C)PTE: Certified Penetration Testing Engineer
Target group
- Pen Testers
- Security Officers
- Ethical Hackers
- Network Auditors
- Vulnerability assessors
- System Owners and Managers
- Cyber Security Engineers
Description
A Certified Penetration Testing Engineer imagines all of the ways that a hacker can penetrate a data system. You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system. Our C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants. In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk.
Program
- Duration : 5 days
Module 1 – Business and Technical Logistics of Pen Testing
- Section 1 – What is Penetration Testing?
- Section 2 – Today’s Threats
- Section 3 – Staying up to Date
- Section 4 – Pen Testing Methodology
- Section 5 – Pre-Engagement Activities
Module 2 – Information Gathering Reconnaissance- Passive (External Only)
- Section 1 – What are we looking for?
- Section 2 – Keeping Track of what we find!
- Section 3 – Where/How do we find this Information?
- Section 4 – Are there tools to help?
- Section 5 – Countermeasures
Module 3 – Detecting Live Systems – Reconnaissance (Active)
- Section 1 – What are we looking for?
- Section 2 – Reaching Out!
- Section 3 – Port Scanning
- Section 4 – Are there tools to help?
- Section 5 – Countermeasure
Module 4 – Banner Grabbing and Enumeration
- Section 1 – Banner Grabbing
- Section 2 – Enumeration
Module 5 – Automated Vulnerability Assessment
- Section 1 – What is a Vulnerability Assessment?
- Section 2 – Tools of the Trade
- Section 3 – Testing Internal/External Systems
- Section 4 – Dealing with the Results
Module 6 – Hacking Operating Systems
- Section 1 – Key Loggers
- Section 2 – Password Attacks
- Section 3 – Rootkits & Their Friends
- Section 4 – Clearing Tracks
Module 7 – Advanced Assessment and Exploitation Techniques
- Section 1 – Buffer Overflow
- Section 2 – Exploits
- Section 3 – Exploit Framework
Module 8 – Evasion Techniques
- Section 1 – Evading Firewall
- Section 2 – Evading Honeypots
- Section 3 – Evading IDS
Module 9 – Hacking with PowerShell
- Section 1 – PowerShell – A Few Interesting Items
- Section 2 – Finding Passwords with PowerShell
Module 10 – Networks and Sniffing
Section 1 – Sniffing Techniques
Module 11 – Getting Around SEH and ASLR (Windows)
- Section 1 – OWASP Top 10
- Section 2 – SQL Injection
- Section 3 – XSS
Module 12 – Mobile and IoT Hacking
- Section 1 – What devices are we talking about?
- Section 2 – What is the risk?
- Section 3 – Potential Avenues to Attack
- Section 4 – Hardening Mobile/IoT Devices
Module 13 – Report Writing Basics
- Section 1 – Report Components
- Section 2 – Report Results Matrix
- Section 3 – Recommendations
Detailed lab outline :
Lab 1 – Introduction to Pen Testing Setup
- Section 1 – Recording IPs and Logging into the VMs
- Section 2 – Joining the Domain
- Section 3 – Research
Lab 2 – Using tools for reporting
- Section 1 – Setup a Shared Folder
- Section 2 – Setting up and using Dradis CE
Lab 3 – Information Gathering
- Section 1 – Google Queries
- Section 2 – Searching Shodan
- Section 3 – Maltego
- Section 4 – The many tools of OSINT
- Section 5 – Recon-ng
Lab 4 – Detecting Live Systems – Scanning Techniques
- Section 1 – Finding a target using Ping utility
- Section 2 – Footprinting a Target Using nslookup Tool
- Section 3 – Scanning a Target Using nmap Tools
- Section 4 – Scanning a Target Using Zenmap Tools
- Section 5 – Scanning a Target Using hping3 Utility
- Section 6 – Make use of the telnet utility to perform banner grabbing
Lab 5 – Enumeration
- Section 1 – OS Detection with Zenmap
- Section 2 – Enumerating services with nmap
- Section 3 – DNS Zone Transfer
- Section 4 – Enum4linux
- Section 5 – AD Enumeration
Lab 6 – Vulnerability Assessments
- Section 1 – Vulnerability Assessment with Rapid7 InsightVM
- Section 2 – Vulnerability Assessment with OpenVAS
Lab 7 – System Hacking – Windows Hacking
- Section 1 – Scanning from the Hacked System
- Section 2 – Using a Keylogger
- Section 3 – Extracting SAM Hashes for Password cracking
- Section 4 – Creating Rainbow Tables
- Section 5 – Password Cracking with Rainbow Tables
- Section 6 – Password Cracking with Hashcat
- Section 7 – Mimikatz
Lab 8 – Advanced Vulnerability and Exploitation Techniques
- Section 1 – Metasploitable Fundamentals
- Section 2 – Metasploit port and vulnerability scanning
- Section 3 – Client-side attack with Metasploit
- Section 4 – Using Workspaces in Metasploit
- Section 5 – Remote Exploitation of Windows Server
Lab 9 – AntiVirus Bypass
- Section 1 – Bypassing AntiVirus – Not as effective
- Section 2 – Bypassing AntiVirus Signature Scanning
- Section 3 – Bypassing Windows Defender
Lab 10 – Cracking Passwords from a Linux System
- Section 1 – Cracking Linux Passwords
- Section 2 – Brute-force SSH Accounts
Lab 11 – Hacking with PowerShell
- Section 1 – Using PowerShell to Crack Passwords
- Section 2 – Using PowerShell for Enumeration
Lab 12 – Network Sniffing/IDS
- Section 1 – Sniffing Passwords with Wireshark
- Section 2 – Performing MitM with Cain
Lab 13 – Attacking Web Applications
- Section 1 – OWASP TOP 10 2017 A1: Injection
- Section 2 – OWASP TOP 10 2017 A2: Broken Authentication
- Section 3 – OWASP TOP 10 2017 A3: Sensitive Data Exposure
- Section 4 – OWASP TOP 10 2017 A4: XML External Entities
- Section 5 – OWASP TOP 10 2017 A5: Broken Access Control
- Section 6 – OWASP TOP 10 2017 A6: Security Misconfiguration g
- Section 7 – OWASP TOP 10 2017 A7: Cross-Site Scripting
- Section 8 – OWASP TOP 10 2017 A8: Insecure Deserialization
- Section 9 – WebApp Scanni
Goal
Upon completion, the Certified Penetration Testing Engineer, C)PTE, candidate will have solid knowledge of testing and reporting procedures which will prepare them for upper management roles within a cybersecurity system. They will be able to competently take the C)PTE exam.
Prerequisites
- Mile2 C)PEH or equivalent knowledge
- 12 months of Networking Experience
- Sound Knowledge of TCP/IP
- Basic Knowledge of Linux
- Microsoft Security experience
- Langue : Anglais
- Niveau : Level 350
- Organisme de certification : Mile2
- Certification : Oui
- Accesibilité : Oui
- Durée : 5 Jours
Événements similaires
