Overview

This instructor led, online training course, provides students with all the knowledge they need to write exploits and build tools to outthink and thwart attacks. With groundbreaking penetration testing methods and techniques, this Penetration Testing course helps students perform intensive assessments required to effectively identify and mitigate security risks to computer systems, networks and infrastructures.

The CPENT certification is intended for Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals.

COURSE INSTRUCTOR: Ken Nevers, Cybersecurity
COURSE DIFFICULTY: Advanced
COURSE DURATION: 60h 15m

After completing this online training course, students will be able to:

  • Better understand reconnaissance tools like passive vs active information gathering, active recon, and more

  • Describe the different types of phishing

  • Scan and target enumeration

  • Describe and use the different penetration testing tools, such as Wireshark, Powershell, Powercat, and more

  • Describe and use the different web application penetration testing tools

  • Describe and use the different internal network penetration testing tools

  • Utilize binary analysis and exploitation

  • Perform wireless and cloud penetration testing

  • Ethical hackers
  • Penetration testers
  • Red team professionals
  • Network server administrators
  • Firewall administrators
  • Security testers
  • System administrators and risk assessment professionals

Students should be CND & CEHv11/CEHv10 certified and should have a good understanding of pentesting.

01. Reconnaissance
  • OSINT
  • Active Recon
  • Subdomain Enumeration
02. Social Engineering
  • Human Hackery
03. Phishing
  • Attack Basics
  • Creating Campaigns
  • Phishing Documents
04. Scanning and Target Enumeration
  • DNS
  • Port Scanning with NMAP
  • Common Protocols and Ports
05. Penetration Testing Tools
  • Netcat
  • SOCAT
  • PowerShell and Powercat
  • Wireshark
  • Tcpdump
06. Web Application Penetration Testing
  • Engagement Scoping
  • General Toolsets
  • OWASP Top 10
  • OWASP Examples
07. Internal Network Penetration Testing
  • Internal Network Penetration Testing Overview
  • Active Directory Overview
  • LLMNR Poisoning
  • SMB Relay Attacks
  • Man-In-The-Middle6
  • Enumeration for Additional Attack Vectors
  • Pass the Hash / OverPasstheHash
  • Kerberoasting
  • GPP & cPassword Attack
  • Golden Ticket Attacks
  • Crackmapexec
08. Binary Analysis and Exploitation Overview
  • Buffer Overflow Overview
  • Fuzzing
  • Finding the Offset
  • Overwriting the EIP
  • Finding Bad Characters
  • Generating Shellcode
  • Exploitation
09. Wireless Penetration Testing
  • Wireless Penetration Testing Overview
  • Attacking Access Points
  • Wired Equivalent Privacy
  • Wi-Fi Protected Access
  • Internet of Things Pentesting
10. Industrial Control System and Supervisory Control
  • Industry Control Systems and Supervisory Control and Data Acquisition Penetration Testing
  • ICS Cyber Kill Chain
  • Programmable Logic Controller Systems
  • Shodan for Networked Systems
  • Networking Scanning for ICS
  • NMAP with Tuning for SCADA
  • Simple Network Management Protocols
  • PLCScan
  • Metasploit Modbusdetect Module
11. Cloud Penetration Testing
  • Cloud Penetration Testing Overview
  • Amazon Web Services
  • Bucket Enumeration
  • AWS Lambda
  • Bloodhound with Azurehound
  • ADConnect Exploitation
  • Google Cloud Platform
  • Purple Panda