Certified Penetration Testing Professional (CPENT)

EC-Council CPENT Training and Certification Course

The Certified Penetration Testing Professional or CPENT is a high-level designation hosted by EC-Council for elite penetration testers. The CPENT training program is developed by industry experts to sharpen the advanced penetration skills of candidates. The training course will help you understand how to perform penetration testing on modern-day enterprise networks, inclusive of IoT systems and OT systems. You will learn to write your own exploits, build your own tools, double pivoting, conduct binary exploitations, customize scripts, and much more. After the successful completion of the training, you will be best-equipped to earn the CPENT designation.

Overview

• Ethical Hackers
• Penetration Testers
• Network server administrators
• Firewall Administrators
• Security Testers
• System Administrators and Risk Assessment professionals

• Pre-requisites

  The candidate must be CND & CEHv11/CEHv10 certified & should have a good understanding of Pen testing.

  Exam Information

  • The exam can be given in 2 ways:
    • 12-hour sessions
    • single 24-hour exam
  • Minimum passing percentage is 70%.
  • And if you score 90%, then you get Licensed Penetration Tester (LPT) Designation

   

   My Company

  CPENT Course Objectives

  • Advanced Windows Attacks: The challenge aims to test the knowledge of PowerShell of the candidate, where the latter is required to use PowerShell bypass techniques along with other methods to gain access to a windows machine that has defenses in place.
  • Attacking IoT Systems: CPENT is the first certification to introduce hacking IoT devices that starts with searching the device, gaining access, identifying firmware, extraction, and performing reverse engineering.
  • Advanced Binaries Exploitation: Penetration testers are required to gain access to the system and look for flawed binaries, use reverse engineering, and write exploits for privilege escalation.
  • Bypassing a Filtered Network: In a segmented architecture, the challenger has to identify the filtering of the architecture, then leverage this to gain access to the web applications by compromising it, and then extract the required data
  • Pentesting Operational Technology (OT): The challenge is to again a first of its kind in a penetration testing certification. The tester has to gain access to a dedicated OT network and perform modifications in the existing data by penetrating from the IT network side.
  • Access Hidden Networks with Pivoting: Tester has to penetrate into the direct network by identifying the filtering rules and then attempt pivots, through a filter, into the hidden network using single pivoting methods.
  • Double Pivoting: Quoting EC-Council, “CPENT is the first certification in the world that requires you to access hidden networks using double pivoting.” This challenge tests the skills of the tester as the pivot has to be set up manually.
  • Attack Automation with Scripts: The challenge requires the tester to use advanced penetration techniques and scripting using languages like Perl, Python, Ruby, PowerShell, BASH, and use techniques like Metasploit and Fuzzing techniques.
  • Weaponize Your Exploits: This allows the testers to use their coding skills and carry their own tools to complete the challenge.

CPENT Certification Training Course consists of 14 modules and tests the abilities of a penetration tester in almost all the vectors of cybersecurity, some of which have been introduced for the first time in any penetration certification

• Module 01: Introduction to Penetration Testing
• Module 02: Penetration Testing Scoping and Engagement
• Module 03: Open Source Intelligence (OSINT)
• Module 04: Social Engineering Penetration Testing
• Module 05: Network Penetration Testing – External
• Module 06: Network Penetration Testing– Internal
• Module 07: Network Penetration Testing – Perimeter Devices
• Module 08: Web Application Penetration Testing
• Module 09: Wireless Penetration Testing
• Module 10: IoT Penetration Testing
• Module 11: OT/SCADA Penetration Testing
• Module 12: Cloud Penetration Testing
• Module 13: Binary Analysis and Exploitation
• Module 14: Report Writing and Post Testing Actions

• This course is 100% mapped with the NICE framework.
• This course is a methodology-based penetration testing program.
• This Course Combines both manual and automated penetration testing methods.
• This Course is designed with the most common penetration testing practices offered by the best service providers.
• Helps to get the job role of Penetration Tester and Security Analyst.
• It helps to learn strong reporting writing.
• Students learn real-world experience through an Advanced Penetration Testing Range.