Penetration testing - Pro

Course at a glance

  • 1600 interactive elearning slides
  • 3 Knowledge Domains
  • Network security
  • System security
  • Web application security
  • Learn the best methodologies
  • Learn how to write a great report
  • 4 hours of video lessons
  • Dedicated forums
  • Labs
  • Qualifies you for 40 CPE credits
  • eCPPT Certification

Course Menu


Penetration testing training course for Professionals

The only intensive Penetration testing training course that finally teaches you everything behind every technique and prepares you at professional pentesting and security auditing.

Paying out of your pocket? Get the subscription plan!

If your company's budget is not paying for your training, we've got you covered.

eLearnSecurity gives you the possibility to enroll in the top-class penetration testing course paying for it a little bit every month.

We don't want to leave you with lower quality courses for a lower price. We made our most advanced course affordable for anyone.

How does it work?

You will be able to pay monthly for 3 months.
The Penetration testing course pro is divided in three main knowledge domains. You will get one domain every month for three months and get billed for it.
So if you don't have the time to go through all the course material immediately you will only pay for what you are actually studying.

There is an initial payment that will get you your login to access the first knowledge domain of our course so you can start studying immediately.

How do I get certified?

You will be able to take the eCPPT Silver exam when you have got the whole course material (the 60th day from the enrollment date).

What do I learn every month?

Now
  • Web application security
  • Introduction to Pentesting web applications
  • Gathering information on target
  • Enumerating resources: dirs, files, usernames
  • Vulnerability Assessment through Nikto and Nessus
  • Building XSS advanced attacks (real world examples)
  • Attacking remote users through BeeF
  • Dumping remote data through advanced SQL Injection (real world examples)
  • Getting root through remote SQL injection
  • Building a real world CSRF exploits against Joomla
  • Exploiting RFI/LFI and server misconfigurations
  • Attacking Web 2.0 and Ajax frameworks (real world examples)
  • Google hacking
  • Backtrack 4 with Labs
I would say this is one of the unique training approaches I have seen so far. The combination of slides, video, hands on examples with the lab to practice some of the techniques makes it very effective. I like the balance of theory and practice.
Nathan Suri, Information Security Architect
CISSP, SCJP, CSSLP

On March 6th:
  • System Security
  • Introduction to system security and environment installation
  • Understanding Polymorphism, Metamorphism and latest malware techniques
  • Writing trojans and keyloggers (3 source code examples)
  • Cryptographic attacks and password cracking
  • Finding buffer overflows
  • Exploiting buffer overflows (3 source code examples)
  • Writing remote code execution for a real world Windows application
  • Writing shellcodes (3 source code examples)
  • How rootkits work
  • Writing rootkits for windows (3 source code examples)
  • Basics of Windows drivers development
 I wish there was something like this in 1999 when I was starting out. The way in which the material is presented is a lot more interactive and interesting than many other courses out there with a good mix of words, images and videos plus a good theory/practical mix too. This makes it a lot easier as many of the topics within infosec can get very dry very fast .

Shaolin Tiger
Founder and owner Darknet.org.uk


On April 6th:
  • Network Security
  • Information gathering on target organization
  • Using DNS, Whois, Maltego to collect information
  • Fingerprinting remote OS, services and devices
  • Advanced port scanning with nmap and unicornscan
  • Passive and Active Sniffing techniques and tools
  • Man in the middle attacks
  • Enumerating resources and hosts through NetBIOS and SNMP
  • Vulnerability assessment with Nessus
  • Exploiting with Metasploit
  • Using covert techniques for 100% blackbox testing: proxies, socks, Tor
  • Information handling guide - How to store and handle pentest project data
  • Reporting Guide - How to effectively write a report of your findings
  • eCPPT Exam Labs on Backtrack 4 - All you need to get certified
Just when you thought you were done, Armando and his course authors added some great extras to the package! This consists of a set of forms to keep track of your scanning and enumeration results, and a 24-page guide on reporting. This guide goes through a full pentest report and potentially what should be in each section. It is one of the best put together documents I have seen for this purpose and is extremely impressive
Jason Haddix, Penetration tester at Redspin
GIAC

Pricing information is available here - Terms and condition to enroll through monthly payments