Logo

Maxtrain.com - [email protected] - 513-322-8888 - 866-595-6863

M2-CPTC

Certified Penetration Testing Consultant

MILE2-Federal-Approval_Certified-Penetration-Testing-Consultant

Description

The Certified Penetration Testing Consultant, C)PTC , course is designed for IT Security Professionals and IT Network Administrators who are interested in taking an in-depth look into specific penetration testing and techniques used against operating systems. This course will teach you the necessary skills to work with a penetration testing team, the exploitation process, and how to create a buffer overflow against programs running on Windows and Linux while subverting features such as DEP and ASLR.

Upon completion, the Certified Penetration Testing Consultant, C)PTC, candidate will have solid knowledge of testing and reporting procedures which will prepare them for upper management roles within a cybersecurity system. They will be able to competently take the C)PTC exam.

The Certified Penetration Testing Consultant exam consists of two parts. The first part is a completely hands-on penetration test in which the examinee will find specific flags and write a complete report. The second part are the exams through the online Mile2’s Assessment and Certification System (“MACS”). The examinee will take two exams. One is a few questions selecting the flags found during the hands-on exam and the second is an exam that will take 2 hours and consist of 100 multiple-choice questions. The hands-on exam requires 4 of 5 systems to be exploited and the 2nd exam requires a 70% passing score. The online exams are accessible in your mile2.com account.

Mile2 is Accredited by the NSA-CNSS, Approved on Homelands Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.

Outline

Module 1 – Pentesting Team Foundation

  1. Project Management
  2. Pentesting Metrics
  3. Team Roles, Responsibilities and Benefits

Lab Exercise – Skills Assessment 

Module 2 – NMAP Automation 

  1. NMAP Basics
  2. NMAP Automation
  3. NMAP Report Documentation

Lab Exercise – Automation Breakdown 

Module 3 – Exploitation Processes 

  1. Purpose
  2. Countermeasures
  3. Evasion
  4. Precision Strike
  5. Customized Exploitation
  6. Tailored Exploits
  7. Zero Day Angle
  8. Example Avenues of Attack
  9. Overall Objective of Exploitation

Module 4 – Fuzzing with Spike

  1. Vulnserver
  2. Spike Fuzzing Setup
  3. Fuzzing a TCP Application
  4. Custom Fuzzing Script

Lab Exercise – Fuzzing with Spike 

Module 5 – Privilege Escalation 

  1. Exploit-DB
  2. Immunity Debugger
  3. Python
  4. Shellcode

Lab Exercise – Let’s Crash and Callback 

Module 6 – Stack Based Windows Buffer Overflow

  1. Debugger
  2. Vulnerability Research
  3. Control EIP, Control the Crash
  4. JMP ESP Instruction
  5. Finding the Offset
  6. Code Execution and Shellcode
  7. Does the Exploit Work?

Lab Exercise – MiniShare for the Win 

Module 7 – Web Application Security and Exploitation

  1. Web Applications
  2. OWASP Top 10 - 2017
  3. Zap
  4. Scapy

Module 8 – Linux Stack Smashing 

  1. Exploiting the Stack on Linux

Lab Exercise – Stack Overflow. Did we get root? 

Module 9 – Linux Address Space Layout Randomization 

  1. Stack Smashing to the Extreme

Lab Exercise – Defeat Me and Lookout ASLR 

Module 10 – Windows Exploit Protection

  1. Introduction to Windows Exploit Protection
  2. Structured Exception Handling
  3. Data Execution Prevention (DEP)
  4. SafeSEH/SEHOP

Module 11 – Getting Around SEH and ASLR (Windows)

  1. Vulnerable Server Setup
  2. Time to Test it Out
  3. “Vulnserver” meets Immunity
  4. VulnServer Demo

Lab Exercise – Time to overwrite SEH and ASLR 

Module 12 – Penetration Testing Report  Writing

PreRequisites

  • Mile2 C)PEH and C)PTE or equivalent knowledge

  • 2 years of experience in Networking Technologies

  • Sound Knowledge of TCP/IP

  • Computer Hardware Knowledge

Audience

The Certified Penetration Testing Consultant course is the most advnaced training in mile2`s line of penetration testing courses and certifications. The course prepares students to consult organizations of any size on security by performing penetration test. We assume that people taking this course understand penetration testing and are looking to enhance their skills to the next level. We strongly encourage passing the C)PTE: Certified Penetration Testing Engineer Exam before taking this course or having the equivalent industry experience.

Who Should Attend:

  • IS Security Officers

  • Cybersecurity Managers/Administrators

  • Penetration Testers

  • Ethical Hackers

  • Auditors

Starting From

$995.00

$3500.00 List Price

4 Days Course

Class Dates

Early Bird Saving
$3150.00
Remote Live

This class runs from 10:00 AM to 05:00 PM EDT

$995.00


MAX Educ. Savings
Category:
Loading ...