• 708.689.0131
  • Contact us
  • Infosec IQ login
  • Infosec Skills login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Infosec IQ logo Security awareness
  • Infosec Skills logo Boot camps & training
  • Product overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Program automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Live boot camps
  • Training mapped to NICE Framework Training mapped to NICE Framework
  • Certifications & CPEs
  • Cyber ranges & labs
  • Skill assessments
  • Infosec Skills Teams
  • Browse all training
  • Free trial
  • Pricing & features
  • Demo
  • Pre-built training plans
  • Industry, compliance & role-based training
  • Custom education
  • Personalized learning
  • Language
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Reports
  • Security culture survey
  • Assessments
  • Dashboard
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • Cybersecurity Specialist
  • Cybercrime Investigator
  • IT Auditor
  • Cybersecurity Analyst
  • Cybersecurity Consultant
  • Penetration Tester
  • Cybersecurity Manager
  • Cybersecurity Engineer
  • Cybersecurity Architect
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play
  • By organization type
  • By need
  • Solutions overview
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 Cybersecurity Role & Career Path Clarity Study

    250 security hiring managers share how they fill open roles

    Download Now
    • Cyber Work
    • Webinars
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Free cybersecurity training from industry experts

      Forrester Wave™ graphic

      New episodes every month

      Get Access
      • About us
      • Events
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Industry alliances
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • About LX Labs
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join an ambitious team of people who care about making a difference.

        Get To Know Us

        Penetration Testing 10-Day Boot Camp

        Infosec’s penetration testing training — delivered in the form of a 10-day, boot-camp style course — is the information security industry’s most comprehensive penetration testing course available.

        ★★★★★
        4.7
        (8,755 ratings)
        Updated December 2020
        93% exam pass rate
        View Pricing Book a Boot Camp

        Become a certified pentester, guaranteed!

        • Exam Pass Guarantee (live online)
        • 100% Satisfaction Guarantee
        • Certified Ethical Hacker (CEH) exam voucher
        • PenTest+ exam voucher
        • Certified Penetration Tester (CPT) exam voucher
        • Certified Expert Penetration Tester (CEPT) exam voucher
        • Unlimited practice exam attempts
        • Ten days live, expert  security training instruction (live online or in-person)
        • Immediate access to Infosec Skills — including a bonus  security training boot camp prep course — from the minute you enroll to 90 days after your boot camp
        • Learn by doing with 100s of additional hands-on courses and labs
        • 90-day access to all boot camp video replays and materials
        • Knowledge Transfer Guarantee

        Hands-on labs

        Hundreds of exercises in over 30 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing in our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening Capture the Flag (CTF) exercise.

        Nightly capture the flag exercises

        CTF exercises are an opportunity for you to practice your hacking skills in a real-world environment. Infosec sets up a mock company that you can freely attack without having to worry about damaging production systems. The purpose of the CTF exercises is to ensure you understand how to apply the skills you learned during the day to a real-world, ethical hacking scenario.

        Course benefits

        • Gain the in-demand career skills of a professional security tester — learn the methodologies, tools and manual hacking techniques used by penetration testers
        • Stay ethical — get hands-on hacking skills in our lab that are difficult to gain in a corporate or government working environment, such as anti-forensics and unauthorized data extraction
        • Move beyond automated vulnerability scans and simple security testing into the world of ethical penetration testing and hacking
        • More than interesting theories and lecture — get your hands dirty in our cyber range

         

        View full course schedule

        Training overview

        In this 10-day boot camp, you will learn everything there is to know about penetration testing, from the use of network reconnaissance tools to the writing of custom zero-day buffer overflow exploits. The goal of this course is to help you master a repeatable, documentable penetration testing methodology that can be used in an ethical penetration testing or hacking situation.

        This penetration testing training course has a significant return on investment: you walk out the door with hacking skills that are highly in demand, as well as up to four certifications:

        • Certified Ethical Hacker (CEH)
        • CompTIA PenTest+
        • Certified Penetration Tester (CPT)
        • Certified Expert Penetration Tester (CEPT)

        What you’ll learn

        • Writing buffer overflow exploits
        • dlmalloc Heap Overflow exploits
        • Win32 Heap Overflow exploits
        • Linux stack overflow exploits
        • Defeating non-exec stacks
        • Return-to-libc shellcode
        • Function pointer overwrites
        • Crafting injectable shellcode
        • Defeating non-executable stacks
        • Linux LKM rootkits
        • Windows kernel rootkits
        • Reverse engineering training
        • Vulnerability development and discovery
        • Attacking and blinding IDSs
        • Hiding your attacks from IDSs
        • Encrypted covert channels
        • Global offset table overwrites
        • Windows shellcode
        • Integer overflows
        • Linux shellcode
        • “No listening port” Trojans
        • A whole day on breaking through enterprise DMZs
        • Reconstructing binaries from sniffed traffic
        • Circumventing antivirus
        • Bi-directional spoofed communication
        • Session fixation
        • Advanced SQL injection
        • Justifying a penetration test to management and customers
        • Defensive techniques

        Hands-on activities

        • Capture the flag exercises every night!
        • Writing a stack buffer overflow
        • Porting exploits to metasploit modules
        • Find socket shellcode
        • Writing shellcode for Linux
        • Using Ollydbg for Win32 Exploits
        • Using IDA Pro for reversing
        • Reconstructing sniffed images
        • Reverse engineering Windows PE binaries
        • Session hijacking
        • Passive network analysis
        • Exploitation with a remote GUI
        • Sniffing SSL encrypted sessions
        • Format string exploits
        • Heap overflow exploits
        • Windows exploits
        • Calculating offsets
        • Reversing with SoftIce
        • OS determination without touching the target
        • SQL injection timing attacks
        • Port redirection
        • ASP source disclosure attacks
        • Call-back backdoors
        • Encrypted covert channels
        • Remote keyloggers
        • PHP/MySQL SQL injection
        • Inserting malicious code into unix binaries

        Who should attend

        • Penetration testers
        • Security analysts
        • Cybersecurity consultants
        • Anyone with a desire to learn penetration testing skills!

        Prerequisites

        • Firm understanding of the Windows Operating System
        • Exposure to the Linux Operating System or other Unix-based OS
        • Firm understanding of the TCP/IP protocols
        • Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
        • Programming knowledge is NOT required
        • Desire to learn about ethical hacking, and get great penetration testing training!

        Get training resources sent to your inbox

        Uh oh!

        Hmm. Something’s not right. Please review your contact information or email us for support at [email protected].

        Thanks for subscribing!

        Want to dive in right now? Check out Infosec’s free cybersecurity education resource center and blog!

        Everything you need to become a certified penetration tester

        • Exam Pass Guarantee (live online)
        • 100% Satisfaction Guarantee
        • Certified Ethical Hacker (CEH) exam voucher
        • PenTest+ exam voucher
        • Certified Penetration Tester (CPT) exam voucher
        • Certified Expert Penetration Tester (CEPT) exam voucher
        • 10 days live, expert  security training instruction (live online or in-person)
        • Security training boot camp prep course 
        • Learn by doing with 100s of additional hands-on courses and labs
        • 90-day access to all boot camp video replays and materials
        • Knowledge Transfer Guarantee
        Everything you need to become a certified penetration tester
        View Pricing

        Exam Pass Guarantee

        We guarantee you’ll pass your exam on the first attempt. Learn more.

        Pentesting training schedule

        Infosec’s 10-day pentesting training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth security training prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Day 1 to Day 5

            Testing methodologies

            • Security testing methodologies
            • The ethical hacking profession
            • Planning and scoping an engagement
            • Legal and compliance considerations
            • Ethical hacking methodologies
            • Tools of the trade
            • Linux overview
            • Passive intelligence gathering
            • Abusing DNS
            • Abusing SNMP
            • Security testing methodologies

            Network scanning and service identification

            • Understanding TCP packets and structuresPassive network discovery and scanning
            • TCP scanning
            • Using differences in RFC implementations to your advantage
            • Scanning through firewalls
            • How to prevent the discovery of your reconnaissance activities
            • Using zombies to mask network scanning
            • Avoiding IDS/IPS detection
            • Proper identification of services
            • Vulnerability identification

            Exploiting vulnerabilities and social engineering techniques

            • Vulnerability life cycles
            • Types of vulnerabilities
            • Flaws in encryption
            • Configuration errors
            • Buffer overflows
            • Stack overflows
            • Vulnerability mapping
            • Exploit utilization and delivery methods
            • Client side exploits
            • Server side exploits
            • Password security
            • Social engineering techniques
            • Attacking physical controls
            • Hashing
            • Rainbow tables
            • Attacking Windows password security
            • Weaknesses in Windows authentication protocols
            • Rainbow tables

            SQL injection and attacks

            • Use of Trojans
            • Redirecting ports to thwart firewall rules
            • Avoiding anti-virus detection
            • Lateral movement and persistence
            • Use of keyloggers
            • IDS operations and avoidance
            • Encrypting your communications
            • Protocol abuse for covert communications
            • Creating custom encryption tunneling applications
            • E-shoplifting
            • XSS attacks
            • Cross site forgery
            • Circumventing authentication
            • SQL injection discovery and exploitation
            • SQL data extraction

            Scripts for ethical hacking and mitigation strategies

            • Sniffing in different environments
            • Attack sniffers
            • Man-in-the-middle attacks
            • Wireless networking
            • Shared key authentication weaknesses
            • WEP/WPA/WPA2 cracking
            • Anti-forensics
            • Log modification/deletion
            • Rootkits
            • Introduction to scripting
            • Common script components
            • Writing effective reports
            • Providing mitigation recommendations
            • CEH exam review
            • PenTest+ exam review

            Day 6 to Day 10

            Introduction to Advanced Hacking 

            Overview of current security

            Advanced recon 

            • Stealth strategies
            • Evading IDS/IPS
            • Passive network recon
            • Idle scanning
            • Automated metadata gathering

            Blinding IDSs

            • Intrusion detection overview
            • Intrusion prevention
            • Blinding IDSs
            • Hiding from IDSs

            Vulnerability mapping

            • Using nessus
            • Manual vulnerability discovery
            • Mapping client-side vulnerabilities

            x86 assembly for exploit development 

            • Computing fundamentals
            • CPU registers
            • Memory segments
            • Assembly instructions

            Finding vulnerabilities with debuggers

            • Debuggers
            • Hardware vs software breakpoints
            • Keygens
            • Attacking keygen algorithms
            • Protections against these attacks

            Reversing win32 applications with IDA

            • Windows apps
            • Breakpointing on APIs
            • Breakpointing on messages
            • IDA
            • IDA FLIRT
            • Other IDA features

            Fuzzing/fault injection

            • Manual fault injecting
            • Advances in fault injection
            • Attacking complicated protocols

            Memory architecture and stack-based overflows

            • Memory segments
            • Introduction to stack
            • Functions and stack
            • Programming

            SEH exploits

            • Introduction
            • Structured exception handling
            • Controlling SEH chains
            • SEH exploit mitigation techniques
            • SEHOP

            Return oriented programming

            • Operating system protections
            • What is ROP?
            • Why do we need it?
            • How do we go about it?

            Writing shellcode

            • Introduction
            • Null Bytes

            Egghunters

            • What are egghunters
            • Why do we need them
            • Notable egghunter code
            • How do we go about it
            • Bonus content

            Restricted character set exploitation

            • What is restricted character set exploitation
            • Bad characters
            • Unicode filtering
            • Alphanumeric shellcode

            Attacking format strings

            • Introduction to format strings
            • Using format functions
            • Format string vulnerability
            • Reading the stack
            • Reading arbitrary memory addresses

            Payloads

            • Payload use
            • Bind shell
            • Reverse connect
            • SysCall proxy
            • DLL injection
            • Advanced exploitation

            Metasploit payloads

            • Metasploit meterpreter
            • Meterpreter scripts
            • Windows adduser payload
            • Writing metasploit module

            Advanced metasploit 

            • Metasploit framework
            • Labs for programming

            More advanced metasploit 

            • Metasploit framework
            • Auxiliary modules
            • Post exploitation

            Compressors and encryptors

            • Background on packers
            • Why use a packer
            • How a packer works
            • Strategies for defeating packers
            • Removing the packer with SofIce and ProcDump
            • The JMP EIP trick
            • Deleting the encryptor code segment

            Advanced client side exploits

            • Client side vs server side
            • Why client side is popular
            • The advanced persistent threat
            • Anatomy of a client side attack
            • Types of defenses

            Attacking network-based protocols

            • Attacking ARP
            • Attacking SSL
            • Traffic manipulation

            Exploiting web apps

            • Web app scanning
            • Tools for tracking vulnerabilities
            • Manual investigation

            Web application hacking

            • OWASP top 10
            • Eshoplifting
            • Deconstructing Java
            • Manipulating GETs
            • Manipulating POSTs
            • Attacking Cookies

            SQL injection in MS SQL

            • SQL command structure
            • Discovering vulnerable apps
            • Circumventing authentication
            • Attacking availability
            • Inserting data
            • Retrieving data
            • Deleting data
            • Local system access

            SQL injection in MySQL

            • Introduction
            • SQL injection in string fields
            • Circumventing strings
            • Attacking the application

            CD & DVD-ROM protections

            • Common CD check routines
            • Cracking CD checks
            • A commercial protection scheme- SafeDisc
            • Cracking SafeDisc
        • After your boot camp
          • Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your security training exams, get a head start on your next certification goal or start earning CPEs.

        Free security training resources

        PenTest+: Everything you need to know about CompTIA’s new certification

        CompTIA’s new PenTest+ certification validates your knowledge around identifying, exploiting, reporting and managing vulnerabilities.

        Watch now

        What’s new in ethical hacking: Latest careers, skills and certifications

        Want to be an ethical hacker? Find out everything you need to know in this webinar featuring Infosec instructor Keatron Evans.

        Watch now

        PenTest+ versus CEH

        In this article, you will be able to understand the similarities, differences and benefits of both PenTest+ and CEH certifications, as well as which one to pursue either or both!

        See Resources

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates
        VMware Triple Cert Boot Camp
        Rated 4.7/5 based on 17 customer reviews

        ©2021 Infosec, Inc.

        • Privacy & Cancellation Policies
        • Trademarks
        We use cookies to personalize your experience and optimize site functionality. Accept Cookie settings
        Privacy & Cookies Policy

        Infosec cookie notice

        We use cookies to help understand your needs, optimize website functionality and give you the best experience possible. Use this policy to understand how, when and where cookies are stored on your device. 

        Want to know more? Contact [email protected].
        Necessary
        Always Enabled

        This type of cookie helps keep our website functioning. They provide access to account-based features and other secure areas of our site, and do not store information about you that could be used for marketing. This category of cookies cannot be disabled.

        Analytics

        Google Analytics cookies help us understand how visitors use our site. All data collected from Google Analytics is anonymized (including your IP address) and stored by Google on U.S. servers.

        Marketing

        We use this type of cookie to optimize our marketing campaigns. Marketing cookies are delivered by our database when you visit our site, complete a form or open email from us. Information stored in this cookie includes personal information like your name and what pages you view on our site.

        Save & Accept