Overview
This instructor led, online training course, provides students with all the knowledge they need to write exploits and build tools to outthink and thwart attacks. With groundbreaking penetration testing methods and techniques, this Penetration Testing course helps students perform intensive assessments required to effectively identify and mitigate security risks to computer systems, networks and infrastructures.
The CPENT certification is intended for Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals.
COURSE INSTRUCTOR: Ken Nevers, Cybersecurity
COURSE DIFFICULTY: Advanced
COURSE DURATION: 60h 15m
After completing this online training course, students will be able to:
-
Better understand reconnaissance tools like passive vs active information gathering, active recon, and more
-
Describe the different types of phishing
-
Scan and target enumeration
-
Describe and use the different penetration testing tools, such as Wireshark, Powershell, Powercat, and more
-
Describe and use the different web application penetration testing tools
-
Describe and use the different internal network penetration testing tools
-
Utilize binary analysis and exploitation
-
Perform wireless and cloud penetration testing
- Ethical hackers
- Penetration testers
- Red team professionals
- Network server administrators
- Firewall administrators
- Security testers
- System administrators and risk assessment professionals
Students should be CND & CEHv11/CEHv10 certified and should have a good understanding of pentesting.
- OSINT
- Active Recon
- Subdomain Enumeration
- Human Hackery
- Attack Basics
- Creating Campaigns
- Phishing Documents
- DNS
- Port Scanning with NMAP
- Common Protocols and Ports
- Netcat
- SOCAT
- PowerShell and Powercat
- Wireshark
- Tcpdump
- Engagement Scoping
- General Toolsets
- OWASP Top 10
- OWASP Examples
- Internal Network Penetration Testing Overview
- Active Directory Overview
- LLMNR Poisoning
- SMB Relay Attacks
- Man-In-The-Middle6
- Enumeration for Additional Attack Vectors
- Pass the Hash / OverPasstheHash
- Kerberoasting
- GPP & cPassword Attack
- Golden Ticket Attacks
- Crackmapexec
- Buffer Overflow Overview
- Fuzzing
- Finding the Offset
- Overwriting the EIP
- Finding Bad Characters
- Generating Shellcode
- Exploitation
- Wireless Penetration Testing Overview
- Attacking Access Points
- Wired Equivalent Privacy
- Wi-Fi Protected Access
- Internet of Things Pentesting
- Industry Control Systems and Supervisory Control and Data Acquisition Penetration Testing
- ICS Cyber Kill Chain
- Programmable Logic Controller Systems
- Shodan for Networked Systems
- Networking Scanning for ICS
- NMAP with Tuning for SCADA
- Simple Network Management Protocols
- PLCScan
- Metasploit Modbusdetect Module
- Cloud Penetration Testing Overview
- Amazon Web Services
- Bucket Enumeration
- AWS Lambda
- Bloodhound with Azurehound
- ADConnect Exploitation
- Google Cloud Platform
- Purple Panda