Scribd
Upload
22 views3 pages

EJPT AI Syllabus

The eLearnSecurity Junior Penetration Tester (eJPT) course consists of 12 modules covering various aspects of penetration testing. Topics include information gathering, enumeration, vulnerability assessment, network and host auditing, penetration testing techniques, post-exploitation strategies, social engineering, and web application security. The course aims to equip learners with the skills necessary to identify and exploit vulnerabilities in systems and applications.

Uploaded by

anshumansupakar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
22 views3 pages

EJPT AI Syllabus

The eLearnSecurity Junior Penetration Tester (eJPT) course consists of 12 modules covering various aspects of penetration testing. Topics include information gathering, enumeration, vulnerability assessment, network and host auditing, penetration testing techniques, post-exploitation strategies, social engineering, and web application security. The course aims to equip learners with the skills necessary to identify and exploit vulnerabilities in systems and applications.

Uploaded by

anshumansupakar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

eLearnSecurity Junior Penetration Tester (eJPT)

Module 1: Information Gathering

 Reconnaissance
 Locate Endpoints on a Network
 Footprinting and Scanning
 Detect Open Ports and Services Available on a Target
 Determine the Operating System Used by the Target
 Extract Company-related Information from Publicly Available Sources
 Collect Email Addresses from Public Sources
 Gather Technical Details and Information from Publicly Accessible
Sources

Module 2: Enumeration

 Extract Network-related Data from Files Located on the Target System


 Collect System-specific Information from the Target
 Retrieve User Account Details Present on the Target System
Module 3: Vulnerability Assessment

 Recognize Vulnerabilities Present within Services


 Assess and Determine the Criticality or Impact of Identified
Vulnerabilities Based on Available Information

Module 4: Network Auditing

 Auditing Fundamentals
 Techniques for Network Auditing
 Tools and Methods for Network Auditing
 Identifying Network Vulnerabilities

Module 5: Host-based Auditing

 Techniques for Host-based Auditing


 Tools and Methods for Host Auditing
 Identifying Host Vulnerabilities

Module 6: Host Penetration Testing

 Host/System-based Attacks
 Perform Attempts to Guess Passwords through Brute-force Methods and
Crack Hashed Passwords
 The Metasploit Framework (MSF)
 Exploit Database
 Exploitation of Vulnerabilities
 Move Files to and from the Target System
 Retrieve Hash or Password Data from the Target
 Recognize and Alter Exploits as Needed

Module 7: Network Penetration Testing

 Network-based Attacks
 Privilege Escalation
Module 8: Post-Exploitation

 Techniques for Maintaining Access


 Covering Tracks and Data Exfiltration

Module 9: Social Engineering

 Basics of Social Engineering


 Techniques and Methods for Social Engineering

Module 10: Web Application Basics

 Introduction to Web
 Introduction to HTTP Protocol

Module 11: Web Application Reconnaissance

 Perform Reconnaissance on Web Applications


 Discover Hidden Files and Directories
 Execute a Brute-force Attack on Login Pages

Module 12: Web Application Vulnerabilities

 OWASP Top 10 Vulnerabilities


 SQL Injection
 XSS (Cross-Site Scripting)
 Directory Traversal
 File Upload Vulnerabilities
 Authentication Vulnerabilities
 Broken Access Control

You might also like