Currently Empty: $0.00
Become a Certified Penetration Testing Professional C|PENT
Certified Penetration Testing Professional C|PENT
WHAT IS THE C|PENT COURSE?
A rigorous Penetration Testing program that, unlike contemporary Penetration Testing courses, teaches you how to perform an effective Penetration test across filtered networks. C|PENT is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation. In summary, there is no program of its kind in the world!
Years of research indicate that the majority of Penetration Testing professionals have gaps in their skills when it comes to multiple disciplines. The metrics also prove that when the targets are not located on the same or a directly connected and reachable segment, very few can perform as well as they do when it is direct and on a flat network.
The C|PENT range, which is where our Penetration Testers gain real-world skills, is designed to provide challenges across every level of the attack spectrum. Additionally, the range contains multiple layers of network segmentation, and once access is gained in one segment, the latest pivoting techniques are required to reach the next segment. Many of the challenges will require outside the-box thinking and customization of scripts and exploits to get into the innermost segments of the network. The key to being a highly skilled Penetration Tester is to go up against various targets that are configured in a variety of ways. The C|PENT consists of entire network segments that replicate an enterprise network — this is not a computer game simulation; this is an accurate representation of an enterprise network that will present the latest challenges to the Penetration Tester. Since the targets and technology continue to change, the C|PENT is dynamic, and machines and defenses will be added as they are observed in the wild. Finally, the targets and segments are progressive in nature. Once you get into one machine and or segment, the next one will challenge you even more.
For the first time in the industry, the assessment for the Certified Penetration Testing Professional (C|PENT) is about multiple disciplines and not just one or two specialty types.
The course is presented through an enterprise network environment that must be attacked, exploited, evaded, and defended.
EC-Council’s C|PENT assess a Penetration Tester’s skills across a broad spectrum of “network zones”.
What makes the C|PENT different is the requirement to be provided a variety of different scopes of work so that the candidate can “think on their feet.”
The result of this is that there are different zones representing different types of testing.
Anyone attempting the test will have to perform their assessment against
these different zones.
With C|PENT, Learn Next-Generation Techniques and Methodologies for Handling Real-World Threat Situations
The following are 12 reasons that make the C|PENT Program one of a kind. This exceptional course can make you one of the most advanced Penetration Testers in the world. The course has one purpose: To help you overcome some of the most advanced obstacles that real-world practitioners face when conducting Penetration tests. Here are some examples of the challenges you will face when you are exposed to the C|PENT Range
- ADVANCED WINDOWS ATTACKS
- ATTACKING IOT SYSTEMS
- WRITING EXPLOITS: ADVANCED BINARIES EXPLOITATION
- BYPASSING A FILTERED NETWORK
- PENTESTING OPERATIONAL TECHNOLOGY (OT)
- ACCESS HIDDEN NETWORKS WITH PIVOTING
- DOUBLE PIVOTING
- PRIVILEGE ESCALATION
- EVADING DEFENSE MECHANISMS
- ATTACK AUTOMATION WITH SCRIPTS
- BUILD YOUR ARMORY: WEAPONIZE YOUR EXPLOITS
- WRITE PROFESSIONAL REPORTS
Certified Penetration Testing Professional
C|PENT
Module 01: Introduction to Penetration Testing and Methodologies
- Penetration Testing Concepts
- LPT Penetration Testing Methodology
- Guidelines and Recommendations for Penetration Testing
Module 02: Penetration Testing Scoping and Engagement
- Request for Proposal
- Preparing Response Requirements for Proposal Submission
- Setting the Rules of Engagement
- Establishing Communication Lines
- Timeline
- Time/Location
- Frequency of meetings
- Time of Day
- Identifying Personnel for Assistance
- Handling Legal Issues in Penetration Testing Engagement
- Preparing for the Test
- Handling Scope Creeping During Pen Testing
Module 03: Open Source Intelligence (OSINT)
- OSINT through the WWW
- OSINT through Website Analysis
- OSINT through DNS Interrogation
- Automating the OSINT Process using Tools/Frameworks/Scripts
Module 04: Social Engineering Penetration Testing
- Social Engineering Penetration Testing Concepts
- Social Engineering Penetration Testing Using E-mail Attack Vector
- Social Engineering Penetration Testing Using Telephone Attack Vector
- Social Engineering Penetration Testing Using Physical Attack Vector
- Reporting and Countermeasures/Recommendations
Module 05: Network Penetration Testing - External
- Port Scanning
- OS and Service Fingerprinting
- Vulnerability Research
- Exploit Verification
Module 06: Network Penetration Testing - Internal
- Footprinting
- Network Scanning
- OS and Service Fingerprinting
- Enumeration
- Vulnerability Assessment
- Windows Exploitation
- Unix/Linux Exploitation
- Other Internal Network Exploitation Techniques
- Automating Internal Network Penetration Test Effort
- Post Exploitation
- Advanced Tips and Techniques
Module 07: Network Penetration Testing - Perimeter Devices
- Assessing Firewall Security Implementation
- Assessing IDS Security Implementation
- Assessing Security of Routers
- Assessing Security of Switches
Module 08: Web Application Penetration Testing
- Discover Web Application Default Content
- Discover Web Application Hidden Content
- Conduct Web Vulnerability Scanning
- Test for SQL Injection Vulnerabilities
- Test for XSS Vulnerabilities
- Test for Parameter Tampering
- Test for Weak Cryptography Vulnerabilities
- Tests for Security Misconfiguration Vulnerabilities
- Test for Client-Side Attack
- Tests for Broken Authentication and Authorization Vulnerabilities
- Tests for Broken Session Management Vulnerabilities
- Test for Web Services Security
- Test for Business Logic Flaws
- Test for Web Server Vulnerabilities
- Test for Thick Clients Vulnerabilities
- WordPress Testing
Module 09: Wireless Penetration Testing
- Wireless Local Area Network (WLAN) Penetration Testing
- RFID Penetration Testing
- NFC Penetration Testing
Module 10: IoT Penetration Testing
- IoT Attacks and Threats
- IoT Penetration Testing
Module 11: OT and SCADA Penetration Testing
- OT/SCADA Concepts
- Modbus
- ICS and SCADA Pen Testing
Module 12: Cloud Penetration Testing
- Cloud Penetration Testing
- AWS Specific Penetration Testing
- Azure Specific Penetration Testing
- Google Cloud Platform Specific Penetration Testing
Module 13: Binary Analysis and Exploitation
- Binary Coding Concepts
- Binary Analysis Methodology
Module 14: Report Writing and Post Testing Actions
- Penetration Testing Report: An Overview
- Phases of Report Development
- Report Components
- Penetration Testing Report Analysis
- Penetration Testing Report Delivery
- Post-Testing Actions for Organizations