Course Outline
C|PENT: Certified Penetration Testing Professional
This is a 5 day, instructor-led course.
This course will help you master best-in-class penetration testing skills to safeguard enterprises against advanced cyber-attacks.
This is a rigorous Penetration Testing program that, unlike contemporary Penetration Testing courses, teaches you how to perform an effective Penetration test across filtered networks. C|PENT is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation. In summary, there is no program of its kind in the world!
With C|PENT, Learn Next-Generation Techniques and Methodologies for Handling Real-World Threat Situations.
The following are 12 reasons that make the C|PENT Program one of a kind. This exceptional course can make you one of the most advanced Penetration Testers in the world. The course has one purpose: To help you overcome some of the most advanced obstacles that real-world practitioners face when conducting Penetration tests. Here are some examples of the challenges you will face when you are exposed to the C|PENT Range:
1. Advanced Windows Attacks
This zone contains a complete forest that you first have to gain access to and once you do, your challenge is to use PowerShell and any other means to execute Silver and Gold Ticket and Kerberoasting. The machines will be configured with defenses in place; therefore, you will have to use PowerShell bypass techniques and other advanced methods to score points within the zone.
2. Attacking IOT Systems
With the popularity of IOT devices, this is the first Program that requires you to locate the IOT device(s) then gain access to the network. Once on the network, you must identify the firmware of the IOT device, extract it and then reverse engineer it.
3. Writing Exploits: Advanced Binaries Exploityations
The challenges faced by Penetration Testers today require them to use their own skills to find a flaw in the code. In this zone you will be required to find the flawed binaries, reverse engineer them once found, and then write exploits to take control of the program execution.
The task is complicated and requires Penetration from the perimeter to gain access then discover the binaries. Once successful, you must reverse engineer the code.
Unlike other certifications, this will not just be a simple 32-bit code. There will be 32- and 64-bit code challenges, and some of the code will be compiled with the basic protections of non-executable stacks.
Furthermore, you must be able to write a driver program to exploit these binaries, then discover a method to escalate privileges. This will require advanced skills in binary exploitation that include the latest debugging concepts and egg hunting techniques. You are required to craft input code first to take control of program execution and second to map an area in memory to get your shellcode to work and bypass system protections.
4. Bypassing a Filtered Network
The C|PENT Certification differs from the others. It provides web zone challenges that exist within a segmentation architecture. As a result, you have to identify the filtering of the architecture, leverage it to gain access to the web applications that you will have to compromise, and then extract the required data to achieve points.
5. PenTesting Operational Technology
As a first in a Penetration Testing Certification, the C|PENT contains a zone dedicated to ICS SCADA networks. The candidate will have to penetrate them from the IT network side, gain access to the OT network, and once there, identify the Programmable Logic Controller (PLC) and then modify the data to impact the OT network. The candidate must be able to intercept the Mod Bus Communication protocol and communication between the PLC and other nodes.
6. Access Hidden Networks with Pivoting
Based on studies and research, few professionals have been able to identify the rules in place when they encounter a layered network. Therefore, in this zone, you will have to identify the filtering rules then penetrate the direct network, and from there, attempt pivots into the hidden network using single pivoting methods, but through a filter. Most certifications do not have a true pivot across disparate networks and a few, if any, have the requirement into and out of a filtering device.
7. Double Pivoting
Once you have braved and mastered the challenges of the pivot, the next challenge is the double pivot. This is not something that you can use a tool for. In most cases, the pivot has to be set up manually. C|PENT is the first certification in the world that requires you to access hidden networks using double pivoting.
8. Privilege Escalation
The latest methods of privilege escalation are covered as well as there will be challenges that require you to reverse engineer code and take control of execution, then break out of the limited shell and gain root/admin.
9. Evading Defense Mechanisms
The different methods of evasion are covered so that you can try and get your exploits past the defenses by weaponizing them.
10. Attack Automations with Scripts
Prepare for advanced Penetration Testing techniques/scripting with seven selfstudy appendices – Penetration Testing with Ruby, Python, PowerShell, Perl, BASH, and learn about Fuzzing and Metasploit.
11. Build you Armory: Weaponize your Exploits
Carry your own tools and build your armory with your coding expertise and hack the challenges presented to you as you would in real life.
12. Write Professional Reports
Experience how a Penetration Tester can mitigate risks and validate the report presented to the client that makes an impact. The best part of it all, is that during this rigorous process, you would be carrying your own tools, building your armory with your coding expertise and hacking the challenges presented to you as you would in real life.
• Ethical Hackers
• Penetration Testers
• Network Server Administrators
• Firewall Administrators
• Security Testers
• System Administrators and Risk Assessment Professionals
• Cybersecurity Forensic Analyst
• Cyberthreat Analyst
• Cloud Security
• Analyst Information Security Consultant
• Application Security Analyst
• Cybersecurity Assurance Engineer
• Security Operations Center (SOC) Analyst
• Technical Operations Network Engineer
• Information Security Engineer
• Network Security Penetration Tester
• Network Security Engineer
• Information Security Architect
Singel Exam, Dual Certification?
Should you score at least 70% in the C|PENT practical exam, you shall attain the C|PENT credential. However, if you are one of the few rare experts on the planet, you may be able to hit the minimum 90% to earn the right to be called a Licensed Penetration Tester (Master)!
C|PENT is a fully online, remotely proctored practical exam, which challenges candidates through a grueling 24-hour performance-based, hands-on exam, categorized into 2 practical exams of 12-hours each, which will test your perseverance and focus by forcing you to outdo yourself with each new challenge. Candidates have the option to choose either two 12-hour exams or one 24-hour exam depending on how straining they would want the exam to be.
Candidates who score more than 90% will establish themselves as the Penetration Testing Masters and attain the prestigious LPT (Master) credential!
C|PENT: Certified Penetration Testing Professional
This is a 5 day, instructor-led course.
This course will help you master best-in-class penetration testing skills to safeguard enterprises against advanced cyber-attacks.
This is a rigorous Penetration Testing program that, unlike contemporary Penetration Testing courses, teaches you how to perform an effective Penetration test across filtered networks. C|PENT is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation. In summary, there is no program of its kind in the world!
With C|PENT, Learn Next-Generation Techniques and Methodologies for Handling Real-World Threat Situations.
The following are 12 reasons that make the C|PENT Program one of a kind. This exceptional course can make you one of the most advanced Penetration Testers in the world. The course has one purpose: To help you overcome some of the most advanced obstacles that real-world practitioners face when conducting Penetration tests. Here are some examples of the challenges you will face when you are exposed to the C|PENT Range:
1. Advanced Windows Attacks
This zone contains a complete forest that you first have to gain access to and once you do, your challenge is to use PowerShell and any other means to execute Silver and Gold Ticket and Kerberoasting. The machines will be configured with defenses in place; therefore, you will have to use PowerShell bypass techniques and other advanced methods to score points within the zone.
2. Attacking IOT Systems
With the popularity of IOT devices, this is the first Program that requires you to locate the IOT device(s) then gain access to the network. Once on the network, you must identify the firmware of the IOT device, extract it and then reverse engineer it.
3. Writing Exploits: Advanced Binaries Exploityations
The challenges faced by Penetration Testers today require them to use their own skills to find a flaw in the code. In this zone you will be required to find the flawed binaries, reverse engineer them once found, and then write exploits to take control of the program execution.
The task is complicated and requires Penetration from the perimeter to gain access then discover the binaries. Once successful, you must reverse engineer the code.
Unlike other certifications, this will not just be a simple 32-bit code. There will be 32- and 64-bit code challenges, and some of the code will be compiled with the basic protections of non-executable stacks.
Furthermore, you must be able to write a driver program to exploit these binaries, then discover a method to escalate privileges. This will require advanced skills in binary exploitation that include the latest debugging concepts and egg hunting techniques. You are required to craft input code first to take control of program execution and second to map an area in memory to get your shellcode to work and bypass system protections.
4. Bypassing a Filtered Network
The C|PENT Certification differs from the others. It provides web zone challenges that exist within a segmentation architecture. As a result, you have to identify the filtering of the architecture, leverage it to gain access to the web applications that you will have to compromise, and then extract the required data to achieve points.
5. PenTesting Operational Technology
As a first in a Penetration Testing Certification, the C|PENT contains a zone dedicated to ICS SCADA networks. The candidate will have to penetrate them from the IT network side, gain access to the OT network, and once there, identify the Programmable Logic Controller (PLC) and then modify the data to impact the OT network. The candidate must be able to intercept the Mod Bus Communication protocol and communication between the PLC and other nodes.
6. Access Hidden Networks with Pivoting
Based on studies and research, few professionals have been able to identify the rules in place when they encounter a layered network. Therefore, in this zone, you will have to identify the filtering rules then penetrate the direct network, and from there, attempt pivots into the hidden network using single pivoting methods, but through a filter. Most certifications do not have a true pivot across disparate networks and a few, if any, have the requirement into and out of a filtering device.
7. Double Pivoting
Once you have braved and mastered the challenges of the pivot, the next challenge is the double pivot. This is not something that you can use a tool for. In most cases, the pivot has to be set up manually. C|PENT is the first certification in the world that requires you to access hidden networks using double pivoting.
8. Privilege Escalation
The latest methods of privilege escalation are covered as well as there will be challenges that require you to reverse engineer code and take control of execution, then break out of the limited shell and gain root/admin.
9. Evading Defense Mechanisms
The different methods of evasion are covered so that you can try and get your exploits past the defenses by weaponizing them.
10. Attack Automations with Scripts
Prepare for advanced Penetration Testing techniques/scripting with seven selfstudy appendices – Penetration Testing with Ruby, Python, PowerShell, Perl, BASH, and learn about Fuzzing and Metasploit.
11. Build you Armory: Weaponize your Exploits
Carry your own tools and build your armory with your coding expertise and hack the challenges presented to you as you would in real life.
12. Write Professional Reports
Experience how a Penetration Tester can mitigate risks and validate the report presented to the client that makes an impact. The best part of it all, is that during this rigorous process, you would be carrying your own tools, building your armory with your coding expertise and hacking the challenges presented to you as you would in real life.
• Ethical Hackers
• Penetration Testers
• Network Server Administrators
• Firewall Administrators
• Security Testers
• System Administrators and Risk Assessment Professionals
• Cybersecurity Forensic Analyst
• Cyberthreat Analyst
• Cloud Security
• Analyst Information Security Consultant
• Application Security Analyst
• Cybersecurity Assurance Engineer
• Security Operations Center (SOC) Analyst
• Technical Operations Network Engineer
• Information Security Engineer
• Network Security Penetration Tester
• Network Security Engineer
• Information Security Architect
Singel Exam, Dual Certification?
Should you score at least 70% in the C|PENT practical exam, you shall attain the C|PENT credential. However, if you are one of the few rare experts on the planet, you may be able to hit the minimum 90% to earn the right to be called a Licensed Penetration Tester (Master)!
C|PENT is a fully online, remotely proctored practical exam, which challenges candidates through a grueling 24-hour performance-based, hands-on exam, categorized into 2 practical exams of 12-hours each, which will test your perseverance and focus by forcing you to outdo yourself with each new challenge. Candidates have the option to choose either two 12-hour exams or one 24-hour exam depending on how straining they would want the exam to be.
Candidates who score more than 90% will establish themselves as the Penetration Testing Masters and attain the prestigious LPT (Master) credential!
Course Information
Years of research indicate that the majority of Penetration Testing professionals have gaps in their skills when it comes to multiple disciplines. The metrics also prove that when the targets are not located on the same or a directly connected and reachable segment, very few can perform as well as they do when it is direct and on a flat network.
That’s why for the first time in the industry, the assessment for the Certified Penetration Testing Professional (C|PENT) is about multiple disciplines and not just one or two specialty types.
- The course is presented through an enterprise network environment that must be attacked, exploited, evaded, and defended.
- EC-Council’s C|PENT assess a Penetration Tester’s skills across a broad spectrum of “network zones”.
- What makes the C|PENT different is the requirement to be provided a variety of different scopes of work so that the candidate can “think on their feet.”
- The result of this is that there are different zones representing different types of testing.
- Anyone attempting the test will have to perform their assessment against these different zones.
The C|PENT range, which is where our Penetration Testers gain real-world skills, is designed to provide challenges across every level of the attack spectrum. Additionally, the range contains multiple layers of network segmentation, and once access is gained in one segment, the latest pivoting techniques are required to reach the next segment. Many of the challenges will require outsidethe- box thinking and customization of scripts and exploits to get into the innermost segments of the network. The key to being a highly skilled Penetration Tester is to go up against various targets that are configured in a variety of ways. The C|PENT consists of entire network segments that replicate an enterprise network — this is not a computer game simulation; this is an accurate representation of an enterprise network that will present the latest challenges to the Penetration Tester. Since the targets and technology continue to change, the C|PENT is dynamic, and machines and defenses will be added as they are observed in the wild. Finally, the targets and segments are progressive in nature. Once you get into one machine and or segment, the next one will challenge you even more.
Course Contents
Module 01: Introduction to Penetration Testing
Module 02: Penetration Testing Scoping and Engagement
Module 03: Open Source Intelligence (OSINT)
Module 04: Social Engineering Penetration Testing
Module 05: Network Penetration Testing – External
Module 06: Network Penetration Testing – Internal
Module 07: Network Penetration Testing – Perimeter Devices
Module 08: Web Application Penetration Testing
Module 09: Wireless Penetration Testing
Module 10: IoT Penetration Testing
Module 11: OT/SCADA Penetration Testing
Module 12: Cloud Penetration Testing
Module 13: Binary Analysis and Exploitation
Module 14: Report Writing and Post Testing Actions
Additional Self-Study Modules
A: Penetration Testing Essential Concepts
B: Fuzzing
C: Mastering Metasploit Framework
D: PowerShell Scripting
E: Bash Environment and Scripting
F: Python Environment and Scripting
G: Perl Environment and Scripting
H: Ruby Environment and Scripting
I: Active Directory Penetration Testing
J: Database Penetration Testing
K: Mobile Device Penetration Testing
Price per delegate
£3195
Scheduled Classes
Remote Access:
26 – 30 Jun 2023
18 – 22 Sep 2023
Please complete the contact form below or call 0141 221 5676 for further course information and available dates.
Alternatively you can email us at info@indiciatraining.com