PTS comes with life-time access to course material and flexible access to the world's best virtual labs on Penetration Testing : Hera Lab
Enroll now and get access to all of our material and labs!
The student will be initially introduced to the information security field. They will then move on studying how cryptography and virtual private networks work. This provides them the required background to connect to Hera Lab for the first time and carry out their first hands-on lab. A binary arithmetic chapter closes the module.
Computer networks are what make the Internet work, moreover they are a fundamental asset for nearly every business. Understanding networking protocols means being able to spot misconfigurations and vulnerabilities. Moreover a penetration tester with strong networking fundamentals can properly configure tools and scanners to obtain best results.
Web Applications are more complex and pervasive than what many think. This module explains the protocols and technologies behind web applications and prepares the students for web application penetration testing topics. Moreover, students will learn how to study a web application and use the information collected to mount attacks.
During this module we will answer fundamental questions like: Who are penetration testers? How do they perform their tasks? What methodology do they follow? Skills and methodology are what differentiate a real professional from an amateur. This chapter explains what methodology to use during an engagement, from the initial engaging phase to the final reporting and consultancy phase.
This module explains the basics of C++.
This module explains the basics of Python. Moreover, students will learn how to write simple custom pentesting tools.
Information gathering is the most important phase of the overall pentesting engagement. A Penetration tester will use the information collected during this phase to map the attack surface and increase his chances to breach the organization in the same way criminals do. Students will see how to use different sources to perform information gathering phases.
This module covers infrastructural information gathering. Remotely identifying operating systems, server applications and clients is of paramount importance to widen the attack surface and prepare the penetration tester for the vulnerability assessment activity and the following exploitation phase.
Vulnerability Assessment is the process through which a penetration tester uncovers all the vulnerabilities in a computer system or application. This module explains how vulnerability assessment can be carried out by means of automatic tools or manual investigation.
This module dissects and explains the most widespread web application vulnerabilities. Students will study the most common web application attacks, starting from the information gathering phase to the exploitation phase. Students will learn how to perform attacks manually and then how to automate them by means of the most used tools.
From malware, through password cracking attacks, up to buffer overflows, students will learn the most common attack vectors used against computer systems nowadays. They will learn which malware they could use during an engagement. The Password Attacks chapter explains how to recover passwords from a compromised machine. Finally, an entire chapter will be dedicated to buffer overflows, one of the most used attack vectors against applications and operating systems.
This module provides a comprehensive explanation of the most common and historical remote attacks. Students will learn attack techniques against authentication services, Windows file sharing and network devices. Every attack technique can be tested in a hands-on lab. The last two chapters explain in theory and in practice, how to use Metasploit and Meterpreter to automate attacks and penetration testing techniques.
The most sophisticated virtual lab on Penetration Testing is now made available to all the students of the Student v3 training course.
Labs scenarios have been specifically created for this training course.
The student will connect in VPN to the remote virtual lab network where vulnerable workstations/servers will be made available for test.
|Lab 1||HTTP(S) Traffic Sniffing||Preliminary Skills|
|Lab 2||Find the secret server||Preliminary Skills|
|Lab 3||Burp Suite||Preliminary Skills|
|Lab 4||Scanning and OS fingerprinting||Penetration Testing|
|Lab 5||Nessus||Penetration Testing|
|Lab 6||Dirbuster||Penetration Testing|
|Lab 7||Cross site scripting||Penetration Testing|
|Lab 8||SQL Injection||Penetration Testing|
|Lab 9||Bruteforce and Password Cracking||Penetration Testing|
|Lab 10||Null Sessions||Penetration Testing|
|Lab 11||ARP Poisoning||Penetration Testing|
|Lab 12||Metasploit||Penetration Testing|
The eJPT designation stands for eLearnSecurity Junior Penetration Tester. eJPT is a 100% practical certification on penetration testing and information security essentials. By passing the challenging exam and obtaining the eJPT certificate, a penetration tester can prove their skills in the fastest growing area of information security
Armando Romeo is the founder and CEO of eLearnSecurity. Prior to founding eLearnSecurity he has spent 5 years in web application security research with hundreds of vulnerability advisories released. Armando currently leads the R&D team and inspires new projects and new training activities.
His experience spans from web application secure coding to secure network design. He has contributed to the Joomla project as a Developer and has conducted a number of assessments as a freelance. Francesco Stillavato's research is now focused on Mobile Application Penetration Testing on Android and iOS. Publications: Francesco is the co-author of the Penetration testing course Professional, Mobile Application Security and Penetration Testing, Penetration Testing Student and author of all Hera Lab scenarios.
Davide Girardi has 9 years of experience in attacking and defending enterprise systems and networks. Davide has a strong technical background on network security and efficiency. Davide's research focuses on exploit development and advanced attacks. He is co-author of the Penetration Testing Student and author of many Hera Lab scenarios.
Enroll now and get access to all of our material and labs!
I found the material to be challenging and informative, but the best part is content delivery. Hands down the best delivery of pentesting content I have experienced to date.
This course provided beginning, intermediate and advanced Penetration Testing exercises. I was able to progress at my own pace and develop a deeper understanding of this skills and knowledge to further my career in information security. I was challenged and pleased to be presented with a course that was designed with simplicity, but maintained techniques that were informative and industry guided. I refer backing to the training often to clarify my understanding. Overall the student course was sophisticated and efficient to increase my knowledge in the Penetration testing arena. I would recommend enrolling in courses provided by eLearnSecurity.
I think that eLearnSecurity course is the best course suited for the beginners in the penetration testing field. It is well made, not expensive and it will explain all the topics in a clear manner. Thanks!
The student course is very comprehensive and covers more than the required aspects of the modules. The interface is easy to use and the videos included are very helpful in giving you a step by step guide for the more complex tasks. I would highly recommend it to anyone looking to start in penetration testing and puts you in a good position to start a career in the area of penetration testing.
Osaze Systems IT Consulting
If penetration testing is what you are looking for, then look no further than the eLearnSecurity team. The resources were second to none and the knowledge the guys have got is amazing. This is the best course that I have taken by far.