The Advanced Penetration Testing Course by EC-Council was created as the progression after the ECSA (Practical) to prepare those that want to challenge the Licensed Penetration Tester (Master) certification and be recognized as elite penetration testing professionals. Our training has been designed by the best in the industry and meant to push you to develop the kind of skill that you’ve been waiting to acquire.
We want to bring out the best in you. Our aim is to push you to your limit while making you solve complex problems that actual penetration testers solve daily in the real world. For four punishing and long days, you will have to perform various tasks until it becomes second nature. This is the foundation of the program.
This program is radically different from the ECSA. In the ECSA course, you are provided guidance on what machines to attack and an initial starting point. In the Advanced Penetration Testing Course, you are presented with minimal network information along with a Scope of Work (SOW). The course was created to provide you with advanced concepts that will help when it comes to attempting the LPT (Master) Certification exam.
In this course you will learn professional security and penetration testing skills. The course is designed to show advanced concepts like scanning against defenses, pivoting between networks, deploying proxy chains, and using web shells. The last module of the course includes an SOW for each of the various networks we have created for the course. This, combined with the composition of various ranges, mimics a professional penetration test. Time is limited and you will be required to identify the attack surface followed by the weaknesses of the machines that are on the network.
LPT (Master) certified professionals can:
- Demonstrate a repeatable and measurable approach to Penetration Testing
- Perform advanced techniques and attacks to identify SQL injection, Cross site scripting (XSS), LFI, RFI vulnerabilities in web applications
- Get access to proprietary EC-Council Penetration Testing methodologies
- Exploit vulnerabilities in Operating systems such as Windows, Linux
- Perform privilege escalation to gain root access to a system Demonstrate ‘Out-of-the-box’ and ‘lateral’ thinking
- Identify and bypass perimeter protections
- Perform Perl, Python and Ruby scripting for the penetration tester
- Perform advanced post exploitation and persistence tests
- Demonstrate extending Metasploit with custom modules and exploits
- Demonstrate pivoting from external into internal networks
- Avoid the most common mistakes when drafting a professional penetration testing report
Module 01: Introduction to Vulnerability Assessment and Penetration Testing
Module 02: Information Gathering Methodology
Module 03: Scanning and Enumeration
Module 04: Identify Vulnerabilities
Module 05: Explotation
Module 06: Post Exploitation
Module 07: Advanced Tips and Techniques
Module 08: Preparing a Report
Module 09: Practice Ranges