CompTIA

CompTIA PenTest+ (PT0-001)

(PT0-001) / ISBN : 978-1-64459-084-3
This course includes
Interactive Lessons
Gamified TestPrep
Lab
Hands-On Labs (Add-on)
52 Reviews
Get A Free Trial

About This Course

Skills You’ll Get

Download Course Outline

1

Introduction

  • CompTIA
  • The PenTest+ Exam
  • What Does This Course Cover?
  • CompTIA PenTest+ Certification Exam Objectives
2

Penetration Testing

  • What Is Penetration Testing?
  • Reasons for Penetration Testing
  • Who Performs Penetration Tests?
  • The CompTIA Penetration Testing Process
  • The Cyber Kill Chain
  • Tools of the Trade
  • Summary
  • Exam Essentials
  • Lab Exercises
3

Planning and Scoping Penetration Tests

  • Scoping and Planning Engagements
  • Key Legal Concepts for Penetration Tests
  • Understanding Compliance-Based Assessments
  • Summary
  • Exam Essentials
  • Lab Exercises
4

Information Gathering

  • Footprinting and Enumeration
  • Active Reconnaissance and Enumeration
  • Information Gathering and Defenses
  • Summary
  • Exam Essentials
  • Lab Exercises
5

Vulnerability Scanning

  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Software Security Testing
  • Developing a Remediation Workflow
  • Overcoming Barriers to Vulnerability Scanning
  • Summary
  • Exam Essentials
  • Lab Exercises
6

Analyzing Vulnerability Scans

  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Summary
  • Exam Essentials
  • Lab Exercises
7

Exploit and Pivot

  • Exploits and Attacks
  • Exploitation Toolkits
  • Exploit Specifics
  • Leveraging Exploits
  • Persistence and Evasion
  • Pivoting
  • Covering Your Tracks
  • Summary
  • Exam Essentials
  • Lab Exercises
8

Exploiting Network Vulnerabilities

  • Conducting Network Exploits
  • Exploiting Windows Services
  • Exploiting Common Services
  • Wireless Exploits
  • Summary
  • Exam Essentials
  • Lab Exercises
9

Exploiting Physical and Social Vulnerabilities

  • Physical Facility Penetration Testing
  • Social Engineering
  • Summary
  • Exam Essentials
  • Lab Exercises
10

Exploiting Application Vulnerabilities

  • Exploiting Injection Vulnerabilities
  • Exploiting Authentication Vulnerabilities
  • Exploiting Authorization Vulnerabilities
  • Exploiting Web Application Vulnerabilities
  • Unsecure Coding Practices
  • Application Testing Tools
  • Summary
  • Exam Essentials
  • Lab Exercises
11

Exploiting Host Vulnerabilities

  • Attacking Hosts
  • Remote Access
  • Attacking Virtual Machines and Containers
  • Physical Device Security
  • Attacking Mobile Devices
  • Credential Attacks
  • Summary
  • Exam Essentials
  • Lab Exercises
12

Scripting for Penetration Testing

  • Scripting and Penetration Testing
  • Variables, Arrays, and Substitutions
  • Comparison Operations
  • String Operations
  • Flow Control
  • Input and Output (I/O)
  • Error Handling
  • Summary
  • Exam Essentials
  • Lab Exercises
13

Reporting and Communication

  • The Importance of Communication
  • Recommending Mitigation Strategies
  • Writing a Penetration Testing Report
  • Wrapping Up the Engagement
  • Summary
  • Exam Essentials
  • Lab Exercises
Video

Appendix: Video Tutorials

Planning and Scoping Penetration Tests

  • Studying SOW, MSA, and NDA

Information Gathering

  • Examining Penetration Testing Execution Standard (PTES)
  • Examining Open Source Security Testing Methodology Manual
  • Examining NIST SP 800-115 - Technical Guide to Information Security Testing and Assessment
  • Performing Domain Enumeration
  • Performing Zone Transfer Using dig
  • Using ExifTool
  • Using the theHarvester Tool
  • Using Maltego to Gather Information
  • Studying the Communication Plan and the Main Elements of a Pen Test Report
  • Performing Nmap SYN Scan
  • Performing a UDP Scan Using Nmap
  • Using Nmap for Host Enumeration
  • Using Nmap for User Enumeration
  • Using Nmap for Network Share Enumeration
  • Using Nmap for Web Application Enumeration
  • Using Nmap for Network Enumeration
  • Using the Zenmap Tool
  • Using nslookup

Vulnerability Scanning

  • Examining the OWASP Web Testing Methodologies and Testing Guide
  • Using Nikto

Analyzing Vulnerability Scans

  • Studying CVSS Exercises with the CVSS Calculator

Exploit and Pivot

  • Searching Exploits Using searchsploit
  • Using OpenVAS
  • Using meterpreter
  • Exploiting SMB
  • Using the Metasploit RDP Post-Exploitation Module
  • Using the SET Tool

Exploiting Network Vulnerabilities

  • Performing ARP Spoofing
  • Performing the Man-in-the-Middle Attack
  • Using the EternalBlue Exploit in Metasploit
  • Exploiting SNMP
  • Exploiting SMTP

Exploiting Application Vulnerabilities

  • Exploiting SQL Injection Vulnerabilities
  • Exploiting Blind SQL Injection Vulnerabilities
  • Exploiting Command Injection Vulnerabilities
  • Understanding Credential based Brute-force Attack
  • Performing Session Hijacking
  • Exploiting Local File Inclusion Vulnerabilities
  • Exploiting Remote File Inclusion Vulnerabilities
  • Exploiting the Stored (Persistent) XSS Attack
  • Exploiting the DOM-Based XSS Attack
  • Exploiting the Reflected XSS Attack
  • Exploiting the Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Using OWASP ZAP

Exploiting Host Vulnerabilities

  • Understanding the Pass-the-hash Attack
  • Understanding SUID or SGID and Unix Program
  • Understanding Local Privilege Escalation
  • Exploiting SAM Database
  • Creating Reverse and Bind Shells using Netcat
  • Using Apktool to Decode and Analyze apk File

Scripting for Penetration Testing

  • Using Bash for Penetration Testing
  • Using Python for Penetration Testing
  • Using PowerShell for Penetration Testing

Why Do Learners Love This Course?

Overall the course helped a lot to get a complete understanding on the subject which can be applied on the real-time job.

Islam Uddin
Islam Uddin
Information Security Specialist

The uCertify online learning platform is an excellent online platform for the working professionals to learn new subjects and acquire new skills, while also getting certified.

Festus Odia
IP Network Engineer

The uCertify CompTIA Pen Test course from uCertify is simply one of the best I've seen. While most similar products include several question formats, uCertify has more than 50! Because of this, it is uniquely able to address workforce training needs. It is also ADA compliant, which is one of the best part of the company. The robust variety of question types addresses individual learner needs while also introducing new opportunities to assess areas that are typically very difficult to address in an online environment.

Naman Jain
Detection and Analysis of Malware

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

CompTIA PenTest+ (PT0-001)

$ 433.42

Buy Now

Related Courses

All Course
scroll to top