CPENT-Certified Penetration Testing Professional

• Principles and Objectives of Penetration Testing
• Penetration Testing Methodologies and Frameworks
• Best Practices and Guidelines for Penetration Testing
• Role of Artificial Intelligence in Penetration Testing
• Role of Penetration Testing in Compliance with Laws, Acts, and Standards

Key topics covered: Penetration Testing, Penetration Testing Process, Penetration Testing

Methodologies and Frameworks, MITRE ATT&CK Framework, Characteristics of a Good

Penetration Test, Al-Driven Penetration Testing, Al-Driven Tools for Penetration Testing,

Compliance-Driven Penetration Testing, Role of Al and Machine Learning in Compliance-Driven

Testing

• Penetration Testing: Pre-engagement Activities
• Key Elements Required to Respond to Penetration Testing RFPs
• Drafting Effective Rules of Engagement (ROE)
• Legal and Regulatory Considerations Critical to Penetration Testing
• Resources and Tools for Successful Penetration Testing
• Strategies to Effectively Manage Scope Creep

Key topics covered: Preparing for Proposal Submission, Rules of Engagement, Drafting a ROE,

Drafting Penetration Testing Contract, Rules of Behavior, Nondisclosure Agreement, Liability

Issues, Engagement Letter, Kickoff Meeting, Statement of Work, Preparing the Test Plan, Data

Use Agreement, Mission Briefing, Scope Creeping

• Collect Open-Source Intelligence (OSINT) on Target's Domain Name
• Collect OSINT About Target Organization on the Web
• Perform OSINT on Target's Employees
• OSINT Using Automation Tools Map the Attack Surface

Labs:

• Collect OSINT on Target's Domain Name, Web, and Employees
• Collect OSINT Using Automation Tools
• Identify and Map Attack Surface

Key topics covered: Find Domain and Subdomains, Whois Lookups, DNS Records, Reverse

Lookups, DNS Zone Transfer, Web Searches Using Advanced Operators, Google Dork, Footprint

Target Using Shodan, Email Harvesting, People Search Online Services, Automate OSINT

Process Using Tools/Frameworks, Attack Surface Mapping, Traceroute Analysis, Scanning

Target Network, Discover Live Hosts, Port Scanning, OS Banner Grabbing, Service

Fingerprinting

• Social Engineering Penetration Testing Concepts Off-Site Social Engineering Penetration Testing
• On-Site Social Engineering Penetration Testing
• Document Findings with Countermeasure Recommendations

Labs:

• Sniff credentials using the Social-Engineer Toolkit (SET)

Key topics covered: Social Engineering Penetration Testing Process, Off-Site Social

Engineering Penetration Testing, Phishing, Social Engineering Using Phone, Social Engineering

using Al and ML, On-Site Social Engineering Penetration Testing, Social Engineering

Countermeasures

• Web Application Footprinting and Enumeration Techniques
• Techniques for Web Vulnerability Scanning
• Test for Vulnerabilities in Application Deployment and Configuration
• Techniques to Assess Identity Management, Authentication, and Authorization Mechanisms
• Evaluate Session Management Security
• Evaluate Input Validation Mechanisms
• Detect and Exploit SQL Injection Vulnerabilities
• Techniques for Identifying and Testing Injection Vulnerabilities
• Exploit Improper Error Handling Vulnerabilities
• Identify Weak Cryptography Vulnerabilities
• Test for Business Logic Flaws in Web Applications
• Evaluate Applications for Client-Side Vulnerabilities

Labs:

• Perform Website Footprinting
• Perform Web Vulnerability Scanning Using Al
• Perform Various Attacks on Target Web Application

Key topics covered: OWASP Penetration Testing Framework, Website Footprinting, Web

Spidering, Website Mirroring, HTTP Service Discovery, Web Server Banner Grabbing, Test for

Default Credentials, Enumerate Webserver Directories, Web Vulnerability Assessment, Web

Application Fuzz Testing, Directory Brute Forcing, Web Vulnerability Scanning, Test Handling of

File Extensions, Test Backup and Unreferenced Files, Username Enumeration, Authorization

Attack, Insecure Access Control Methods, Session Token Sniffing, Session Hijacking, Cross-

Site Reauest Foraerv (XSRF). URL Parameter Tamoerina. SOL Iniection. LDAP Iniection, Improper Error Handling, logic Flaws, Frame Injection.

• Techniques and Tools to Perform API Reconnaissance
• Test APIs for Authentication and Authorization Vulnerabilities
• Evaluate the Security of JSON Web Tokens (JWT)
• Test APIs for Input Validation and Injection Vulnerabilities
• Test APIs for Security Misconfiguration Vulnerabilities
• Test APIs for Rate Limiting and Denial of Service (DOS) Attacks
• Test APIs for Security of GraphQL Implementations
• Test APIs for Business Logic Flaws and Session Management

Labs:

• Perform API Reconnaissance Using Al
• Scan and Identify Vulnerabilities in APIs
• Exploit Various Vulnerabilities to Gather Information on the Target Application

Key topics covered: API Reconnaissance, Test APIs for Broken Authentication, Test APIs for

Object-Level Permissions (BOLA), Test for JWT Issues, Test APIs for SQL Injection

Vulnerabilities, Test APIs for Cross-Site Scripting (XSS), Fuzzing API Inputs, API Vulnerability

Scanning, Unsafe Consumption of APIs, API for Throttling and Rate Limiting Attacks, GraphQL

Issues, API for Workflows' Circumvention, API for Session Hijacking

• Techniques to Evaluate Firewall Security Implementations
• Techniques to Evaluate IDS Security Implementations
• Techniques to Evaluate the Security of Routers
• Techniques to Evaluate the Security of Switches

Labs:

• Identify and Bypass a Firewall
• Evade Perimeter Defenses Using Social-Engineer Toolkit (SET)
• Perform WAF Fingerprinting

Key topics covered: Testing the Firewall, Locate the Firewall, Enumerate Firewall Access

Control List, Scan the Firewall for Vulnerabilities, Bypass the Firewall, IDS Penetration Testing,

Techniques Used to Evade IDS Systems, Test the IDS Using Different Techniques, Bypass IDS,

Router Testing Issues, Port Scan the Router, Test for Router Misconfigurations, Security

Misconfigurations in Switch, Test for OSPF Performance, Router and Switch Security Auditing Tool

• Windows Pen Testing Methodology
• Techniques to Perform Reconnaissance on a Windows Target
• Techniques to Perform Vulnerability Assessment and Exploit Verification
• Methods to Gain Initial Access to Windows Systems
• Techniques to Perform Enumeration with User Privilege
• Techniques to Perform Privilege Escalation
• Post-Exploitation Activities

Labs:

• Exploit Windows OS Vulnerability
• Exploit and Escalate Privileges on a Windows Operating System
• Gain Access to a Remote System
• Exploit Buffer Overflow Vulnerability on a Windows Machine

Key topics covered: Reconnaissance on Windows, Windows Vulnerability Scanning, Gain

Access to Windows System, Vulnerability Scanning and Exploit Suggestion using Al, Crack

Passwords, Gain Access to Windows Using Remote Shell, Exploit Buffer Overflow Vulnerability

on Windows, Meterpreter Post Exploitation, Escalating Privileges, LIAC Bypass, Antivirus

Evasion, Disable Windows Defender, Setup Backdoor at Boot, Evade Antivirus Detection

• Architecture and Components of Active Directory
• Active Directory Reconnaissance
• Active Directory Enumeration
• Exploit Identified Active Directory Vulnerabilities
• Role of Artificial Intelligence in AD Penetration Testing Strategies

Labs:

• Explore the Active Directory Environment
• Perform Active Directory Enumeration
• Perform Horizontal Privilege Escalation and Lateral Movement
• Retrieve Cached Active Directory Credentials

Key topics covered: Active Directory, Active Directory Components, Active Directory

Reconnaissance, Enumerate Active Directory, Active Directory Service Interfaces (ADSI), Active

Directory Enumeration Tools, Password Spraying Attack, Active Directory Certificate Services

(AD CS), Exchange Server User Enumeration, Exploit Exchange Server, Extract Password

Hashes, Crack NTLM Hashes, Active Directory Exploitation, AD Enumeration using Al

• Linux Exploitation and Penetration Testing Methodologies
• Linux Reconnaissance and Vulnerability Scanning
• Techniques to Gain Initial Access to Linux Systems
• Linux Privilege Escalation Techniques

Labs:

• Perform Reconnaissance and Vulnerability Assessment on Linux
• Gain Access and Perform Enumeration
• Identify Misconfigurations for Privilege Escalation

Key topics covered: IOT, Popular IOT Hacks, IOT Challenges, IOT Penetration Testing, Abstract

IOT Testing Methodology, Attack Surface Mapping, IOT Architecture, Typical IOT Vulnerabilities,

Steps to Analyzing the IOT Hardware, Firmware Attacks, Attack Surface Map, Sample

Architecture Diagram, Sample Firmware Analysis Process, Binwalk to Extract the File System,

Exploring the File System, Firmware Emulation

• Concepts and Methodology for Analyzing Linux Binaries
• Methodologies for Examining Windows Binaries
• Buffer Overflow Attacks and Exploitation Methods
• Concepts, Methodologies, and Tools for Application Fuzzing

Labs:

• Perform Binary Analysis
• Explore Binary Analysis Methodology
• Write an Exploit Code
• Reverse Engineering a Binary
• Identify and Debug Stack Buffer Overflows
• Fuzzing an Application

Key topics covered: Machine Instructions, 32-bit Assembly, ELF Binary, IA-32 Instructions for

Pentesting, Binary Analysis Methodology, Capstone Framework, Static Analysis, Dynamic

Analysis, x86 C Program, Buffer Overflow, Heap Overflow, Memory Corruption Exploits, Cross-

Compile Binaries, Fuzzing, Fuzzing Steps, Types of Fizzers, Debugging, Fuzzing Tools, Building

Fuzzer

• Advanced Lateral Movement Techniques
• Advanced Pivoting and Tunneling Techniques to Maintain Access

Labs:

• Perform Pivoting
• Perform DNS Tunneling and HTTP Tunneling

Key topics covered: Lateral Movement, Pass the Hash (PtH) Attack, Pass the Ticket (PtT)

Attack, Kerberos Attacks, Silver Ticket, Golden Ticket, Kerberoasting, PsExec Metasploit

FrameWork for Lateral Movement, Windows Remote Management (WinRM) for Lateral

Movement, Crack RDP, Pivoting, Pivoting Tools, HTTP Tunneling, DNS Tunneling, ICMP

Tunneling, SSH Tunneling, Port Forwarding

• Fundamental Concepts of IOT Pentesting
• Information Gathering and Attack Surface Mapping
• Analyze IOT Device Firmware
• In-depth Analysis of IOT Software
• Assess the Security of IOT Networks and Protocols
• Post-Exploitation Strategies and Persistence Techniques
• Comprehensive Pentesting Reports

Labs:

• Perform IOT Fireware Acquisition, Extraction, Analysis, and Emulation
• Probe IOT Devices

Key topics covered: IOT Penetration Testing, OWASP Top 10 IOT Threats, OWASP IOT Attack

Surface Areas, IOT Penetration Testing Methodology, Identify IOT Devices, Firmware Analysis,

Extract the Firmware Image, Firmware Extraction, Reverse Engineering Firmware, Static

Analysis of Binaries, Dynamic Analysis of Binaries, IOT Software Analysis, IOT Network and

Protocol Security Testing, Network Traffic Analysis Between Devices, Gateways, and Servers,

Privilege Escalation Techniques in IOT, Lateral Movement Techniques Within IOT Networks, IOT

Penetration Testing Report

• Purpose and Structure of a Penetration Testing Report
• Essential Components of a Penetration Testing Report
• Phases of a Pen Test Report Writing
• Skills to Deliver a Penetration Testing Report Effectively
• Post-Testing Actions for Organizations

Labs:

• Generate Penetration Test Reports

Key topics covered: Characteristics of a Good Pentesting Report, Report Components, Phases

of Report Development, Writing a Draft Report, Report Writing Tools, Delivering the Penetration

Testing Report, Report Retention, Destroying the Report, Sign-off Document, Developing and

Implementing Data Backup Plan, Conducting Training, Retesting and Validation