Penetration Test CompTIA PenTest+
The Penetration Testing – CompTIA Pentest+ course is designed to provide participants with the knowledge and skills needed to conduct effective penetration testing of enterprise computer systems and networks. During the course, participants will gain an in-depth understanding of penetration testing principles and techniques, such as various approaches, test phases, and threat models. Additionally, participants will become familiar with various penetration testing techniques, including footprinting, port scanning, information gathering, social engineering, vulnerability assessment, and attack execution. The course will also cover penetration testing methodologies and tools, including open source and commercial tools. Participants will learn how to collect, analyze, and report penetration test results clearly and accurately. Additionally, the course will provide an overview of risk mitigation techniques and penetration test results management. During the course, participants will also become familiar with cybersecurity regulations and standards, including regulatory compliance. This course helps prepare for the CompTIA PenTest+ certification exam .
Course Objectives
Below is a summary of the main objectives of the CompTIA PenTest+ Penetration Test Course :
- Provide knowledge and skills to conduct effective penetration tests on computer systems and corporate networks.
- Deepen the principles and techniques of penetration testing, including approaches, phases, and threat models.
- Learn how to use penetration testing techniques such as footprinting, port scanning, and social engineering.
- Gain skills in using penetration testing tools, both open source and commercial.
- Develop skills in collecting, analyzing, and reporting penetration test results.
- Apply advanced network reconnaissance techniques, including active and passive information gathering.
- Perform vulnerability exploitation using various tools and methodologies, focusing on both known and zero-day vulnerabilities.
- Execute comprehensive penetration testing scenarios that simulate real-world attack scenarios and assess defense mechanisms.
Course Certification
This course helps you prepare to take the:
PT0-002 CompTIA PenTest+ Exam;
Course Outline
Planning and Scoping Penetration Tests
- Introduction to Penetration Testing Concepts
- Plan a Pen Test Engagement
- Scope and Negotiate a Pen Test Engagement
- Prepare for a Pen Test Engagement
Conducting Passive Reconnaissance
- Gather Background Information
- Prepare Background Findings for Next Steps
Performing Non-Technical Tests
- Perform Social Engineering Tests
- Perform Physical Security Tests on Facilities
Conducting Active Reconnaissance
- Scan Networks
- Enumerate Targets
- Scan for Vulnerabilities
- Analyze Basic Scripts
Analyzing Vulnerabilities
- Analyze Vulnerability Scan Results
- Leverage Information to Prepare for Exploitation
Penetrating Networks
- Exploit Network-Based Vulnerabilities
- Exploit Wireless and RF-Based Vulnerabilities
- Exploit Specialized Systems
Exploiting Host-Based Vulnerabilities
- Exploit Windows-Based Vulnerabilities
- Exploit *nix-Based Vulnerabilities
Testing Applications
- Exploit Web Application Vulnerabilities
- Test Source Code and Compiled Apps
Completing Post-Exploit Tasks
- Use Lateral Movement Techniques
- Use Persistence Techniques
- Use Anti-Forensics Techniques
Analyzing and Reporting Pen Test Results
- Analyze Pen Test Data
- Develop Recommendations for Mitigation Strategies
- Write and Handle Reports
- Conduct Post-Report-Delivery Activities
Laboratory Activities
- Exploring the pentest+ lab environment
- Exploring the pentest+ lab environment: kali linux
- Planning and scoping penetration tests
- Preparing to go live
- Conducting passive reconnaissance
- Gathering open source intelligence (osint) using whois
- Gathering open source intelligence (osint) using domain name resolution
- Gathering open source intelligence (osint) using shodan search engine
- Gathering osint on a domain using recon-ng
- Gathering osint on a domain using maltego
- Strategizing usage of osint findings (analysis activity)
- Preparing background findings for next steps (analysis activity)
- Performing non-technical tests
- Baiting users with usb thumb drives
- Crafting malicious payload with msfvenom
- Harvesting credentials through phishing
- Pharming attack with social engineering tool (set)
- Performing physical security tests on facilities (analysis activity)
- Conducting active reconnaissance
- Scanning networks with nmap: ping sweep, port scan, stealth scan
- Services fingerprinting and os detection with nmap: nmap scripting engine (nse)
- Scanning networks with metasploit modules
- Banner grabbing through telnet
- Os fingerprinting through ping and ttl
- Enumerating targets with metasploit
- Enumerating targets with rpcclient
- Scanning for system vulnerabilities using openvas
- Scanning for web app vulnerabilities using arachni
- Website enumeration with dirbuster
- Website enumeration with nikto
- Analyzing a basic port scan script in python
- Analyzing vulnerabilities
- Analyzing vulnerability scan results (analysis activity)
- Using common vulnerabilities and exposures (cve) to analyze vulnerabilities
- Using common vulnerability scoring system (cvss) for risk assessment
- Leveraging information to prepare for exploitation (analysis activity)
- Penetrating networks
- Sniffing cleartext protocols
- Intercepting file transmissions on the network
- Man in the middle through arp poisoning
- Using arpspoof and ettercap for arp poisoning
- Using dsniff and wireshark for traffic sniffing
- Exploiting host-based vulnerabilities
- Exploiting smb vulnerabilities in windows
- Managing meterpreter sessions
- Exploiting password vulnerabilities in windows
- Dumping credential hashes and the security account manager (sam)
- Gaining access throuhg pass the hash attack
- Exploiting linux-based vulnerabilities: hail mary attack with armitage
- Online credential cracking with hydra
- Offline crdential cracking with john the ripper
- Offline crdential cracking with hashcat
- Brute forcing credentials with a dictionary list
- Customizing masks and charset for credential brute force
- Generating customized dictionary lists with crunch
- Testing applications
- Exploiting security misconfigurations in web apps
- Leveraging missing access controls
- Poison null byte
- Directory traversal
- Command injection
- Exploiting sql injection vulnerabilities in web apps
- Stacking sql queries with union select
- Exploiting xss vulnerabilities in web apps
- Reflected cross site scripting (xss)
- Persistent cross site scripting (xss)
- Dom-based cross site scripting (xss)
- Cross site request forgery (csrf)
- Exploiting authentication and authorization vulnerabilities in web apps
- Predicting weakly constructed session identifier (sid) in web sessions
- Session hijacking through cookie grabbing and manipulation
- Attacking a web application using an interceptor proxy: burp suite
- Fuzzing a compiled application
- Conducting static and dynamic analysis
- Completing post-exploit tasks
- Pivoting from one host to another
- Migrating malicious code between running processes
- Installing a persistent backdoor and gaining persistence
- Bind and reverse shell with netcat
- Exfiltrating sensitive data and capturing keystroke
- Anti-forensics techniques: tampering timestamps, stealing process identifiers (pids), clearing logs
- Analyzing and reporting pen test results
- Analyzing pen test data (analysis activity)
- Recommending mitigation strategies (analysis activity)
- Writing and handling reports (analysis activity)
- Performing post-engagement cleanup tasks
- Performing additional follow-up activities (analysis activity)
Course Mode
Instructor-Led Remote Live Classroom Training;
Trainers
Trainers are Authorized CompTIA Instructors and certified in other IT technologies, with years of hands-on experience in the industry and in Training.
Lab Topology
For all types of delivery, the Trainee can access real Cisco equipment and systems in our laboratories or directly at the Cisco data centers remotely 24 hours a day. Each participant has access to implement the various configurations thus having a practical and immediate feedback of the theoretical concepts.
Here are some Cisco Labs network topologies available:
Course Details
Course Prerequisites
Before taking this course, you should have: Basic computer literacy; Basic PC operating system; Navigation skills Basic; Internet usage skills; Basic IP address knowledge.
Course Duration
Intensive duration 5 days
Course Frequency
Course Duration: 5 days (9.00 to 17.00) - Ask for other types of attendance.
Course Date
- Penetration Test course (Intensive Formula) – On request – 9:00 – 17:00
Steps to Enroll
Registration takes place by asking to be contacted from the following link, or by contacting the office at the international number +355 45 301 313 or by sending a request to the email info@hadartraining.com