- Exam(s) / assessment(s) is included in price
- Tutor is available to students
Certified Penetration Testing Consultant (CPTC) Updated 2020
CM
eTrain
Summary
Overview
The CPTC* Certified Penetration Testing Consultant course teaches the IT security professionals and IT network administrators about the penetration tests to check the security of large and complex network infrastructures. The course is based on the real world scenarios similar to large corporate networks, services provider networks and telecommunication networks. The course focuses on the attacks on the underlying network infrastructure and protocol loopholes rather than the L4-L7 attacks.
The CPTC training course starts from basic techniques such as packet capturing and continues to the more sophisticated and advanced techniques of conducting a penetration test on any kind of network infrastructure. The course includes practice labs as well to provide hands-on experience to the students and apply the learnt knowledge to real-world scenarios. The course is an essential part of the preparation for CPTC certification by Mile2.
Exam Information
The Certified Penetration Testing Consultant exam consists of two parts. Part 1 is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2 account. The exam will take 2 hours and consist of 100 multiple choice questions. Part 2 is a multi-hour practical exam in which students are expected to penetrate between 3 - 5 targets (2 buffer overflows (ASLR and DEP enabled for one), 1 Linux local exploit + priv esc and 1 web exploit) and then create and provide a detailed penetration testing report to mile2.
Mile2 is:
- ACCREDITED by the NSA CNSS 4011-4016
- MAPPED to NIST / Homeland Security NICCS's Cyber Security Workforce Framework
- APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)
??????! ?м??? ?? ????? ?? ? ????????.
Prerequisites:
- C)PTE or equivalent knowledge
- A minimum of 24 months of experience in Networking Technologies
- Sound knowledge of TCP/IP
- Computer hardware knowledge
Student Materials:
Student Workbook
Student Prep Guide
Certification Exams:
Mile2 C)PTC
CPEs: 40
Who Should Attend?
- IT and network security officers
- Network and cloud administrators
- Penetration testers
- Ethical hackers
- Network security auditors
Certification
C++ Certified Senior Programmer – CPS
Description
Course Curriculum
Module 1 - Pentesting Team Formation
Pentesting Team Formation (0:54)
What are we covering? (0:59)
Section 1: Project Management (0:27)
PMBOK (0:36)
PMBOK (1:26)
Initiating Process Activities (1:03)
Planning Process Activities (2:02)
Planning Process (cont.) (1:05)
Planning Process (cont.) (1:54)
Executing Process Activities (1:21)
Executing Process (cont.) (0:49)
Closing Process Activities (1:14)
Section 2: Pentesting Metrics (0:31)
Types of Analysis (0:49)
Quantitative Analysis (0:56)
Qualitative Analysis (1:11)
Mixed-Method Analysis (2:00)
Section 3: Team Roles, Responsibilities, and Benefits (0:55)
Pentesting Team Structure (0:54)
Roles/Responsibilities (6:35)
Benefits (1:02)
Module 1 Review (2:20)
Module 1 Quiz
Module 2 - NMAP Automation
NMAP Automation (0:10)
Introduction (0:58)
What are we covering? (0:28)
Section 1: NMAP Basics (1:14)
NMAP Basics (0:30)
NMAP Basics (0:21)
NMAP Basics - Options Summary (1:28)
NMAP Basics - Target Specification (1:41)
NMAP Basics - Host Discovery (1:10)
NMAP Basics - Host Discovery (cont.) (1:06)
NMAP Basics - Port Scanning Basics (2:54)
NMAP Basics - Port Scanning Techniques (0:54)
NMAP Basics - Port Specification and Scan Order (0:52)
NMAP Basics - Service and Version Detection (2:03)
NMAP Basics - OS Detection (1:05)
NMAP Basics - NMAP Scripting Engine (1:17)
NMAP Basics - NMAP Scripting Engine (0:42)
NMAP Basics - Timing and Performance (1:42)
NMAP Basics - Output (1:48)
NMAP Basics - Miscellaneous Options (0:34)
NMAP Basics - Runtime Interaction (0:41)
NMAP Basics - Examples (2:19)
Section 2: NMAP Automation (0:15)
NMAP Automation (0:53)
NMAP Automation (0:33)
Section 3: NMAP Report Documentation (0:14)
NMAP Report Documentation (1:00)
NMAP Report Documentation (1:16)
Module 2 Review (0:21)
Module 2 Quiz
Module 3 - Exploitation Process
Exploitation Process (0:10)
Review (1:07)
What are we covering? (0:49)
Section 1: Purpose (0:51)
Purpose (2:11)
Section 2: Countermeasures (0:14)
Countermeasures (0:48)
Countermeasures (1:53)
Countermeasures (1:03)
Countermeasures (1:39)
Countermeasures (2:02)
Section 3: Evasion (0:19)
Evasion (1:07)
Section 4: Precision Strike (0:17)
Precision Strike (0:32)
Section 5: Customized Exploitation (0:11)
Customized Exploitation (0:50)
Section 6: Tailored Exploits (0:12)
Tailored Exploits (0:57)
Section 7: Zero-Day Angle (0:16)
Zero-Day Angle (1:01)
Section 8: Example Avenues of Attack (0:16)
Example Avenues of Attack (0:34)
Section 9: Overall Objective of Exploitation (0:05)
Overall Objective (0:46)
Module 3 Review (1:00)
Module 3 Quiz
Module 4 - Fuzzing with Spike
Fuzzing with Spike (0:19)
What are we covering? (1:16)
Introduction to Spike (0:21)
Introduction to Spike (2:03)
Section 1: Vulnserver (0:29)
What is Vulnserver? (0:31)
What is Vulnserver? (cont.) (0:19)
Vulnserver Source Code (0:42)
Source Code (cont.) (1:26)
Source Code (cont.) (0:57)
Booting Vulnserver (0:34)
Vulnserver (0:31)
Section 2: Spike Fuzzing Setup (0:46)
Built-in 'Spike' (0:39)
Spikes (0:53)
Section 3: Fuzzing a TCP Application (0:55)
Generic_send_tcp (0:17)
Generic_send_tcp (cont.) (0:50)
Generic_send_tcp (cont.) (0:22)
Generic_send_tcp (cont.) (0:39)
Section 4: Custom Fuzzing Script (1:18)
TRUN primitive (0:40)
TRUN primitive (0:45)
Spiketrunaudit.spk (1:12)
Fuzzing in progress… (0:48)
Fuzzing Complete! (0:47)
Final Thoughts (0:54)
Module 4 Review (1:13)
Module 4 Quiz
Module 5 - Writing Simple Buffer Overflow Exploits
Writing Simple Buffer Overflow Exploits (0:11)
Introduction (1:05)
What are we covering? (0:30)
Setup (0:24)
Section 1: Exploit-DB (0:20)
Exploit-DB (0:24)
Exploit-DB (0:25)
Searchsploit (0:24)
Searchsploit (0:23)
Section 2: Immunity Debugger (0:49)
Immunity Debugger (0:18)
Immunity Debugger (2:49)
Immunity Layout (0:13)
Immunity Layout (0:20)
Immunity Layout (0:15)
Immunity Layout (0:23)
32-bit Registers (0:17)
32-bit Registers (2:58)
What is a Buffer Overflow? (2:18)
Running DPE (0:41)
Section 3: Python (0:44)
Searching Exploit-DB (0:13)
Pythons you say? (0:25)
Continued? (2:29)
Section 4: Shellcode (0:19)
MSFVenom (0:31)
MSFVenom (0:16)
Sending our Exploit (0:53)
Connect and Win (0:23)
Module 5 Review (0:32)
Module 5 Quiz
Module 6 - Stack Based Windows Buffer Overflow
Stack Based Windows Buffer Overflow (1:11)
Introduction (3:00)
What are we covering? (2:31)
Section 1: Debugger (0:33)
Debugger (0:58)
Immunity! (1:56)
Immunity! (1:21)
Immunity! (1:48)
Debugger (0:25)
Immunity! (2:22)
Section 2: Vulnerability Research (0:36)
Vulnerability Research (0:42)
Exploit-DB (1:31)
MiniShare Exploit Explained (1:13)
Proof of Concept Code (3:00)
Running the Script (2:00)
Running the Script (1:25)
Section 3: Control EIP, Control the Crash (0:34)
Control EIP, Control the Crash (1:42)
Control EIP, Control the Crash (2:04)
Section 4: JMP ESP Instruction (1:05)
JMP ESP Instruction (3:30)
Finding Loaded Modules (2:03)
Exploit Note (3:06)
Finding JMP ESP (1:39)
Search DLL for \xff\xe4 (1:08)
Section 5: Finding the Offset (0:39)
Finding the Offset (1:36)
Pattern_create.rb (1:00)
Proof of Concept Code (Update: pattern_create.rb) (0:32)
Running the Script (0:44)
Finding the Offset (0:47)
Proof of Concept Code (Update: Control EIP Overwrite) (0:53)
Running the Script (0:33)
Section 6: Code Execution and Shellcode (0:10)
Code Execution and Shellcode (0:52)
Proof of Concept Code (Update: JMP ESP Addition) (0:18)
Code Execution and Shellcode (2:14)
Running the Script (0:17)
Code Execution and Shellcode (1:10)
Proof of Concept Code (Update: Adding Shellcode) (0:41)
Section 7: Does the Exploit Work? (0:08)
Does the Exploit Work? (0:37)
Does the Exploit Work? (0:08)
Module 6 Review (3:11)
Module 6 Quiz
Module 7 - Web Application Security and Exploitation
Web Application Security and Exploitation (0:13)
Introduction (0:52)
What are we covering? (0:15)
Section 1: Web Applications (0:50)
Why Though? (0:52)
Where Though? (0:33)
Compromise (0:26)
Section 2: OWASP Top 10 - 2017 (0:07)
Top 10 (0:13)
A1 Injection (0:32)
A1 Injection (cont.) (0:18)
A2 Broken Authentication (1:18)
A3 Sensitive Data Exposure (0:39)
A4 XML External Entities (0:46)
A5 Broken Access Control (0:46)
A6 Security Misconfiguration (0:34)
A7 Cross-Site Scripting (1:29)
A8 Insecure Deserialization (1:04)
A9 Using Components with Known Vulnerabilities (0:18)
A9 Using Components with Known Vulnerabilities (cont.) (0:46)
A10 Insufficient Logging & Monitoring (0:49)
Tying it all together (1:01)
Section 3: Zap (0:24)
Everything you need for Free (0:38)
Proxy Connection (0:12)
Zed Attack Proxy (0:17)
Do What Now? (0:21)
Intercept All the Things!! (0:26)
Intercept All the Things!! (0:27)
Intercept All the Things!! (0:09)
Intercept All the Things!! (0:16)
Intercept All the Things!! (0:10)
Do What Now? (0:48)
So Then (0:26)
Section 4: Scapy (0:06)
The way of the packet (0:18)
The way of the packet (0:18)
Finding the Way (0:26)
Picturing the Way (0:52)
Module 7 Review (0:14)
Module 7 Quiz
Module 8 - Linux Stack Smashing
Linux Stack Smashing (0:33)
Introduction (2:16)
What are we covering? (0:30)
Section 1: Exploiting the Stack on Linux (0:19)
Demo: Exploiting the Stack on Linux (1:28)
Mile2_smash Program (0:10)
Buffer Overflow Found (0:51)
Creating the Exploit (1:00)
Looking to Overwrite RIP (1:00)
gdb ./mile2_smash
Who is this course for?
Requirements
Career path
Questions and answers
Currently there are no Q&As for this course. Be the first to ask a question.
Reviews
Currently there are no reviews for this course. Be the first to leave a review.
Legal information
This course is advertised on reed.co.uk by the Course Provider, whose terms and conditions apply. Purchases are made directly from the Course Provider, and as such, content and materials are supplied by the Course Provider directly. Reed is acting as agent and not reseller in relation to this course. Reed's only responsibility is to facilitate your payment for the course. It is your responsibility to review and agree to the Course Provider's terms and conditions and satisfy yourself as to the suitability of the course you intend to purchase. Reed will not have any responsibility for the content of the course and/or associated materials.
FAQs
Interest free credit agreements provided by Zopa Bank Limited trading as DivideBuy are not regulated by the Financial Conduct Authority and do not fall under the jurisdiction of the Financial Ombudsman Service. Zopa Bank Limited trading as DivideBuy is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority, and entered on the Financial Services Register (800542). Zopa Bank Limited (10627575) is incorporated in England & Wales and has its registered office at: 1st Floor, Cottons Centre, Tooley Street, London, SE1 2QG. VAT Number 281765280. DivideBuy's trading address is First Floor, Brunswick Court, Brunswick Street, Newcastle-under-Lyme, ST5 1HH. © Zopa Bank Limited 2024. All rights reserved.