Certified Pentest Professional | IT Training & Certification | Info Trek
Respect Your Dreams
Follow through on your goals with courses

Certified Pentest Professional

Location

Format What’s this?
Starting From
RM 6500.00
  1. 5 Day with 08 hours per day
  1. Mon 26 Jul 09:00 - Fri 30 Jul 17:00
  1. HRDF SBL Claimable
  2. Certificate of Attendance available
  1. 5 Days
  1. All of our private classes are customized to your organization's needs.
  2. Click on the button below to send us your details and you will be contacted shortly.
Request more information

Inquiry for: Myself    My Company

By providing your contact details, you agree to our Privacy Policy

 

 

 

Thank You

Our learning consultant will get back to you in 1 business day

Certified Pentest Professional

WHAT YOU WILL LEARN

This course will enable the network administrators, network executives and Security professionals to :


• understand different attacks used by hackers
• learn how to conduct a vulnerability assessment on the network and systems
• safely exploit the network and systems with the same tools used by the hackers to identify the vulnerabilities before a hacker would do
• learn ways to harden the network and systems thus securing the corporate network and systems.
• Prepare and submit Vulnerability Assessment & Pentest Reports

AUNDIENCE

This course is also recommended for security professionals who are interested in conducting vulnerability assessment and penetration test for their customers.

METHODOLOGY

This program will be conducted with interactive lectures, PowerPoint presentations, discussions and practical exercises

Expand All

Modules

Module 1: Introduction to Vulnerability Assessment & Penetration Testing
Basics: Vulnerability, Exploit, Payload, Listener, Vulnerability Assessment Vs. Penetration Testing, Types of Vulnerabilities, Vulnerability Research Sources for Penetration Testers, Exploits and tools sources for Penetration Testers, Commercial Tools for Penetration Testers, Penetration Testing Methodologies and Penetration Test Report Template.
Module 2: Information Intelligence Techniques

• Passive Information Gathering with Passive Recon

• Information intelligence and Map the Customer organization with Maltego

• Information intelligence and Map the infrastructure with FOCA


Module 3: Scanning & Vulnerability Assessment

• Scanning Types & Scan Options

• NMap Scanning

o Ninja & Non-Ninja Scan types

o Multiple IP Addresses scanning

o Host Discovery

o Ping & Port Scanning

o OS Fingerprinting & Service Enumerations

o NMap Scripts

o Host Scanning : Bypassing Firewalls

o Decoys

• ZenMap

• Netcat Fingerprinting

• NeXpose : Vulnerability Scanning & Reporting

• OpenVAS


Module 4: Cracking & Social Engineering

• MiTM Concepts & Attacks

• Password Cracking

o Brute Force Tools : Hydra, Medusa

o Crunch Password generator

o FTP Credential cracking

o Telnet Brute Force

o SSH Login Brute Force Attack

o Password cracking with John the Ripper

• Social Engineering Attacks : Java Applet Attack Vectors, Infectious Media Generator, Credential Harvester Attack Method, Spear-Phishing Attack Method and many more


Module 5: Exploitation & Pentest

• Metasploit Framework Concepts

• Metasploit Community & Armitage

• Metasploit Exploitations : Dump Password Hash, Capture Screenshots, Capture Keystrokes, Privilege Escalation, Pivoting, ARP Scan, Stdapi and Priv, Persistence and Backdoors (Maintaining Access), Cover Tracks, Post Exploitations.

• Anti-Virus Evasion Framework

• Netcat Exploitations

• Backdoor using msfvenom & Netcat

• Advanced Exploitations using PowerShell

• Pentest Reporting


Module 6: PowerShell Exploitation

• PowerShell Basics

• PowerShell Log Analysis

• PowerShell Malwares Evading Antivirus and End Point Defenses


Module 7: Web Pentest

• Web Application Basics,

• Web Application Fingerprinting,

• Payment Gateway & Order Tampering,

• Labs on OWASP TOP 10 Vulnerabilities and its sub categories using Mutillidae, DVWA

• [SQL Injection, Cross Site Scripting, Cross Site Request Forgery, LDAP Injection, Command Injection, Parameter/Form Tampering, Payment Gateway hacking, Improper Error Handling, Directory Traversal, Insecure storage, Information Leakage, Broken Account Management, Denial of Service, Buffer Overflow, Broken Session Management, Session Fixation, Security Misconfiguration, File Upload and Download and many more ]

• Pentest Reporting

• Tools Covered : Acunetix, Qualys, Burp Suite


Module 8: Wireless Pentest

• Introduction on WEP, WPA, WPA2

• Wireless cracking with Reaver

• Uncovering hidden SSIDs

• WiFi Twining Attacks


Clement Arul

Clement Arul

A professional who believes that adaptability of security is directly equal to the affordability of security products, services and trainings. Started creating security products, services and trainings and certifications that are affordable as well as be part of the team in creation Nation Cyber Security Frameworks.Clement is also a two-time recipient award of National Award from Govt of Malaysia: Cyber Security Professional of the Year in 2017 and 2014 as well as a three-time Regional Award winner of Cyber Security Professional of the Year Asia and APAC in 2020, 2019 and 2017. He was also awarded as APAC Cyber Security Educator of the Year in 2020 and 2019. Read More

Course Reviews

No Remarks

0

0 Ratings