about?

  2. What is the risk?

  3. Potential Avenues to Attack

  4. Hardening Mobile/IoT Devices

Module 13 – Report Writing Basics

  1. Report Components

  2. Report Results Matrix

  3. Recommendations

Lab 1 – Introduction to Pen Testing Setup

  1. Recording IPs and Logging into the VMs

  2. Research

Lab 2 – Linux Fundamentals

  1. Command Line Tips & Tricks

  2. Linux Networking for Beginners

  3. Using FTP during a pentest

Lab 3 – Using tools for reporting

  1. Setting up and using magictree

Lab 4 – Information Gathering

  1. Google Queries

  2. Searching Pastebin

  3. Maltego

  4. People Search Using the Spokeo Online Tool

  5. Recon with Firefox

  6. Documentation

Lab 5 – Detecting Live Systems - Scanning Techniques

  1. Finding a target using Ping utility

  2. Footprinting a Target Using nslookup Tool

  3. Scanning a Target Using nmap Tools

  4. Scanning a Target Using Zenmap Tools

  5. Scanning a Target Using hping3 Utility

  6. Make use of the telnet utility to perform banner grabbing

  7. Documentation

Lab 6 – Enumeration

  1. OS Detection with Zenmap

  2. Enumerating a local system with Hyena

  3. Enumerating services with nmap

  4. DNS Zone Transfer

  5. LDAP Enumeration

Lab 7 – Vulnerability Assessments

  1. Vulnerability Assessment with SAINT

  2. Vulnerability Assessment with OpenVAS

Lab 8 – Software Goes Undercover

  1. Creating a Virus

Lab 9 – System Hacking – Windows Hacking

  1. System Monitoring and Surveillance

  2. Hiding Files using NTFS Streams

  3. Find Hidden ADS Files

  4. Hiding Files with Stealth Tools

  5. Extracting SAM Hashes for Password cracking

  6. Creating Rainbow Tables

  7. Password Cracking

  8. Mimikatz

Lab 10 – System Hacking – Linux/Unix Hacking

  1. Taking Advantage of Misconfigured Services

  2. Cracking a Linux Password

  3. Setting up a Backdoor

Lab 11 – Advanced Vulnerability and Exploitation Techniques

  1. Metasploitable Fundamentals

  2. Metasploit port and vulnerability scanning

  3. Client-side attack with Metasploit

  4. Armitage

Lab 12 – Network Sniffing/IDS

  1. Sniffing Passwords with Wireshark

  2. Performing MitM with Cain

  3. Performing MitM with sslstrip

Lab 13 – Attacking Databases

  1. Attacking MySQL Database

  2. Manual SQL Injection

Lab 14 – Attacking Web Applications

  1. Attacking with XSS

  2. Attacking with CSRF

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.