C)PTE: Certified Penetration Testing Consultant
A Certified Penetration Testing Engineer (C)PTE) imagines all of the ways that a hacker can penetrate a data system. In this course you will learn 5 Key Elements of Pen Testing, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data and learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk.
Description
Overview
A Certified Penetration Testing Engineer (C)PTE) imagines all of the ways that a hacker can penetrate a data system. You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system. This C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants.
In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk.
CPTE Exam Prep, Exam Voucher & Free Retake are included
Course Objectives
Upon completion, the Certified Penetration Testing Engineer (C)PTE) candidate will have solid knowledge of testing and reporting procedures which will prepare them for upper management roles within a cybersecurity system. They will be able to competently take the C)PTE exam.
Who Should Attend
- Pen Testers
- Security Officers
- Ethical Hackers
- Network Auditors
- Cyber Security Engineers
- Vulnerability Assessors
- System Owners and Managers
Course Outline
Module 1: Business and Technical Logistics of Pen Testing
- What is Penetration Testing?
- Today’s Threats
- Staying up to Date
- Pen Testing Methodology
- Pre-Engagement Activities
Module 2: Information Gathering
- What are we looking for?
- Keeping Track of what we find!
- Where/How do we find this Information?
- Are there tools to help?
- Countermeasures
Module 3: Detecting Live Systems
- What are we looking for?
- Reaching Out!
- Port Scanning
- Are there tools to help?
- Countermeasure
Module 4: Banner Grabbing and Enumeration
- Banner Grabbing
- Enumeration
Module 5: Automated Vulnerability Assessment
- What is a Vulnerability Assessment?
- Tools of the Trade
- Testing Internal/External Systems
- Dealing with the Results
Module 6: Hacking Operating Systems
- Key Loggers
- Password Attacks
- Rootkits & Their Friends
- Clearing Tracks
Module 7: Advanced Assessment and Exploitation Techniques
- Buffer Overflow
- Exploits
- Exploit Framework
Module 8: Evasion Techniques
- Evading Firewall
- Evading Honeypots
- Evading IDS
Module 9: Hacking with PowerShell
- PowerShell – A Few Interesting Items
- Finding Passwords with PowerShell
Module 10: Networks and Sniffing
- Sniffing Techniques
Module 11: Hacking Web Techniques
- OWASP Top 10
- SQL Injection
- XSS
Module 12: Mobile and IoT Hacking
- What devices are we talking about?
- What is the risk?
- Potential Avenues to Attack
- Hardening Mobile/IoT Devices
Module 13: Report Writing Basics
- Report Components
- Report Results Matrix
- Recommendations
Detailed Labs Outline
Lab 1: Introduction to Pen Testing Setup
- Recording IPs and Logging into the VMs
- Joining the Domain
- Research
Lab 2: Using tools for reporting
- Setup a Shared Folder
- Setting up and using Dradis CE
Lab 3: Information Gathering
- Google Queries
- Searching Shodan
- Maltego
- The many tools of OSINT
- Recon-ng
Lab 4: Detecting Live Systems - Scanning Techniques
- Finding a target using Ping utility
- Footprinting a Target Using nslookup Tool
- Scanning a Target Using nmap Tools
- Scanning a Target Using Zenmap Tools
- Scanning a Target Using hping3 Utility
- Make use of the telnet utility to perform banner grabbing
Lab 5: Enumeration
- OS Detection with Zenmap
- Enumerating services with nmap
- DNS Zone Transfer
- Enum4linux
- AD Enumeration
Lab 6: Vulnerability Assessments
- Vulnerability Assessment with Rapid7 InsightVM
- Vulnerability Assessment with OpenVAS
Lab 7: System Hacking – Windows Hacking
- Scanning from the Hacked System
- Using a Keylogger
- Extracting SAM Hashes for Password cracking
- Creating Rainbow Tables
- Password Cracking with Rainbow Tables
- Password Cracking with Hashcat
- Mimikatz
Lab 8: Advanced Vulnerability and Exploitation Techniques
- Metasploitable Fundamentals
- Metasploit port and vulnerability scanning
- Client-side attack with Metasploit
- Using Workspaces in Metasploit
- Remote Exploitation of Windows Server
Lab 9: AntiVirus Bypass
- Bypassing AntiVirus – Not as effective
- Bypassing AntiVirus Signature Scanning
- Bypassing Windows Defender
Lab 10: Cracking Passwords from a Linux System
- Cracking Linux Passwords
- Brute-force SSH Accounts
Lab 11: Hacking with PowerShell
- Using PowerShell to Crack Passwords
- Using PowerShell for Enumeration
Lab 12: Network Sniffing/IDS
- Sniffing Passwords with Wireshark
- Performing MitM with Cain
Lab 13: Attacking Web Applications
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities
- Broken Access Control
- Security Misconfiguration
- Cross-Site Scripting
- Insecure Deserialization
- WebApp Scanning
Prerequisites
- 12 months of Networking Experience
- Sound Knowledge of TCP/IP
- Basic Knowledge of Linux
- Microsoft Security experience
- C)PEH: Certified Professional Ethical Hacker or equivalent knowledge