Our classes are always live and instructor led from our Exton, PA or EPIC Partner locations. Springhouse AnywhereLive options require Internet Access. Select classes are Guaranteed to Run (GTR). View our complete schedule policies.
The vendor neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in taking an in-depth look into specific Penetration tests and techniques against operating systems. This course will teach you the necessary skills to work as a penetration testing team, the exploitation process, how to create a buffer overflow against programs running on Window and Linux while subverting features such as DEP and ASLR. This course will guide you through OWASP Top 10, teach you how to create shellcode to gain remote code execution, and understand and build different proof of concept code based on exploits pulled from exploit-db and testing using a debugger. The course starts by explaining how to build the right penetration testing team, covers scanning with NMAP, leading into the exploitation process, a little fuzzing with spike to help guide our proof of concept code, writing buffer overflows, understanding OWASP, Linux stack smashing, Windows exploit protection and getting around those protection methods, a section on report writing, and capping off the course with a scenario that will you're your skills as a penetration testing team.
This course uses in-depth lab exercises after most modules. Students may spend 16 hours+ performing labs that emulate a real-world Pen Testing and exploit development.
- IS Security Officers
- Cyber Security Managers/Admins
- Penetration Testers
- Ethical Hackers
Upon completion, Certified Penetration Testing Consultant students will be able to both establish an industry acceptable pen testing process as well as be prepared to competently take the C)PTC exam.
- C)PTE or equivalent knowledge
- A minimum of 24 months experience in Networking Technologies
- Sound knowledge of TCP/IP
- Computer hardware knowledge
Exams & Certifications
The Certified Penetration Testing Consultant exam consists of two parts. Part 1 is taken online through Mile2's Assessment and Certification System ("MACS"), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. Part 2 is a multi-hour practical exam in which students are expected to penetrate between 3 - 5 targets (2 buffer overflows (ASLR and DEP enabled for one), 1 Linux local exploit + priv esc and 1 web exploit) and then create and provide a detailed penetration testing report to mile2.
- Student Workbook
- Student Lab Guide
- Student Prep Guide
Module 1: Pen Testing Team Formation
Module 2: NMAP Automation
Module 3: Exploitation Process
Module 4: Fuzzing with Spike
Module 5: Simple Buffer Overflow
Module 6: Stack Based Windows Buffer Overflow
Module 7: Web Application Security and Exploitation
Module 8: Linux Stack Smashing
Module 9: Linux Address Space Layout Randomization
Module 10: Windows Exploit Protection
Module 11: Getting Around SEH and ASLR
Module 12: Penetration Testing Report Writing