In this 10-day boot camp, you will learn everything there is to know about penetration testing, from the use of network reconnaissance tools to the writing of custom zero-day buffer overflow exploits. The goal of this course is to help you master a repeatable, documentable penetration testing methodology that can be used in an ethical penetration testing or hacking situation.

This penetration testing training course has a significant return on investment: you walk out the door with hacking skills that are highly in demand, as well as up to four certifications:

• Certified Ethical Hacker (CEH)
• CompTIA PenTest+
• Certified Penetration Tester (CPT)
• Certified Expert Penetration Tester (CEPT)

• 10 days of expert security training from an instructor with real-world hacking experience and deep knowledge of course content
• Immediate access to in-depth ethical hacking pre-study course
• Infosec proprietary digital courseware (physical textbooks available to purchase)
• 90-day access to cyber range (Flex Pro)
• 90-day access to replays of daily lessons (Flex Pro)
• Curated videos from other top-rated instructors (Flex Pro)
• Certified Ethical Hacker (CEH) exam voucher
• PenTest+ exam voucher
• Certified Penetration Tester (CPT) exam voucher
• Certified Expert Penetration Tester (CEPT) exam voucher
• 100% Satisfaction Guarantee
• Exam Pass Guarantee (Flex Pro)

• Gain the in-demand career skills of a professional security tester — learn the methodologies, tools and manual hacking techniques used by penetration testers
• Stay ethical — get hands-on hacking skills in our lab that are difficult to gain in a corporate or government working environment, such as anti-forensics and unauthorized data extraction
• Move beyond automated vulnerability scans and simple security testing into the world of ethical penetration testing and hacking
• More than interesting theories and lecture — get your hands dirty in our cyber range

• Penetration testers
• Security analysts
• Cybersecurity consultants
• Anyone with a desire to learn penetration testing skills!

• Firm understanding of the Windows Operating System
• Exposure to the Linux Operating System or other Unix-based OS
• Firm understanding of the TCP/IP protocols
• Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
• Programming knowledge is NOT required
• Desire to learn about ethical hacking, and get great penetration testing training!

Hundreds of exercises in over 30 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing in our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening Capture the Flag (CTF) exercise.

CTF exercises are an opportunity for you to practice your hacking skills in a real-world environment. Infosec sets up a mock company that you can freely attack without having to worry about damaging production systems. The purpose of the CTF exercises is to ensure you understand how to apply the skills you learned during the day to a real-world, ethical hacking scenario.

• Writing buffer overflow exploits
• dlmalloc Heap Overflow exploits
• Win32 Heap Overflow exploits
• Linux stack overflow exploits
• Defeating non-exec stacks
• Return-to-libc shellcode
• Function pointer overwrites
• Crafting injectable shellcode
• Defeating non-executable stacks
• Linux LKM rootkits
• Windows kernel rootkits
• Reverse engineering training
• Vulnerability development and discovery
• Attacking and blinding IDSs
• Hiding your attacks from IDSs
• Encrypted covert channels
• Global offset table overwrites
• Windows shellcode
• Integer overflows
• Linux shellcode
• “No listening port” Trojans
• A whole day on breaking through enterprise DMZs
• Reconstructing binaries from sniffed traffic
• Circumventing antivirus
• Bi-directional spoofed communication
• Session fixation
• Advanced SQL injection
• Justifying a penetration test to management and customers
• Defensive techniques

• Capture the flag exercises every night!
• Writing a stack buffer overflow
• Porting exploits to metasploit modules
• Find socket shellcode
• Writing shellcode for Linux
• Using Ollydbg for Win32 Exploits
• Using IDA Pro for reversing
• Reconstructing sniffed images
• Reverse engineering Windows PE binaries
• Session hijacking
• Passive network analysis
• Exploitation with a remote GUI
• Sniffing SSL encrypted sessions
• Format string exploits
• Heap overflow exploits
• Windows exploits
• Calculating offsets
• Reversing with SoftIce
• OS determination without touching the target
• SQL injection timing attacks
• Port redirection
• ASP source disclosure attacks
• Call-back backdoors
• Encrypted covert channels
• Remote keyloggers
• PHP/MySQL SQL injection
• Inserting malicious code into unix binaries