Boot Camp

Penetration Testing Training Boot Camp

Infosec’s 10-day Penetration Testing Boot Camp is the industry’s most comprehensive ethical hacking training available. You’ll walk out the door with hacking skills that are highly in demand, as well as up to four certifications: CEH, Pentest+, CPT and CEPT.

4.7 (8,755 ratings)

Get certified, guaranteed

Everything you need to earn your CEH, PenTest+ and CEPT

  • 90-day extended access to Boot Camp components, including class recordings
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
  • Hands-on cyber ranges and labs
  • Knowledge Transfer Guarantee
  • Onsite proctoring of exam
  • Pre-study learning path
  • Unlimited practice exam attempts

Award-winning training you can trust

Wistia video thumbnail

What you'll learn

Training overview

In this 10-day boot camp, you will learn everything there is to know about penetration testing, from the use of network reconnaissance tools to the writing of custom zero-day buffer overflow exploits. The goal of this course is to help you master a repeatable, documentable penetration testing methodology that can be used in an ethical penetration testing or hacking situation.

This penetration testing training course has a significant return on investment: you walk out the door with hacking skills that are highly in demand, as well as up to four certifications:

  • Certified Ethical Hacker (CEH)
  • CompTIA PenTest+
  • Certified Penetration Tester (CPT)
  • Certified Expert Penetration Tester (CEPT)

Before your boot camp


  • Firm understanding of the Windows Operating System
  • Exposure to the Linux Operating System or other Unix-based OS
  • Firm understanding of the TCP/IP protocols
  • Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
  • Programming knowledge is NOT required
  • Desire to learn about ethical hacking, and get great penetration testing training!


Training schedule

  • Day 1
    • Testing methodologies

      • Security testing methodologies
      • The ethical hacking profession
      • Planning and scoping an engagement
      • Legal and compliance considerations
      • Ethical hacking methodologies
      • Tools of the trade
      • Linux overview
      • Passive intelligence gathering
      • Abusing DNS
      • Abusing SNMP
      • Security testing methodologies
  • Day 2
    • Network scanning and service identification

      • Understanding TCP packets and structuresPassive network discovery and scanning
      • TCP scanning
      • Using differences in RFC implementations to your advantage
      • Scanning through firewalls
      • How to prevent the discovery of your reconnaissance activities
      • Using zombies to mask network scanning
      • Avoiding IDS/IPS detection
      • Proper identification of services
      • Vulnerability identification
  • Day 3
    • Exploiting vulnerabilities and social engineering techniques

      • Vulnerability life cycles
      • Types of vulnerabilities
      • Flaws in encryption
      • Configuration errors
      • Buffer overflows
      • Stack overflows
      • Vulnerability mapping
      • Exploit utilization and delivery methods
      • Client side exploits
      • And many more!
  • Day 4
    • SQL injection and attacks

      • Use of Trojans
      • Redirecting ports to thwart firewall rules
      • Avoiding anti-virus detection
      • Lateral movement and persistence
      • Use of keyloggers
      • IDS operations and avoidance
      • Encrypting your communications
      • Protocol abuse for covert communications
      • And many more!
  • Day 5
    • Scripts for ethical hacking and mitigation strategies

      • Sniffing in different environments
      • Attack sniffers
      • Man-in-the-middle attacks
      • Wireless networking
      • Shared key authentication weaknesses
      • WEP/WPA/WPA2 cracking
      • Anti-forensics
      • And many more!
  • Day 6
      • Advanced recon 
      • Blinding IDSs
      • Vulnerability mapping
  • Day 7
      • x86 assembly for exploit development 
      • Finding vulnerabilities with debuggers
      • Reversing win32 applications with IDA
      • Fuzzing/fault injection
      • Memory architecture and stack-based overflows
  • Day 8
      • SEH exploits
      • Return oriented programming
      • Writing shellcode
      • Egghunters
      • Restricted character set exploitation
      • Attacking format strings
      • Payloads
  • Day 9
      • Metasploit payloads
      • Advanced metasploit 
      • Compressors and encryptors
      • Advanced client side exploits
      • Attacking network-based protocols
  • Day 10
      • Exploiting web apps
      • Web application hacking
      • SQL injection in MS SQL
      • SQL injection in MySQL
      • CD & DVD-ROM protections

Guaranteed results

Our boot camp guarantees

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

Enroll in a boot camp

  • April 10, 2023 - April 21, 2023

    Online only

    Exam Pass Guarantee
  • June 12, 2023 - June 23, 2023

    Online only

    Exam Pass Guarantee
  • October 16, 2023 - October 27, 2023

    Online only

    Exam Pass Guarantee
  • January 22, 2024 - February 2, 2024

    Online only

    Exam Pass Guarantee