top of page

Self Paced CompTIA PenTest+ (PT0-002)

Price

$199.00

Duration

40 Hours

About the Course

Lesson 1: Introduction to Ethical Hacking and Penetration Testing (1 hour and 36 minutes)

  • Understanding Ethical Hacking and Penetration Testing (24 minutes)

    • Why Do We Need to Do Penetration Testing?

    • Threat Actors

  •  

  • Exploring Penetration Testing Methodologies (36 minutes)

    • Why Do We Need to Follow a Methodology for Penetration Testing?

    • Environmental Considerations

    • Surveying Different Standards and Methodologies

  •  

  • Building Your Own Lab (36 minutes)

    • Requirements and Guidelines for Penetration Testing Labs

    • What Tools Should You Use in Your Lab?

    • What if You Break Something?

  •  

  • Summary

  • Case Study

  • Quiz

Lesson 2: Planning and Scoping a Penetration Testing Assessment (2 hours)

  • Comparing and Contrasting Governance, Risk, and Compliance Concepts (1 hour)

    • Regulatory Compliance Considerations

    • Local Restrictions

    • Legal Concepts

    • Contracts

    • Disclaimers

  •  

  • Explain the Importance of Scoping and Organizational or Customer Requirements (48 minutes)

    • Rules of Engagement

    • Target List and In - Scope Assets

    • Validating the Scope of Engagement

    • Strategy: Unknown vs. Known Environment Testing

  •  

  • Demonstrating an Ethical Hacking Mindset by Maintaining Professionalism and Integrity (12 minutes)

  • Summary

  • Case Study

  • Quiz

Lesson 3: Design and implement routing (3 hours and 12 minutes)

  • Performing Passive Reconnaissance (1 hour and 36 minutes)

    • Active Reconnaissance vs. Passive Reconnaissance

    • DNS Lookups

    • Identification of Technical and Administrative Contacts

    • Cloud vs. Self - Hosted Applications and Related Subdomains

    • Social Media Scraping

    • Cryptographic Flaws

    • Company Reputation and Security Posture

    • Open - Source Intelligence (OSINT) Gathering

  •  

  • Performing Active Reconnaissance (36 minutes)

    • Nmap Scan Types

    • Types of Enumeration

    • Packet Inspection and Eavesdropping

  •  

  • Understanding the Art of Performing Vulnerability Scans (36 minutes)

    • How a Typical Automated Vulnerability Scanner Works

    • Types of Vulnerability Scans

    • Challenges to Consider When Running a Vulnerability Scan

  •  

  • Understanding How to Analyze Vulnerability Scan Results (24 minutes)

    • Sources for Further Investigation of Vulnerabilities

    • How to Deal with a Vulnerability

  •  

  • Summary

  • Case Study

  • Quiz

Lesson 4: Social Engineering Attacks (2 hours and 36 minutes)

  • Pretexting for an approach and Impersonation (12 minutes)

  • Social Engineering Attacks (48 minutes)

    • Email Phishing

    • Short Message Service (SMS) Phishing

    • Universal Serial Bus (USB) Drop Key

    • Watering Hole Attacks

  •  

  • Physical Attacks (48 minutes)

    • Tailgating

    • Dumpster Diving

    • Shoulder Surfing

    • Badge Cloning

  •  

  • Social Engineering Tools (36 minutes)

    • Social-Engineer Toolkit (SET)

    • Browser Exploitation Framework (BeEF)

    • Call Spoofing Tools

  •  

  • Methods of Influence (12 minutes)

  • Summary

  • Case Study

  • Quiz

Lesson 5: Exploiting Wired and Wireless Networks (6 hours)

  • Exploiting Network-Based Vulnerabilities (3 hours)

    • Windows Name Resolution and SMB Attacks

    • SMB Exploits

    • DNS Cache Poisoning

    • SNMP Exploits

    • SMTP Exploits

    • FTP Exploits

    • Pass-the-Hash Attacks

    • Kerberos and LDAP-Based Attacks

    • Kerberoasting

    • On-Path Attacks

    • Route Manipulation Attacks

    • DoS and DDoS Attacks

    • Network Access Control (NAC) Bypass

    • VLAN Hopping

    • DHCP Starvation Attacks and Rogue DHCP Servers

  •  

  • Exploiting Wireless Vulnerabilities (3 hours)

    • Rogue Access Points

    • Evil Twin Attacks

    • Dissociation (or Deauthentication) Attacks

    • Preferred Network List Attacks

    • Wireless Signal Jamming and Interference

    • War Driving

    • Initialization Vector (IV) Attacks and Unsecured Wireless Protocols

    • Karma Attacks

    • Fragmentation Attacks

    • Credential Harvesting

    • Bluejacking and Bluesnarfing

    • Bluetooth Low Energy (BLE) Attacks

    • Radio-Frequency Identification (RFID) Attacks

    • Password Spraying

    • Exploit Chaining

  •  

  • Summary

  • Case Study

  • Quiz

Lesson 6: Exploiting Application-Based Vulnerabilities (6 hours and 12 minutes)

  • Overview of Web Application-Based Attacks for Security Professionals and the OWASP Top 10 (36 minutes)

    • The HTTP Protocol

    • Web Sessions

    • OWASP Top 10

  •  

  • How to Build Your Own Web Application Labs (12 minutes)

  • Understanding Business Logic Flaws (12 minutes)

  • Understanding Injectionp0Based Vulnerabilities (36 minutes)

    • SQL Injection Vulnerabilities

    • Command Injection Vulnerabilities

    • Lightweight Director Access Protocols (LDAP) Injection Vulnerabilities

  •  

  • Exploiting Authentication-Based Vulnerabilities (48 minutes)

    • Session Hijacking

    • Redirect Attacks

    • Default Credentials

    • Kerberos Vulnerabilities

  •  

  • Exploiting Authorization-Based Vulnerabilities (24 minutes)

    • Parameter Pollution

    • Insecure Direct Object Reference Vulnerabilities

  •  

  • Understanding Cross-Site Scription (XSS) Vulnerabilities (48 minutes)

    • Reflected XSS Attacks

    • Stored XSS Attacks

    • XSS Evasion Techniques

    • XSS Mitigations

  •  

  • Understanding Cross-Site Request Forgery (CSRF/XSR) and Server-Side Request (12 minutes)

    • Forgery Attacks

  •  

  • Understanding Clickjacking (12 minutes)

  • Exploiting Security Misconfigurations (24 minutes)

    • Exploiting Directory Traversal Vulnerabilities

    • Cookie Manipulation Attacks

  •  

  • Exploiting File Inclusion Vulnerabilities (24 minutes)

    • Local File Inclusion Vulnerabilities

    • Remote Insecure Vulnerabilities

  •  

  • Exploiting Insecure Code Practices (1 hour and 24 minutes)

    • Comments in Source Code

    • Lack of Error Handling and Overly Verbose Error Handling

    • Hard-Coded Credentials

    • Race Conditions

    • Unprotected APIs

    • Hidden Elements

    • Additional Web Application Hacking Tools

Lesson 7: Cloud, Mobile, and IoT Security (3 hours and 36 minutes)

  • Researching Attack Vectors and Performing Attacks on Cloud Technologies (1 hour and 48 minutes)

    • Credential Harvesting

    • Privilege Escalation

    • Account Takeover

    • Metadata Service Attacks

    • Attacks Against Misconfigured Cloud Assets

    • Resource Exhaustion and DoS Attacks

    • Cloud Malware Injection Attacks

    • Side - Channel Attacks

    • Tools and Software Development Kits (SDKs)

  •  

  • Explaining Common Attacks and Vulnerabilities Against Specialized Systems (1 hour and 48 minutes)

    • Attacking Mobile Devices

    • Attacking Internet of Things (IoT) Devices

    • Analyzing IoT Protocols

    • IoT Security Special Considerations

    • Common IoT Vulnerabilities

    • Data Storage System Vulnerabilities

    • Management Interface Vulnerabilities

    • Exploiting Virtual Machines

    • Vulnerabilities Related to Containerized Workloads

Lesson 8: Performing Post-Exploitation Techniques (1 hour and 36 minutes)

  • Creating a Foothold and Maintaining Persistence After Compromising a System (48 minutes)

    • Reverse and Bind Shells

    • Command and Control (C2) Utilities

    • Scheduled Jobs and Tasks

    • Custom Daemons, Processes, and Additional Backdoors

    • New Users

  •  

  • Understanding How to Perform Lateral Movement, Detection Avoidance, and Enumeration (48 minutes)

    • Post-Exploitation Scanning

    • Legitimate Utilities and Living Off the Land

    • Post-Exploitation Privilege Escalation

    • How to Cover Your Tracks

Lesson 9: Reporting and Communication (2 hours and 36 minutes)

  • Comparing and Contrasting Important Components of Written Reports (48 minutes)

    • Report Contents

    • Storage Time for Report and Secure Distribution

    • Note Taking

    • Common Themes/Root Causes

  •  

  • Analyzing the Findings and Recommending the Appropriate Remediation Within a Report (48 minutes)

    • Technical Controls

    • Administrative Controls

    • Operational Controls

    • Physical Controls

  •  

  • Explaining the Importance of Communication During the Penetration Testing Process (36 minutes)

    • Communication Triggers

    • Reasons for Communication

    • Goal Reprioritization and Presentation of Findings

  •  

  • Explaining Post - Report Delivery Activities (24 minutes)

    • Post-Engagement Cleanup

    • Additional Post-Report Delivery Activities

Lesson 10 Tools and Code Analysis (5 hours)

  • Understanding the Basic Concepts of Scripting and Software Development (2 hours and 36 minutes)

    • Logic Constructs

    • Data Structures

    • Libraries

    • Procedures

    • Functions

    • Classes

    • Analysis of Scripts and Code Samples for Use in Penetration Testing

    • The Bash Shell

    • Resources to Learn Python

    • Resources to Learn Ruby

    • Resources to Learn PowerShell

    • Resources to Learn Perl

    • Resources to Learn JavaScript

  •  

  • Understanding the Different Use Cases of Penetration Testing Tools and Analyzing Exploit Code (2 hours and 24 minutes)

    • Penetration Testing-Focused Linux Distributions

    • Common Tools for Reconnaissance and Enumerations

    • Common Tools for Vulnerability Scanning

    • Common Tools for Credential TTACKS

    • Common Tools for Persistence

    • Common Tools for Evasion

    • Exploitation Frameworks

    • Common Decompilation, Disassembly, and Debugging Tools

    • Common Tools for Forensics

    • Common Tools for Software Assurance

    • Steganography Tools

    • Cloud Tools

bottom of page