Curriculum
Ultimate PenTest Boot Camp
Duration: 5 days
About the Course
The boot camp offers a deep dive into ethical hacking. This 5-day intensive boot camp is not just about theory — it’s about hands-on examples of penetration testing, the methodologies needed to perform them, and the cutting-edge tools required to get the job done.
This training is comprised of the following courses designed to prepare for you to earn security certifications.
- CSP – Certified Security Principles
- CPEH – Certified Professional Ethical Hacker
- CPTE – Certified Penetration Testing Engineer
- CPTC – Certified Penetration Testing Consultant
Audience Profile
- Pen Testers
- Ethical Hackers
- Network Auditors
- Cybersecurity Professionals
- Vulnerability Assessors
- Cybersecurity Managers / Administrators
- IS Security Officers / Managers
What’s included?
- Authorized Courseware
- Intensive Hands on Skills Development with an Experienced Subject Matter Expert
- Hands-on practice on real Servers and extended lab support 1.800.482.3172
- Examination Vouchers & Onsite Certification Testing- (excluding Adobe and PMP Boot Camps)
- Academy Code of Honor: Test Pass Guarantee
- Optional: Package for Hotel Accommodations, Lunch and Transportation
With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.
Methods
- Instructor-Led (the best training format we offer)
- Live Online Classroom – Online Instructor-Led
- Self-Paced Video
Speak to an Admissions Representative for complete details
Start | Finish | Public Price | Public Enroll | Private Price | Private Enroll |
---|---|---|---|---|---|
9/23/2024 | 9/27/2024 | ||||
10/14/2024 | 10/18/2024 | ||||
11/4/2024 | 11/8/2024 | ||||
11/25/2024 | 11/29/2024 | ||||
12/16/2024 | 12/20/2024 | ||||
1/6/2025 | 1/10/2025 | ||||
1/27/2025 | 1/31/2025 | ||||
2/17/2025 | 2/21/2025 | ||||
3/10/2025 | 3/14/2025 | ||||
3/31/2025 | 4/4/2025 | ||||
4/21/2025 | 4/25/2025 | ||||
5/12/2025 | 5/16/2025 | ||||
6/2/2025 | 6/6/2025 | ||||
6/23/2025 | 6/27/2025 | ||||
7/14/2025 | 7/18/2025 | ||||
8/4/2025 | 8/8/2025 | ||||
8/25/2025 | 8/29/2025 | ||||
9/15/2025 | 9/19/2025 | ||||
10/6/2025 | 10/10/2025 | ||||
10/27/2025 | 10/31/2025 | ||||
11/17/2025 | 11/21/2025 | ||||
12/8/2025 | 12/12/2025 | ||||
12/29/2025 | 1/2/2026 |
Curriculum
CSP – Certified Security Principles Outline:
Module 1 – Introduction to IT Security
- Understanding Security
- Responsibilities
- Building a Security Program
- CIA Triad
- Governance, Risk, Compliance
- State of Security Today
Module 2 – Risk Management
- Risk Management
- Risk Assessment
- Types of Risk, Threats and Vulnerabilities
- Mitigating Attacks
- Discovering Vulnerabilities and Threats
- Responding to Risk
Module 3 – Understanding of Cryptography
- Understanding Cryptography
- Symmetric Encryption
- Asymmetric Encryption
- Hashing
- PKI
- Cryptography in Use
Module 4 – Understanding Identity and Access Management
- Identity Management
- Authentication Techniques
- Single Sign-on
- Access Control Monitoring
Module 5 – Managing Data Security
- Virtualization Principles
- Key Components Mapped to Cloud Layer
- Key Security Concerns
- Other Technologies Used in the Cloud
- The Layers
- Relevant CCM Controls
Module 6 – Data Security
- Different Types of Storage
- Encryption Options
- Data Management
Module 7 – Managing Server/Host Security
- The Operating Systems
- Hardening the OS
- Physical security
- Virtualization and Cloud Technologies
Module 8 – Application Security for Non-Developers
- Application Security Principle
- Software Development Life Cycle
- OWASP Top 10
- Hardening Web Applications
- Patch/Update/Configuration Management
Module 9 – Understanding Mobile Device Security (IoT)
- What Devices are we talking about?
- What is the risk?
- Hardening Mobile/IoT Devices
- Corporate Management
Module 10 – Managing Day to Day Security
- Company Responsibilities
- Product Management
- Business Continuity Basics
- Incident Response
- Why Train?
Module 11 – Understating Compliance and Auditing
- Benefits of Compliance
- Assurance Frameworks
- What is Auditing
CPEH – Certified Professional Ethical Hacker Outline:
Lesson 1: Security Fundamentals
Lesson 2: Access Controls
Lesson 3: Protocols
Lesson 4: Cryptography
Lesson 5: Why Vulnerability Assessments
Lesson 6: Vulnerability Tools of the Trade
Lesson 7: Output Analysis and Reports
Lesson 8: Reconnaissance, Enumeration & Scanning
Lesson 9: Gaining Access
Lesson 10: Maintaining Access
Lesson 11: Covering Tracks
Lesson 12: Malware
Lesson 13: Buffer Overflows
Lesson 14: Password Cracking
CPTE – Certified Penetration Testing Engineer Outline
Lesson 1: Business & Technical Logistics of Pen Testing
Lesson 2: Linux Fundamentals
Lesson 3: Information Gathering
Lesson 4: Detecting Live Systems
Lesson 5: Enumeration
Lesson 6: Vulnerability Assessments
Lesson 7: Malware Goes Undercover
Lesson 8: Windows hacking
Lesson 9: Hacking UNIX/Linux
Lesson 10: Advanced Exploitation Techniques
Lesson 11: Pen Testing Wireless Networks
Lesson 12: Networks, Sniffing, and IDS
Lesson 13: Injecting the Database
Lesson 14: Attacking Web Technologies
Lesson 15: Project Documentation
Lesson 16: Securing Windows s/ Powershell
Lesson 17: Pen Testing w/Powershell
CPTC – Certified Penetration Testing Consultant Outline
Module 1 – Pentesting Team Formation
- Section 1 – Project Management
- Section 2 – Pentesting Metrics
- Section 3 – Team Roles, Responsibilities and Benefits
- Lab Exercise – Skills Assessment
Module 2 – NMAP Automation
- Section 1– NMAP Basics
- Section 2 – NMAP Automation
- Section 3 – NMAP Report Documentation
- Lab Exercise – Automation Breakdown
Module 3 – Exploitation Process
- Section 1 – Purpose
- Section 2 – Countermeasures
- Section 3 – Evasion
- Section 4 – Precision Strike
- Section 5 – Customized Exploitation
- Section 6 – Tailored Exploits
- Section 7 – Zero Day Angle
- Section 8 – Example Avenues of Attack
- Section 9 – Overall Objective of Exploitation
Module 4 – Fuzzing with Spike
- Section 1 – Vulnserver
- Section 2 – Spike Fuzzing Setup
- Section 3 – Fuzzing a TCP Application
- Section 4 – Custom Fuzzing Script
- Lab Exercise – Fuzzing with Spike
Module 5 – Simple Buffer Overflow
- Section 1 – Exploit-DB
- Section 2 – Immunity Debugger
- Section 3 – Python
- Section 4 – Shellcode
- Lab Exercise – Let’s Crash and Callback
Module 6 – Stack Based Windows Buffer Overflow
- Section 1 – Debugger
- Section 2 – Vulnerability Research
- Section 3 – Control EIP, Control the Crash
- Section 4 – JMP ESP Instruction
- Section 5 – Finding the Offset
- Section 6 – Code Execution and Shellcode
- Section 7 – Does the Exploit Work?
- Lab Exercise – MiniShare for the Win
Module 7 – Web Application Security and Exploitation
- Section 1 – Web Applications
- Section 2 – OWASP Top 10 – 2017
- Section 3 – Zap
- Section 4 – Scapy
Module 8 – Linux Stack Smashing
- Section 1 – Exploiting the Stack on Linux
- Lab Exercise – Stack Overflow. Did we get root?
Module 9 – Linux Address Space Layout Randomization
- Section 1 – Stack Smashing to the Extreme
- Lab Exercise – Defeat Me and Lookout ASLR
- Section 1 – Introduction to Windows Exploit Protection
- Section 2 – Structured Exception Handling
- Section 3 – Data Execution Prevention (DEP)
- Section 4 – SafeSEH/SEHOP
Module 11 – Getting Around SEH and ASLR (Windows)
- Section 1 – Vulnerable Server Setup
- Section 2 – Time to Test it Out
- Section 3 – “Vulnserver” meets Immunity
- Section 4 – VulnServer Demo
- Lab Exercise – Time to overwrite SEH and ASLR
Module 12 – Penetration Testing Report Writing
- Section 1 – Reporting