C)PTE/C)PTC: C)PTE/C)PTC Ultimate Boot Camp

Become an EPIC Affiliate

To view the class schedule you need to become an Affiliate

  • Largest “Guaranteed To Run” public technical training schedules available
  • Easy to become an Affiliate – no charge or fee
Become an EPIC Affiliate

already an Affiliate?  Login

About this Course

The mile2 Certified Penetration Testing Engineer certification course is built firmly upon proven, hands-on, Penetration Testing methodologies utilized by our international group of Penetration Testing consultants.

The C)PTE presents information based on the 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. The latest vulnerabilities will be discovered using these tried and true techniques.

The Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in taking an in-depth look into specific Penetration tests and techniques against operating systems.  This course will teach you the necessary skills to work as a penetration testing team, the exploitation process, how to create a buffer overflow against programs running on Window and Linux while subverting features such as DEP and ASLR. This course will guide you through OWASP Top 10, teach you how to create shellcode to gain remote code execution, and understand and build different proof of concept code based on exploits pulled from exploit-db and testing using a debugger.  The course starts by explaining how to build the right penetration testing team, covers scanning with NMAP, leading into the exploitation process, a little fuzzing with spike to help guide our proof of concept code, writing buffer overflows, understanding OWASP, Linux stack smashing, Windows exploit protection and getting around those protection methods, a section on report writing, and capping off the course with a scenario that will you’re your skills as a penetration testing team

Students will spend at least 50% of class time performing hands-on labs.

Audience Profile

  • Pen Testers
  • Ethical Hackers
  • Network Auditors
  • Cyber Security Professionals
  • Vulnerability Assessors
  • Cyber Security Managers

IS Managers

At Course Completion

Upon completion, Ultimate Penetration Testing Bootcamp students will be able to establish an industry acceptable pen testing process as well as be prepared to competently take the C)PTE and C)PTC certification exams.

The Certified Penetration Testing Engineer exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions.

The Certified Penetration Testing Consultant exam consists of two parts. Part 1 is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions.

 

Part 2 is a multi-hour practical exam in which students are expected to penetrate between 3 - 5 targets (2 buffer overflows (ASLR and DEP enabled for one), 1 Linux local exploit + priv esc and 1 web exploit) and then create and provide a detailed penetration testing report to mile2.

Outline

CPTE

Module 0: Course Overview

Module 1: Business & Technical Logistics of Pen Testing

Module 2: Linux Fundamentals

Module 3: Information Gathering

Module 4: Detecting Live Systems

Module 5: Enumeration

Module 6: Vulnerability Assessments

Module 7: Malware Goes Undercover

Module 8: Windows Hacking

Module 9: Hacking UNIX/Linux

Module 10: Advanced Exploitation Techniques

Module 11: Pen Testing Wireless Networks

Module 12: Networks, Sniffing and IDS

Module 13: Injecting the Database

Module 14: Attacking Web Technologies

Module 15: Project Documentation

Module 16: Securing Windows w/ Powershell

Module 17: Pen Testing with Powershell

CPTC


Module 0:  CPTC Intro

Module 1:  Penetration Testing Team Formation

Module 2:  NMAP Automation

Module 3:  Exploitation Process

Module 4:  Fuzzing with Spike

Module 5:  Simple Buffer Overflow

Module 6:  Stack Based Windows Buffer Overflow

Module 7:  Web Application Security and Exploitation

Module 8:  Linux Stack Smashing

Module 9:  Linux Address Space Layout Randomization

Module 10:  Windows Exploit Protection

Module 11:  Getting Around SEH and ASLR (Windows)

Module 12:  Penetration Testing Report Writing

HANDS-ON LABORATORY OUTLINE

 

CPTE

 

Lab 1 – Introduction to Pen Testing Setup

Lab 2 – Linux Fundamentals          

Lab 3 – Using tools for reporting

Lab 4 – Information Gathering

Lab 5 – Detecting Live Systems - Scanning Techniques

Lab 6 – Enumeration           

Lab 7 – Vulnerability Assessments           

Lab 8 – Software Goes Undercover           

Lab 9 – System Hacking – Windows Hacking

Lab 10 – System Hacking – Linux/Unix Hacking

Lab 11 – Advanced Vulnerability and Exploitation Techniques

Lab 12 – Network Sniffing/IDS       

Lab 13 – Attacking Databases

Lab 14 – Attacking Web Applications


 

CPTC

 

 

Lab 1: Skills Assessment
Lab 2: Automation Breakdown
Lab 3: Fuzzing with Spike
Lab 4: Let’s Crash and Callback
Lab 5: Minishare for the Win
Lab 6: WebGoat Exploitation
Lab 7: Stack Overflow, Did we get Root?
Lab 8: Defeat me and Lookout ASLR
Lab 9: Time to Overwrite SEH and ASLR

 

 

Prerequisites

Prerequisites:

  • A minimum of 12 months’ experience in networking technologies
  • Sound knowledge of TCP/IP
  • Knowledge of Microsoft packages
  • Network+, Microsoft, Security+

Basic Knowledge of Linux is essential