$950.00 On-Demand Learning

Overview

Course Includes:

  • Individual Course Access
  • Course Video
  • E-Workbook
  • E-Prep & Lab Guide
  • Exam
  • 2 Week Cyber Range
  • 1 Year Exam Voucher

Prerequisites:

  • C)PTE or equivalent knowledge
  • A minimum of 24 months of experience in Networking Technologies
  • Sound knowledge of TCP/IP
  • Computer hardware knowledge

Student Materials:

  • Student Workbook
  • Student Lab guide
  • Exam Prep Guide

Certification Exams:

Mile2 C)PTC

CPEs: 40

The vendor-neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in taking an in-depth look into specific Penetration tests and techniques against operating systems. This course will teach you the necessary skills to work as a penetration testing team, the exploitation process, how to create a buffer overflow against programs running on Windows and Linux while subverting features such as DEP and ASLR. This course will guide you through the OWASP Top 10, teach you how to create shellcode to gain remote code execution, as well as, teach you to build and understand different proof of concept code based on exploits pulled from exploit-db and testing using a debugger. The course starts by explaining how to build the right penetration testing team, covers scanning with NMAP, leading into the exploitation process, a little fuzzing with spike to help guide our proof of concept code, writing buffer overflows, understanding OWASP, Linux stack smashing, Windows exploit protection and getting around those protection methods, a section on report writing, and capping off the course with a scenario that will test your skills as a penetration testing team.

Description

Course Outline

  • Module 1 – Pen Testing Team Formation
  • Module 2 – NMAP Automation
  • Module 3 – Exploitation Process
  • Module 4 – Fuzzing with Spike
  • Module 5 – Simple Buffer Overflow
  • Module 6 – Stack Based Windows Buffer Overflow
  • Module 7 – Web Application Security and Exploitation
  • Module 8 – Linux Stack Smashing & Scanning
  • Module 9 – Linux Address Space Layout Randomization
  • Module 10 – Windows Exploit Protection
  • Module 11 – Getting AroundSEH ASLR
  • Module 12 – Penetration Testing Report Writing

Who Should Attend?

  • IS Security Officers
  • Cybersecurity Managers / Admins
  • Penetration Testers
  • Ethical Hackers
  • Auditors

Lab Outline

  • Lab 1 – Skills Assessment
  • Lab 2 – Automation Breakdown
  • Lab 3 – Fuzzing with Spike
  • Lab 4 – Let’s Crash and Callback
  • Lab 5 – MiniShare for the Win
  • Lab 6 – Stack Overflow. Did we get root?
  • Lab 7 – Defeat Me and Lookout ASLR
  • Lab 8 – Time to overwrite SEH and ASLR