Scribd
Upload
34 views3 pages

Agenda - Certified Penetration Tester (CPT)

The document outlines a five-day training agenda for a Certified Penetration Tester (CPT) course. It covers various topics including vulnerability assessment, scanning techniques, exploitation methods, PowerShell exploitation, web penetration testing, and wireless penetration testing. Each day consists of detailed sessions with breaks and hands-on labs to enhance practical skills in penetration testing.

Uploaded by

sagit524
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
34 views3 pages

Agenda - Certified Penetration Tester (CPT)

The document outlines a five-day training agenda for a Certified Penetration Tester (CPT) course. It covers various topics including vulnerability assessment, scanning techniques, exploitation methods, PowerShell exploitation, web penetration testing, and wireless penetration testing. Each day consists of detailed sessions with breaks and hands-on labs to enhance practical skills in penetration testing.

Uploaded by

sagit524
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Training Agenda

CERTIFIED PENETRATION TESTER (CPT)


Time Item

Day 1

9:00am – 10:30am Introduction to Vulnerability Assessment & Penetration Testing


1. Vulnerability Exploit, Payload, Listener
2. Vulnerability Assessment Vs. Penetration Testing
3. Types of Vulnerabilities Vulnerability Research Sources for
Penetration Testers, Exploits and
4. Tools sources for Penetration Testers, Commercial Tools for
Penetration Testers, Penetration Testing Methodologies and
Penetration Test Report Template
5. Latest Attacks – Demos
10:30am – 10:45am Morning Break
10:45am – 1:00pm Introduction to Vulnerability Assessment & Penetration Testing (cont.)
1:00pm – 2:00pm Lunch Break
2:00pm – 4:00pm Information Intelligence Techniques
1. Passive Information Gathering
2. Information intelligence and Map the Customer organization
3. Information intelligence and Map the infrastructure of the Target
4:00pm – 4:15pm Afternoon Break
4:15pm – 5:00pm Information Intelligence Techniques (cont.)

Day 2

9:00am – 10:30am Scanning & Vulnerability Assessment


1. Scanning Types & Scan Options
a. NMap Scanning
b. Ninja & Non-Ninja Scan types
c. Multiple IP Addresses scanning
d. Host Discovery
e. Ping & Port Scanning
f. OS Fingerprinting & Service Enumerations
g. NMap Scripts
h. Host Scanning: Bypassing Firewalls
i. Decoys
2. ZenMap
3. Netcat Fingerprinting
4. Nessus: Vulnerability Scanning & Reporting
5. NeXpose: Vulnerability Scanning & Reporting
6. OpenVAS
10:30am – 10:45am Morning Break

10:45am – 1:00pm Scanning & Vulnerability Assessment (cont.)

1:00pm – 2:00pm Lunch Break


2:00pm – 4:00pm Cracking & Social Engineering
1. MiTM Concepts & Attacks
2. Password Cracking
a. Brute Force Tools: Hydra, Medusa
b. Crunch Password generator
c. FTP Credential cracking
d. Telnet Brute Force
e. SSH Login Brute Force Attack
f. Password cracking with John the Ripper
3. Social Engineering Attacks: Java Applet Attack Vectors, Infectious
Media Generator, Credential Harvester Attack Method, Spear-
Phishing Attack Method and many more
4:00pm – 4:15pm Afternoon Break
4:15pm – 5:00pm Cracking & Social Engineering (cont.)
Day 3

9:00am – 10:30am Exploitation & Pentest


1. Metasploit Framework Concepts
2. Metasploit Community & Armitage
3. Metasploit Exploitations: Dump Password Hash, Capture
Screenshots, Capture Keystrokes,
4. Privilege Escalation, Pivoting, ARP Scan, Stdapi and Priv,
Persistence and Backdoors
5. (Maintaining Access), Cover Tracks, Post Exploitations.
6. Anti-Virus Evasion Frameworks and Methods
7. Netcat Exploitations
8. Backdoor using msfvenom & Netcat
9. Advanced Exploitations using PowerShell
10. USB Based exploitation on Win 7 & Win 10
11. Pentest Reporting
10:30am – 10:45am Morning Break
10:45am – 1:00pm Exploitation & Pentest (cont.)

1:00pm – 2:00pm Lunch Break


2:00pm – 4:00pm Exploitation & Pentest (cont.)
4:00pm – 4:15pm Afternoon Break
4:15pm – 5:00pm Exploitation & Pentest (cont.)
Day 4

9:00am – 10:30am PowerShell Exploitation


1. PowerShell Basics
2. PowerShell Log Analysis
3. PowerShell Malwares to evade Defenses
10:30am – 10:45am Morning Break
10:45am – 1:00pm PowerShell Exploitation (cont.)
1:00pm – 2:00pm Lunch Break
2:00pm – 4:00pm Web Pentest
1. Web Application Basics
2. Web Application Fingerprinting
3. Payment Gateway & Order Tampering
4. Labs on OWASP TOP 10 Vulnerabilities and its sub categories using
Mutillidae, DVWA [SQL Injection, Cross Site Scripting, Cross Site
Request Forgery, LDAP Injection, Command Injection,
Parameter/Form Tampering, Payment Gateway hacking, Improper
Error Handling, Directory Traversal, Insecure storage, Information
Leakage, Broken Account Management, Denial of Service, Buffer
Overflow, Broken Session Management, Session Fixation, Security
Misconfiguration, File Upload and Download and many more ]
5. Pentest Reporting
4:00pm – 4:15pm Afternoon Break
4:15pm – 5:00pm Web Pentest (cont.)

Day 5

9:00am – Wireless Pentest


10:30am 1. Introduction on WEP, WPA, WPA2
2. Wireless cracking with Reaver
3. Uncovering hidden SSIDs
4. WiFi Twining Attacks
5. Wifi Pineapple based attacks

10:30am – Morning Break


10:45am
10:45am – Wireless Pentest (cont.)
1:00pm
1:00pm – Lunch Break
2:00pm
2:00pm – Wireless Pentest (cont.)
4:00pm
4:00pm – Afternoon Break
4:15pm
4:15pm – Wireless Pentest (cont.)
5:00pm

You might also like