eLearnSecurity

Training Paths

eLearnSecurity Training Paths are designed to help you become proficient in industry-standard roles outlined in the NICE Cybersecurity Workforce Framework by NIST. These combinations of Elite Edition courses from the eLearnSecurity catalog are designed by our experts and IT Security researchers as a guide. Training paths can easily be integrated into corporate education plans.

You'll benefit from a volume discount when enrolling in several courses at once, and can still add or remove individual courses at time of enrollment. Click on a green "Enroll as Individual" button below to see how that works. If you complete a path by obtaining all the certifications in it, you'll receive lifetime course-updates for those courses at no cost. More details in the F.A.Q.

Network Pentester

Enroll in this path as

The Network Pentester path is the most advanced and hands-on training path on network penetration testing in the market. This training path starts by teaching you the fundamentals of networking and penetration testing, then proceeds to providing you with the established penetration testing methodology and the latest attacking techniques, and ultimately immerses you in the world of red teaming and covert operations. After completing this path, you will be able to perform a professional network penetration test against any highly secured network or infrastructure, by using your own custom attack vectosr and evading any defenses in place.

Develops proficiency towards NIST role:

  • Vulnerability Assessment Analyst (This path can be complemented with the PND course)

Skills

PTS
  • Penetration Testing
  • Web Application Penetration Testing
  • Vulnerability Assessment
  • Networking
  • C++ & Python Fundamentals
PTP
  • Penetration Testing
  • Web Application Penetration Testing
  • WiFi Penetration Testing
  • Ruby & PowerShell Scripting
  • Shellcoding
PTX
  • Advanced Penetration Testing / Red Teaming
  • Defense Evasion
  • Advanced Adversary Simulation
  • Custom Payload Development
  • Advanced Social Engineering
Web Application Pentester

Enroll in this path as

The Web Application Pentester path is the most advanced and hands-on training path on web application penetration testing in the market. This training path starts by teaching you the fundamentals of networking and penetration testing, then proceeds to providing you with the established web application penetration testing methodology and the latest web attacks, and ultimately showcases how to execute more advanced and complicated attacks, by heavily manipulating web application components. After completing this path, you will be able to perform a professional web application penetration test against any kind of web application or web service, by using your own custom payloads, combining different attacking techniques and evading web application firewalls.

Develops proficiency towards NIST role:

  • Secure Software Assessor (This path can be complemented with the MASPT and PWD courses. Experienced professionals are advised to use the WAPT, WAPTX, MASPT and PWD courses)

Skills

PTS
  • Penetration Testing
  • Web Application Penetration Testing
  • Vulnerability Assessment
  • Networking
  • C++ & Python Fundamentals
WAPT
  • Web Application Penetration Testing
  • Web Application Fuzzing
  • Web Service Penetration Testing
  • Web Attack Mitigation
  • Session, Flash, XPATH & HTML5 Security Internals
WAPTX
  • Advanced Web Application Penetration Testing
  • Web Application Fuzzing
  • WAF Bypassing & Obfuscation
  • Custom Payload & Module Development
  • Advanced Authorization, HTML5 & XML Security Internals
Advanced Pentester

Enroll in this path as

The Advanced Pentester path is the most advanced and hands-on training path on network, web application and mobile application penetration testing in the market.This training path starts with a deep dive into the world of red teaming against highly secured networks or infrastructures. In this stage, you will learn about the most advanced network penetration testing techniques, creating your own custom attack vectors and combining various techniques for maximum exploitation, while remaining under the radar.You will then study the most advanced web application attacks, where you will be taught how to create your own custom payloads and modules, heavily manipulate web application components and technologies, and evade web application firewalls, to compromise secured web applications or web services.Lastly, you will be shown how to perform professional penetration testing activities against mobile applications, by means of reverse engineering, static analysis and dynamic analysis. Developing your own attacking mobile applications from scratch is another skill you will acquire in this last stage of the Advanced Pentester training path.After completing this path, you will be an extremely skilled network, web application and mobile application penetration tester.

Develops proficiency towards NIST role:

  • Exploitation Analyst (This path can be complemented with the THP course)

Skills

PTX
  • Advanced Penetration Testing / Red Teaming
  • Defense Evasion
  • Advanced Adversary Simulation
  • Custom Payload Development
  • Advanced Social Engineering
WAPTX
  • Advanced Web Application Penetration Testing
  • Web Application Fuzzing
  • WAF Bypassing & Obfuscation
  • Custom Payload & Module Development
  • Advanced Authorization, HTML5 & XML Security Internals
MASPT
  • Mobile Application Penetration Testing
  • Mobile Application Reverse Engineering
  • Mobile Application Static & Dynamic Analysis
  • Android & iOS Security Internals
  • Custom Attacking Mobile Application Development
Purple Team Member

Enroll in this path as

The Purple Team Member path is the most advanced and hands-on training path on purple teaming in the market. This training path is oriented towards IT security professionals who want to possess both cutting-edge offensive and defensive skills. The path starts by teaching you the most up-to-date penetration testing methodology and attacking techniques, so that you acquire a basic understanding of how attackers operate. Then, you will dive into the world of advanced penetration testing and red teaming. Armed with this knowledge, in addition to knowing how to create your own custom attack vectors and how to evade modern defenses, you will be able to deeply understand and simulate how advanced adversaries perform their operations. The Purple Team Member path ends by providing you with threat hunting and threat intelligence skills. In this final stage, you will combine what you learned in the previous stages with cutting edge intrusion detection techniques, to proactively hunt down adversaries in your network. After completing this training path, you will be an all-around and highly skilled Purple Team member that will be capable of not only simulating advanced adversaries but also hunting intruders on endpoints, the wire and in memory.

Develops proficiency towards NIST role:

  • Cyber Instructor

Skills

PTP
  • Penetration Testing
  • Web Application Penetration Testing
  • WiFi Penetration Testing
  • Ruby & PowerShell Scripting
  • Shellcoding
PTX
  • Advanced Penetration Testing / Red Teaming
  • Defense Evasion
  • Advanced Adversary Simulation
  • Custom Payload Development
  • Advanced Social Engineering
THP
  • Threat Hunting
  • Threat Intelligence
  • Memory & Traffic Analysis
  • Endpoint Monitoring
  • Intrusion Internals & Detection
Incident Responder

Enroll in this path as

The Incident Responder path is the most advanced and hands-on training path related to incident response in the market.The path starts by providing you with threat hunting, threat intelligence and cutting edge intrusion detection skills, to proactively hunt down adversaries in your network.Then, you will be taught Digital Forensics skills in order to identify intrusions, in post-mortem scenarios. Specifically, you will dissect disks and you will scrutinize PCAP files, endpoints and memory dumps to do so.Lastly, you will know all about advanced reverse engineering on the IA-32 CPU architecture. You will learn to reverse engineer PE files and important algorithms as well as manipulate and unpack malware. Other important subjects you will learn in your quest to become a highly skilled incident responder are anti-reversing and obfuscation, at a low level.After completing this training path, you will be an all-around and highly skilled incident responder, capable of detecting intruders using various techniques.

Develops proficiency towards NIST role:

  • Cyber Defense Incident Responder
  • Law Enforcement/Counterintelligence Forensics Analyst
  • Cyber Defense Forensics Analyst

Skills

THP
  • Threat Hunting
  • Threat Intelligence
  • Memory & Traffic Analysis
  • Endpoint Monitoring
  • Intrusion Internals & Detection
DFP
  • Digital Forensics
  • Disk/Filesystem Analysis & Recovery
  • Traffic & Log Analysis
  • Intrusion Detection
  • Windows Artifacts In-depth Knowledge
ARES
  • Reverse Engineering
  • Manual Malware, Packer and Algorithm Analysis
  • Assembly [IA-32 CPU Architecture (x86)]
  • Portable Executable File Format Internals, Manipulation & Analysis
  • Anti-reversing & Obfuscation
Enterprise Defender

Enroll in this path as

The Enterprise Defender path is the most advanced and hands-on training path related to enterprise defense in the market.The network security skills, web application security skills and threat hunting skills you will obtain from this path, will make you a precious blue team member in any organization. The path starts by providing you with practical network security skills such as, but not limited to, secure network design and configuration, vulnerability management, endpoint security and patch/group policy management. Then, you will become a web application security expert, since you will learn how to harden web applications, how to detect intrusions and apply virtual patches, how to perform static analysis against given source code and ultimately, how to implement effective data validation, error handling and authentication/authorization mechanisms. Lastly, you will learn all about threat intelligence and threat hunting in order to be equally capable on proactively hunting intruders on endpoints, the wire and in memory.

Develops proficiency towards NIST role:

  • System Administrator

Skills

PND
  • Network Security
  • Secure Network Design & Configuration
  • Vulnerability Management
  • Endpoint Security
  • Patch & Group Policy Management
PWD
  • Web Application Security
  • Web Application Virtual Patching & Intrusion Detection
  • Web Application Static Analysis & Misconfiguration Detection
  • Hardening Web Application Authorization, Authentication & Session Managements
  • Implementing Effective Data Validation, Error Handling, Logging & Cryptography
THP
  • Threat Hunting
  • Threat Intelligence
  • Memory & Traffic Analysis
  • Endpoint Monitoring
  • Intrusion Internals & Detection
Go to top of page