Courses

    Pages & Posts

      • IT Training
        • Amazon Cloud (AWS)
        • Analytics and Big Data
        • Blockchain
        • Cisco
        • Citrix
        • Cloud Computing
        • CompTIA Certification
        • Cybersecurity
        • Deep Learning and AI
        • Development Tools
        • DevOps
        • F5
        • FlexPod
        • IBM
        • IT Security
        • Java
        • Juniper Networks
        • Linux
        • Microsoft
        • Mobile Computing
        • NetApp
        • Oracle
        • Salesforce
        • VMware
        • Web Development, HTML, and JavaScript
        • WebSphere
      • Business Training
        • Business Analysis
        • Enterprise Architecture
        • HIPAA Certification & Training
        • IT Governance
        • ITIL® Certification
        • Project Management
        • Salesforce
        • Scrum & Agile
        • Seminars
      • Services
        • APM Practice
        • Authorized Cisco Training
        • BPM Practice
        • Distance Learning
        • ITIL Certification
        • Linux Certification Training
        • Media Security Solutions
        • Microsoft 365
        • Microsoft Official Courses On Demand
        • Microsoft Professional Program
        • NetApp Training
        • NIST Cybersecurity Framework
        • Salesforce Training
        • Training Facilities
        • Visual Studio TFS Training
        • Enterprise Training Solutions
        • Room Rentals
        • State & Local Government
      • Student Resources
        • Navigating Babbage Simmel Academy Courses
        • Ohio Workforce Training Voucher Program
        • Student Guide / Daily Schedule
        • College Credits / Tuition Reimbursement
        • Career Programs (WIA)
        • Student Policies
        • Testing & Certifications
        • Promotions
        • Local Hotels
        • Local Restaurants
      • Certified Penetration Testing Consultant

      Course Details

      Download PDF
      C)PTC
      4 Days
      05/20/2019 $3,500.00
      Sign Up for This Class

      Certified Penetration Testing Consultant

      Share this course

      Tweet Share
      babsimLIVE Delivery

      The vendor-neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in taking an in-depth look into specific Penetration tests and techniques against operating systems.  This course will teach you the necessary skills to work as a penetration testing team, the exploitation process, how to create a buffer overflow against programs running on Window and Linux while subverting features such as DEP and ASLR. This course will guide you through OWASP Top 10, teach you how to create shellcode to gain remote code execution, and understand and build different proof of concept code based on exploits pulled from exploit-db and testing using a debugger.  The course starts by explaining how to build the right penetration testing team, covers scanning with NMAP, leading into the exploitation process, a little fuzzing with spike to help guide our proof of concept code, writing buffer overflows, understanding OWASP, Linux stack smashing, Windows exploit protection and getting around those protection methods, a section on report writing, and capping off the course with a scenario that will you’re your skills as a penetration testing team. 


      This course uses in-depth lab exercises after most modules. Students may spend 16 hours+ performing labs that emulate a real-world Pen Testing and exploit development.


      Upon completion, Certified Penetration Testing Consultant students will be able to both establish an industry acceptable pen testing process as well as be prepared to competently take the C)PTC exam.  

      • Course Outline
      • Audience
      • Available Dates

      Course Outline

      Module 1 – Pentesting Team Formation

      • Section 1 – Project Management
      • Section 2 – Pentesting Metrics
      • Section 3 – Team Roles, Responsibilities and Benefits
      • Lab Exercise – Skills Assessment 

      Module 2 – NMAP Automation

      • Section 1– NMAP Basics
      • Section 2 – NMAP Automation
      • Section 3 – NMAP Report Documentation
      • Lab Exercise – Automation Breakdown

      Module 3 – Exploitation Process  

      • Section 1 – Purpose
      • Section 2 – Countermeasures
      • Section 3 – Evasion
      • Section 4 – Precision Strike
      • Section 5 – Customized Exploitation
      • Section 6 – Tailored Exploits
      • Section 7 – Zero Day Angle
      • Section 8 – Example Avenues of Attack
      • Section 9 – Overall Objective of Exploitation 

      Module 4 – Fuzzing with Spike

      • Section 1 – Vulnserver
      • Section 2 – Spike Fuzzing Setup
      • Section 3 – Fuzzing a TCP Application
      • Section 4 – Custom Fuzzing Script
      • Lab Exercise – Fuzzing with Spike 

      Module 5 – Simple Buffer Overflow

      • Section 1 – Exploit-DB
      • Section 2 – Immunity Debugger
      • Section 3 – Python
      • Section 4 - Shellcode
      • Lab Exercise – Let’s Crash and Callback

      Module 6 – Stack Based Windows Buffer Overflow

      • Section 1 – Debugger
      • Section 2 – Vulnerability Research
      • Section 3 – Control EIP, Control the Crash
      • Section 4 – JMP ESP Instruction
      • Section 5 –  Finding the Offset
      • Section 6 – Code Execution and Shellcode
      • Section 7 – Does the Exploit Work?
      • Lab Exercise – MiniShare for the Win 

      Module 7 – Web Application Security and Exploitation  

      • Section 1 – Web Applications
      • Section 2 – OWASP Top 10 - 2017
      • Section 3 – Zap
      • Section 4 – Scapy

      Module 8 – Linux Stack Smashing

      • Section 1 – Exploiting the Stack on Linux
      • Lab Exercise – Stack Overflow. Did we get root?

      Module 9 – Linux Address Space Layout Randomization  

      • Section 1 –   Stack Smashing to the Extreme
      • Lab Exercise – Defeat Me and Lookout ASLR 

      Module 10 – Windows Exploit Protection  

      • Section 1 – Introduction to Windows Exploit Protection
      • Section 2 -  Structured Exception Handling
      • Section 3 – Data Execution Prevention (DEP)
      • Section 4 – SafeSEH/SEHOP 

      Module 11 – Getting Around SEH and ASLR (Windows)

      • Section 1 – Vulnerable Server Setup
      • Section 2 –  Time to Test it Out
      • Section 3 - “Vulnserver” meets Immunity
      • Section 4 – VulnServer Demo
      • Lab Exercise – Time to overwrite SEH and ASLR 

      Module 12 – Penetration Testing Report Writing

      • Section 1 –  Reporting

      LABORATORY EXERCISES

      Lab 1: Skills Assessment

      Lab 2: Automation Breakdown

      Lab 3: Fuzzing with Spike

      Lab 4: Let’s Crash and Callback

      Lab 5: MiniShare for the Win

      Lab 6: Stack Overflow. Did we get root?

      Lab 7: Defeat Me and Lookout ASLR

      Lab 8: Time to overwrite SEH and ASLR

      Audience

      WHO SHOULD ATTEND?

      • IS Security Officers
      • Cyber Security Managers/Admins
      • Penetration Testers
      • Ethical Hackers 
      • Auditors

      Prerequisites:

      • C)PTE or equivalent knowledge
      • A minimum of 24 months experience in Networking Technologies
      • Sound knowledge of TCP/IP
      • Computer hardware knowledge

      Available Course Dates

      05/20/2019 9:00 am - 05/24/2019 5:00 pm babsimLive Delivery
      Click here to sign up for this class

      Related Courses

      Certified Penetration Testing Consultant...

      The vendor-neutral Certified Penetration Testing Consultant course is designed f...

      View course details

      Certified Penetration Testing Engineer...

      The vendor-neutral Certified Penetration Testing Engineer certification course i...

      View course details

      Certified Professional Ethical Hacker...

      The Certified Professional Ethical Hacker vendor-neutral certification course is...

      View course details

      College Credit, CEUs, PDUs and CDUs
      When you take courses with the Babbage Simmel, be sure you get the credit you deserve. Curriculum offered by Babbage Simmel can earn you college credit, CEUs, PDUs or CDUs.

      College Credit
      Select curriculum offered by Babbage Simmel is part of the accredited Ashland University undergraduate course catalogs. For questions please E-Mail: info@babsim.com or call 614-481-4345.

      Continuing Education Units (CEUs)
      Continuing Education Units (CEUs) are nationally recognized standard units of measurement earned for satisfactory completion of qualified programs of continuing education. If you need more information about CEUs, please E-Mail: info@babsim.com or call 614-481-4345.

      Professional Development Units (PDUs)
      Professional Development Units (PDUs) can be issued by PMI® for formal learning activities related to project management. Project Management Professionals (PMPs®) are required to earn a minimum of 60 PDUs every 3 years to maintain certification. For more information about this program go to the PMI® web site or call 1-855 746 4849.

      Continuing Development Units (CDUs)
      CDUs may be earned by attending professional development (e.g. courses, seminars) offered by organizations endorsed by IIBA® and designated as an EEP vendor. As an IIBA Endorsed Education Provider (EEP) Babbage Simmel's IIBA® endorsed courses qualify for CDU credit. For more information about CDUs go the IIBA® web site or call 1-647-426-3735.

      Our babsimLIVE distance learning brings the classroom learning experience to you by seating you virtually into a real-life instructor-led classroom taught by award winning world-class instructors with other IT professionals like yourself. From the comfort of your home, workplace, or at the Babbage Simmel Columbus Campus, you acquire the training you need, when you want it, in the environment that is most comfortable for you to be successful.

      About Us Contact Us Blog Find A Course

      © Copyright 2019 • Babbage Simmel. All Rights Reserved. Columbus Web Design by Jetpack | Privacy Policy