EC-Council Licensed Penetration Tester (Master)
Description
The Advanced Penetration Testing Course by EC-Council was created as the progression after the ECSA (Practical) to prepare those that want to challenge the Licensed Penetration Tester (Master) certification and be recognised as elite penetration testing professionals. Our training has been designed by the best in the industry and meant to push you to develop the kind of skill that you've been waiting to acquire
LPT (Master) training is not comfortable (and the exam is even worse!) , but filled with intense stress meant to illicit the best from you. Those who prevail will have developed an instinctual and intellectual response to real world penetration testing challenges
Target group
- Penetration Testers
- Network Administrators
- IT Auditors
- Information Security
- Engineers
- Security Consultants
Program
- Duration : 5 days
- Module 1: Introduction to Vulnerability Assessment and Penetration Testing
- Module 2: Information Gathering Methodology
- Module 3: Scanning and Enumeration
- Module 4:Identify Vulnerabilities
- Module 5: Operating
- Module 6: Post Operation
- Module 7: Advanced Tips and Techniques
- Module 8: Preparing a Report
- Module 9: Practice Ranges
Goal
- Demonstrate a repeatable and measurable approach to Penetration Testing
- Perform advanced techniques and attacks to identify SQL injection, Cross site scripting (XSS),LFI, RFI vulnerabilities in web applications
- Perform privilege escalation to gain root access to a system Demonstrate 'Out-of-the-box' and 'lateral' thinking
- Get access to proprietary EC-Council Penetration Testing methodologies
- Exploit vulnerabilities in Operating systems such as Windows, Linux
- Identify and bypass perimeter protections
- In an enterprise network their will be protections, you will learn how to identify the protections in place and bypass them to extract the data even when protected with IPS and endpoint protections
- Perl, Python and Ruby scripting for the penetration tester
- As a practitioner you have to be able to modify and change the methods of attacking an enterprise network, this requires custom scripting to defeat signature and anomaly based protection mechanisms
- Advanced post exploitation and persistence.
- Gaining access is a small part of a professional penetration test, once you have the access, the ability to move laterally, and exfiltrate the data from the enterprise requires post exploitation skills
- Extending Metasploit with custom modules and exploits
- To use open source code in a penetration test requires knowledge of the modules, and the ability to customize them based on the data you have obtained from the targets
- Pivoting from external into internal networks
- Virtually all enterprise networks have external facing
machines as well as internal intranet machines, the preferred way to access these is through pivoting and using the initial source of access to leverage your way into the enterprise intranet
- Virtually all enterprise networks have external facing
- Avoiding the most common mistakes when drafting a professional penetration testing report
- Having skills is one thing, but being able to provide tangible findings to the enterprise client is critical for a professional penetration tester.
Recommended
- Language : English
- Certification body : EC-Council
- Certification: Yes
- Accessibility : Yes
- Duration: 5 days
Important information:
Our courses are not registered with the Répertoire National des Certifications Professionnelles (RNCP), but they do comply with the requirements of the Répertoire Spécifique (RS).
English 
French