Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Penetration Testing Consultant
Description
Certified Penetration Testing Consultant Introduction
Welcome to the Certified Penetration Testing Consultant course, a comprehensive program designed to elevate the skills of IT security professionals and network administrators in the realm of cybersecurity. This advanced training dives into the critical techniques of penetration testing, focusing on the exploitation of both Windows and Linux operating systems.
Participants will gain a deep understanding of complex security measures such as DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) and learn to execute sophisticated attacks including buffer overflows.
This course is meticulously structured to enhance your technical acumen and prepare you for leadership roles in cybersecurity.
Through hands-on experiences and collaborative learning, you will become proficient in navigating the challenges of penetration testing, making strategic decisions, and leading a team effectively in high-stakes environments.
Certified Penetration Testing Consultant Course Objectives
- Master Operating Systems Exploitation: Learn to identify vulnerabilities and exploit Windows and Linux systems using advanced penetration techniques.
- Understand Security Protocols: Gain in-depth knowledge of security features like DEP and ASLR, and how to bypass them during testing.
- Develop Buffer Overflow Skills: Acquire the ability to perform buffer overflow attacks, a critical skill for advanced penetration testing.
- Enhance Team Collaboration: Improve collaboration and leadership skills necessary for working effectively within a cybersecurity team.
- Practical Exposure: Engage in practical exercises that simulate real-world cybersecurity threats, enhancing hands-on experience and readiness for professional challenges.
Certified Penetration Testing Consultant Exam Information
- A hands-on penetration test that requires finding specific flags and writing a complete report.
- The first exam assesses the flags found during the hands-on exam, while the second exam is a 2-hour, 100 multiple-choice questions exam that requires a passing score of 70%.
- Online exams through Mile2’s Assessment and Certification System (“MACS”).
Prerequisites
Before enrolling in this course, participants should meet the following prerequisites:
- Completion of Mile2 C)PEH and C)PTE courses or equivalent knowledge
- Minimum of 2 years of experience in Networking Technologies
- Sound knowledge of TCP/IP
- Understanding of computer hardware
Audience
This course is tailored for a range of professionals, including:
- IS Security Officers
- Cybersecurity Managers/Administrators
- Penetration Testers
- Ethical Hackers
- Auditors
Certified Penetration Testing Consultant Outline
Accreditation:
Mile2 is accredited by the NSA-CNSS, approved on the Homeland Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.
Outline
Module 1 – Pentesting Team Foundation
- Project Management
- Pentesting Metrics
- Team Roles, Responsibilities and Benefits
Lab Exercise – Skills Assessment
Module 2 – NMAP Automation
- NMAP Basics
- NMAP Automation
- NMAP Report Documentation
Lab Exercise – Automation Breakdown
Module 3 – Exploitation Processes
- Purpose
- Countermeasures
- Evasion
- Precision Strike
- Customized Exploitation
- Tailored Exploits
- Zero Day Angle
- Example Avenues of Attack
- Overall Objective of Exploitation
Module 4 – Fuzzing with Spike
- Vulnserver
- Spike Fuzzing Setup
- Fuzzing a TCP Application
- Custom Fuzzing Script
Lab Exercise – Fuzzing with Spike
Module 5 – Privilege Escalation
- Exploit-DB
- Immunity Debugger
- Python
- Shellcode
Lab Exercise – Let’s Crash and Callback
Module 6 – Stack Based Windows Buffer Overflow
- Debugger
- Vulnerability Research
- Control EIP, Control the Crash
- JMP ESP Instruction
- Finding the Offset
- Code Execution and Shellcode
- Does the Exploit Work?
Lab Exercise – MiniShare for the Win
Module 7 – Web Application Security and Exploitation
- Web Applications
- OWASP Top 10 – 2017
- Zap
- Scapy
Module 8 – Linux Stack Smashing
- Exploiting the Stack on Linux
Lab Exercise – Stack Overflow. Did we get root?
Module 9 – Linux Address Space Layout Randomization
- Stack Smashing to the Extreme
Lab Exercise – Defeat Me and Lookout ASLR
Module 10 – Windows Exploit Protection
- Introduction to Windows Exploit Protection
- Structured Exception Handling
- Data Execution Prevention (DEP)
- SafeSEH/SEHOP
Module 11 – Getting Around SEH and ASLR (Windows)
- Vulnerable Server Setup
- Time to Test it Out
- “Vulnserver” meets Immunity
- VulnServer Demo
Lab Exercise – Time to overwrite SEH and ASLR
Module 12 – Penetration Testing Report Writing
PreRequisites
- Mile2 C)PEH and C)PTE or equivalent knowledge
- 2 years of experience in Networking Technologies
- Sound Knowledge of TCP/IP
- Computer Hardware Knowledge
Audience
The Certified Penetration Testing Consultant course is the most advnaced training in mile2`s line of penetration testing courses and certifications. The course prepares students to consult organizations of any size on security by performing penetration test. We assume that people taking this course understand penetration testing and are looking to enhance their skills to the next level. We strongly encourage passing the C)PTE: Certified Penetration Testing Engineer Exam before taking this course or having the equivalent industry experience.
Who Should Attend:
- IS Security Officers
- Cybersecurity Managers/Administrators
- Penetration Testers
- Ethical Hackers
- Auditors
$4000.00
|
4 Days Course |