5 days
This course provides the knowledge needed to plan and perform penetration tests and other security engagements, using a vendor-neutral format. This includes planning engagements, performing reconnaissance to find vulnerabilities in a target organization, exploiting vulnerable targets, and creating follow-up reports. This course maps to the CompTIA PenTest+ certification exam (PT0-001). Objective coverage is marked throughout the course.
You will benefit most from this course if you intend to become a certified penetration tester, or if you are a security professional who wishes to understand cybersecurity from an offensive perspective.
Prerequisites
This course assumes that you have some applied knowledge of computers, networks, and cybersecurity principles. Knowledge equivalent to the CompTIA Security+ certification is helpful but not necessary.
Course Outline
Chapter 1: Engagement planning
- Module A: Assessment types and goals
- Module B: The penetration testing process
- Module C: Documentation and planning
- Module D: Engagement scope
- Module E: Scripting
Chapter 2: Reconnaissance
- Module A: Reconnaissance techniques
- Module B: OSINT gathering
Chapter 3: Active Reconnaissance
- Module A: Network scanning
- Module B: Vulnerability scanning
- Module C: Application testing
Chapter 4: Leveraging target information
- Module A: Vulnerability analysis
- Module B: Exploitation techniques
Chapter 5: Exploiting organizational vulnerabilities
- Module A: Social engineering
- Module B: Physical security attacks
Chapter 6: Exploiting network vulnerabilities
- Module A: Network attacks
- Module B: Wireless attacks
Chapter 7: Exploiting applications
- Module A: Attacking insecure code
- Module B: Attacking web applications
Chapter 8: Host exploitation
- Module A: Finding host vulnerabilities
- Module B: Operating system exploits
- Module C: Post-exploitation techniques
Chapter 9: Engagement follow-up
- Module A: Report preparation
- Module B: Remediation and follow-up