PTS v3

Penetration Testing Student

Curious about this course?

Enroll now and get access to all of our material and labs!

Plans and Pricing


View enrollment fees for individual students.


Purchase eLearnSecurity courses for your company.

Course at a glance

  • For absolute beginners in IT Security
  • Minimal pre-requisites
  • Provides Networking skills
  • Routing, Forwarding, TCP/IP
  • Analyse traffic with Wireshark
  • Provides Development skills
  • Write your first C program
  • Write your first Python script
  • Provides Penetration testing skills
  • Information gathering
  • Basic usage of nmap and Nessus
  • Basic usage of Metasploit
  • Understanding Buffer Overflows
  • Basics of Web App Pentesting
  • XSS and SQL Injection
  • Burp Suite
  • Prepares for the Penetration Testing Professional Course
  • After obtaining the eJPT certification qualifies you for 40 CPE

Course material

  • 4 hours of HQ video training material
  • 1500+ slides
  • Labs in Hera Lab

Course delivery

  • Self-paced / HTML5, PDF, MP4
  • Off-line access available
  • Access from PC, Tablet and Smartphone

Test drive this course for free

I agree to receive emails from Caendra Inc.


Section: Preliminary Skills - Prerequisites

  • Module 1 : Introduction

    The student will be initially introduced to the information security field. They will then move on studying how cryptography and virtual private networks work. This provides them the required background to connect to Hera Lab for the first time and carry out their first hands-on lab. A binary arithmetic chapter closes the module.

  • Module 2 : Networking

    Computer networks are what make the Internet work, moreover they are a fundamental asset for nearly every business. Understanding networking protocols means being able to spot misconfigurations and vulnerabilities. Moreover a penetration tester with strong networking fundamentals can properly configure tools and scanners to obtain best results.

  • Module 3 : Web Applications

    Web Applications are more complex and pervasive than what many think. This module explains the protocols and technologies behind web applications and prepares the students for web application penetration testing topics. Moreover, students will learn how to study a web application and use the information collected to mount attacks.

  • Module 4 : Penetration Testing

    During this module we will answer fundamental questions like: Who are penetration testers? How do they perform their tasks? What methodology do they follow? Skills and methodology are what differentiate a real professional from an amateur. This chapter explains what methodology to use during an engagement, from the initial engaging phase to the final reporting and consultancy phase.

Section: Preliminary Skills - Programming

  • Module 1 : C++

    This module explains the basics of C++.

  • Module 2 : Python

    This module explains the basics of Python. Moreover, students will learn how to write simple custom pentesting tools.

Section: Penetration Testing

  • Module 1 : Information Gathering

    Information gathering is the most important phase of the overall pentesting engagement. A Penetration tester will use the information collected during this phase to map the attack surface and increase his chances to breach the organization in the same way criminals do. Students will see how to use different sources to perform information gathering phases.

  • Module 2 : Footprinting & Scanning

    This module covers infrastructural information gathering. Remotely identifying operating systems, server applications and clients is of paramount importance to widen the attack surface and prepare the penetration tester for the vulnerability assessment activity and the following exploitation phase.

  • Module 3 : Vulnerability Assessment

    Vulnerability Assessment is the process through which a penetration tester uncovers all the vulnerabilities in a computer system or application. This module explains how vulnerability assessment can be carried out by means of automatic tools or manual investigation.

  • Module 4 : Web Attacks

    This module dissects and explains the most widespread web application vulnerabilities. Students will study the most common web application attacks, starting from the information gathering phase to the exploitation phase. Students will learn how to perform attacks manually and then how to automate them by means of the most used tools.

  • Module 5 : System Attacks

    From malware, through password cracking attacks, up to buffer overflows, students will learn the most common attack vectors used against computer systems nowadays. They will learn which malware they could use during an engagement. The Password Attacks chapter explains how to recover passwords from a compromised machine. Finally, an entire chapter will be dedicated to buffer overflows, one of the most used attack vectors against applications and operating systems.

  • Module 6 : Network Attacks

    This module provides a comprehensive explanation of the most common and historical remote attacks. Students will learn attack techniques against authentication services, Windows file sharing and network devices. Every attack technique can be tested in a hands-on lab. The last two chapters explain in theory and in practice, how to use Metasploit and Meterpreter to automate attacks and penetration testing techniques.

Download PDF Syllabus


  • Basics of computing and computer science
  • Basics of Computer Security topics although not mandatory

This training course is for...

  • IT personnel / students
  • IT Security passionates
  • Junior Pentesters


The most sophisticated virtual lab on Penetration Testing is now made available to all the students of the Student v3 training course.

Labs scenarios have been specifically created for this training course.

The student will connect in VPN to the remote virtual lab network where vulnerable workstations/servers will be made available for test.

Lab IDDescriptionCategory
Lab 1 HTTP(S) Traffic Sniffing Preliminary Skills
Lab 2 Find the secret server Preliminary Skills
Lab 3 Burp Suite Preliminary Skills
Lab 4 Scanning and OS fingerprinting Penetration Testing
Lab 5 Nessus Penetration Testing
Lab 6 Dirbuster Penetration Testing
Lab 7 Cross site scripting Penetration Testing
Lab 8 SQL Injection Penetration Testing
Lab 9 Bruteforce and Password Cracking Penetration Testing
Lab 10 Null Sessions Penetration Testing
Lab 11 ARP Poisoning Penetration Testing
Lab 12 Metasploit Penetration Testing


Get the eJPT Certification

The eJPT designation stands for eLearnSecurity Junior Penetration Tester. eJPT is a 100% practical certification on penetration testing and information security essentials. By passing the challenging exam and obtaining the eJPT certificate, a penetration tester can prove their skills in the fastest growing area of information security

Learn more


  • Armando Romeo
    Armando Romeo

    Armando Romeo is the founder and CEO of eLearnSecurity. Prior to founding eLearnSecurity he has spent 5 years in web application security research with hundreds of vulnerability advisories released. Armando currently leads the R&D team and inspires new projects and new training activities.

  • Francesco Stillavato
    Francesco Stillavato

    His experience spans from web application secure coding to secure network design. He has contributed to the Joomla project as a Developer and has conducted a number of assessments as a freelance. Francesco Stillavato's research is now focused on Mobile Application Penetration Testing on Android and iOS. Publications: Francesco is the co-author of the Penetration testing course Professional, Mobile Application Security and Penetration Testing, Penetration Testing Student and author of all Hera Lab scenarios.

  • Davide Girardi
    Davide Girardi

    Davide Girardi has 9 years of experience in attacking and defending enterprise systems and networks. Davide has a strong technical background on network security and efficiency. Davide's research focuses on exploit development and advanced attacks. He is co-author of the Penetration Testing Student and author of many Hera Lab scenarios.

Enroll now and get access to all of our material and labs!


I found the material to be challenging and informative, but the best part is content delivery. Hands down the best delivery of pentesting content I have experienced to date.

Ken Richmond
System Analyst

This course provided beginning, intermediate and advanced Penetration Testing exercises. I was able to progress at my own pace and develop a deeper understanding of this skills and knowledge to further my career in information security. I was challenged and pleased to be presented with a course that was designed with simplicity, but maintained techniques that were informative and industry guided. I refer backing to the training often to clarify my understanding. Overall the student course was sophisticated and efficient to increase my knowledge in the Penetration testing arena. I would recommend enrolling in courses provided by eLearnSecurity.

Chris Matthews

I think that eLearnSecurity course is the best course suited for the beginners in the penetration testing field. It is well made, not expensive and it will explain all the topics in a clear manner. Thanks!

Lucian Andrei

The student course is very comprehensive and covers more than the required aspects of the modules. The interface is easy to use and the videos included are very helpful in giving you a step by step guide for the more complex tasks. I would highly recommend it to anyone looking to start in penetration testing and puts you in a good position to start a career in the area of penetration testing.

Theodore Judice
Osaze Systems IT Consulting

If penetration testing is what you are looking for, then look no further than the eLearnSecurity team. The resources were second to none and the knowledge the guys have got is amazing. This is the best course that I have taken by far.

Daniel Morris

Go to top of page