Introduction to CPENT

The Certified Penetration Testing Professional or CPENT for short, is rewriting the standards of penetration testing skill development. The key philosophy behind the CPENT is simple – a penetration tester is as good as their skills. That’s why we urge you to go beyond Kali and beyond tools. Another thing that makes this program unique is that you get a chance to attain two certifications with just one exam: the CPENT and the LPT (Master). Take the CPENT exam and score better than 70% and you earn the CPENT. If you score over 90%, you earn the highly-coveted LPT (Master) certification!

Read More...

What makes CPENT different is the requirement that the candidate to actually prove their skills on our range, making CPENT the first pen testing program to do so! When it comes to pentesting, knowledge-based certifications alone do not necessarily equate to well-rounded skillsets when these candidates are put on a complex cyber range. In fact, we found during beta testing of our range that many do not even have the skills to create their routing tables, which is the first step of pivoting to networks that are not visible. Without the use of an automated tool most struggled. When simple stateless filtering was present, the few that had added the correct networking details stalled and few ever got past the 1st hurdle. No one made it through all of the hurdles. This testing is how we designed our training and honed our range, creating an program ready to train pen testers.

Candidates with an over-reliance on Kali tools will find it incredibly difficult to adapt to the multi-disciplinary approach of real-world penetration testing engagements. We urge you to go beyond and explore the vast horizons of penetration testing that differentiate the great from the good. The skills and abilities that you learn from the CPENT program will allow you to challenge an array of network types and not just one or two specialties.

cpent

Mind the Gap

The CPENT range, which is where our penetration testers prove their real-world skills and earn the CPENT designation, is designed to provide challenges across every level of the attack spectrum. The range contains multiple layers of network segmentation so once access is gained in one segment, the latest pivoting techniques are required to reach the next segment. Many of the challenges require outside-the-box thinking and customization of scripts and exploits to get into the innermost segments of the network. The key to becoming an excellent penetration tester is to go up against a variety of targets that are configured in a variety of ways. The CPENT range consists of entire network segments that replicate an enterprise network. This is in no way a computer game simulation; this is an accurate representation of an enterprise network that will present the latest challenges to the pen tester. Since the targets and technology continue to change, the CPENT range is dynamic and machines and defenses will be added as they are observed in the wild. Finally, the targets and segments are progressive in nature: once you get into one machine and or segment, the next one will challenge you even more.

What Makes The Certified
Penetration Testing Professional (CPENT) Unique?

icon box image

Advanced Windows Attacks

Advanced Windows Attacks

Access active directories. Power your way through network defenses using PowerShell to execute Silver and Gold Ticket and Kerberoasting.

Read more

icon box image

Attacking IOT Systems

Attacking IOT Systems

CPENT is the 1st certification in the world to teach IoT attacks

Read more

icon box image

Writing Exploits: Advanced Binary Exploitation

Writing Exploits: Advanced Binary Exploitation

Go beyond advanced application security testing techniques and experience the thrill of exploiting vulnerabilities in flawed binaries across 32 and 64 bit code challenges

Read more

icon box image

Bypassing a Filtered Network

Bypassing a Filtered Network

Unlike flat networks that most certifications train in, access web applications and extract data through a series of filtered networks with CPENT

Read more

icon box image

Pentesting Operational Technology (OT)

Pentesting Operational Technology (OT)

CPENT is the world’s first pen testing certification that allows you to intercept Modbus communication protocol and communicate between PLC and its slave nodes

Read more

icon box image

Access Hidden Networks With Pivoting

Access Hidden Networks With Pivoting

Learn lateral movement and what it means to truly pivot through filtered networks

Read more

icon box image

Double Pivoting

Double Pivoting

If you think pivoting is hard, wait until you try double pivoting!

Read more

icon box image

Privilege Escalation

Privilege Escalation

Gain root access by mastering privilege escalation techniques

Read more

icon box image

Evading Defense Mechanisms

Evading Defense Mechanisms

We don’t just teach you to write exploits, we teach you to how to bypass protections.

Read more

icon box image

Attack Automation with Scripts

Attack Automation with Scripts

A key skill for most employers, we’ll teach you to go beyond tools!

Read more

icon box image

Weaponize Your Exploits

Weaponize Your Exploits

Pentesting tools not enough for you? Here’s your chance to learn to build your own armory

Read more

icon box image

Write Professional Reports

Write Professional Reports

Learn a classic Pen Testing skill from experts

Read more

A Hands-On Exam Like No Other.

24 Hours will define your Pen Testing career

CPENT is a fully online, remotely proctored practical exam that challenges candidates through a grueling 24-hour performance-based, hands-on exam. The exam is broken into 2 practical exams of 12-hours each that will test your perseverance and focus by forcing you to outdo yourself with each new challenge. Candidates have the option to choose either 2 12-hour exams or one 24-hour exam.

CPENT

Candidates who score more than 70% will earn the CPENT certification. Candidates who score more than 90% attain the prestigious LPT (Master) credential!

Exam features:

  • Choose your challenge! Either two 12-Hour sessions or a single 24-Hour exam!
  • EC-Council specialists proctor the entire exam – cheating is not an option.
  • Score at least 70% and become a CPENT
  • Score at least 90% and earn the highly regarded LPT (Master) designation!

Get more than what you usually expect

100% mapped with the NICE framework

100% methodology-based penetration testing program

Comes blended with both manual and automated penetration testing approaches

Is designed based on the most common penetration testing services offered by the best service providers in the market

Maps to the job role of a penetration tester and security analyst, based on major job portals

Provides strong reporting writing guidance

Gives a real-world experience through an Advanced Penetration Testing Range

Offers templates that can be used to conduct pen tests in the wild

We strongly recommend candidates to attempt the CEH Practical and/or the ECSA Practical prior to attempting the CPENT exam.

Course Outline:

Module 01: Introduction to Penetration Testing
Module 02: Penetration Testing Scoping and Engagement
Module 03: Open Source Intelligence (OSINT)
Module 04: Social Engineering Penetration Testing
Module 05: Network Penetration Testing – External
Module 06: Network Penetration Testing– Internal
Module 07: Network Penetration Testing – Perimeter Devices
Module 08: Web Application Penetration Testing
Module 09: Wireless Penetration Testing
Module 10: IoT Penetration Testing
Module 11: OT/SCADA Penetration Testing
Module 12: Cloud Penetration Testing
Module 13: Binary Analysis and Exploitation
Module 14: Report Writing and Post Testing Actions

Bonus Material:

A: Penetration Testing Essential Concepts
B: Fuzzing
C: Mastering Metasploit Framework
D: PowerShell Scripting
E: Bash Environment and Scripting
F: Python Environment and Scripting
G: Perl Environment and Scripting
H: Ruby Environment and Scripting
I: Active Directory Pen Testing
J: Database Penetration Testing
K: Mobile Device Penetration Testing

Who is it for?

    • Penetration Testers
    • Ethical Hackers
    • Information security Consultant
    • Security Testers
    • Security Analysts
    • Security Engineers
    • Network Server Administrators
    • Firewall Administrators
    • System Administrators
    • Risk Assessment Professionals

Training Options

iLearn (Self-Study)
This solution is an asynchronous, self-study environment which delivers EC-Council’s sought-after IT Security hacking training courses in a streaming video format.

iWeek (Live Online)
This solution is a live, online, instructor-led training course that you can attend from anywhere with an internet connection.

Master Class
This solution offers you the opportunity to learn from world-class instructors and the opportunity to collaborate with top Infosecurity professionals and includes bundled courses and additional online access to learning materials.

Training Partner (In Person)
This solution offers in-person hacking training so that you can get the benefit of collaborating with your peers and gaining real-world skills at a training center near you.

Education Partner (In Person or Online)
This solution offers education courses through EC-Council Academia partnered institutions to benefit students enrolled in a college or university degree programs.

cpent

What Makes CPENT
Advanced Pen Testing Unique?

Advanced Windows Attacks
This zone contains a complete forest that you first have to gain access to and then use PowerShell and any other means to execute Silver and Gold Ticket and Kerberoasting. The machines will be configured with defenses in place meaning you to have to use PowerShell bypass techniques and other advanced methods to score points within the zone.
Attacking IOT Systems
CPENT is the first certification that requires you to locate IOT devices and then gain access to the network. Once on the network, you must identify the firmware of the IOT device, extract it, and then reverse engineer it
Writing Exploits: Advanced Binary Exploitation
Finding flawed code is a skill competent pen testers need. In this zone you will be required to find the flawed binaries then reverse engineer them to write exploits to take control of the program execution. The task is complicated by the requirement of penetrating from the perimeter to gain access then discover the binaries. Once that is done you have to reverse engineer the code. Unlike other certifications, CPENT includes 32 and 64 bit code challenges and some of the code will be compiled with basic protections of non-executable stacks. You must be able to write a driver program to exploit these binaries, then discover a method to escalate privileges. This will require advanced skills in binary exploitation to include the latest debugging concepts and egg hunting techniques. You are required to craft input code to first take control of program execution and second, map an area in memory to get your shell code to work and bypass system protections.
Bypassing a Filtered Network
The CPENT certification provides web zone challenges that exist within a segmentation architecture, so you have to identify the filtering of the architecture then leverage this knowledge to gain access to web applications. The next challenge is to compromise and then extract the required data from the web apps to achieve points.
Pentesting Operational Technology (OT)
The CPENT range contains a zone that is dedicated to ICS SCADA networks that the candidate will have to penetrate from the IT network side and gain access to the OT network. Once there, you will have to identify the Programmable Logic Controller (PLC) and then modify the data to impact the OT network. You must be able to intercept the Mod Bus Communication protocol and communication between the PLC and other nodes.
Access Hidden Networks with Pivoting
Based on our beta testing, pen testers struggle to identify the rules that are in place when they encounter a layered network. Therefore, in this zone you will have to identify the filtering rules then penetrate the direct network. From there, candidates have to attempt pivots into hidden networks using single pivoting methods, but through a filter. Most certifications do not have a true pivot across disparate networks and few (if any) have the requirement into and out of a filtering device.
Double Pivoting
Once you have braved and mastered the challenges of the pivot, the next challenge is the double pivot. This is not something that you can use a tool for; in most cases the pivot has to be set up manually. CPENT is the first certification in the world that requires you to access hidden networks using double pivoting.
Privilege Escalation
In this challenge, the latest methods of privilege escalation reverse engineering code to take control of execution then break out of the limited shell are required to gain root/admin.
Evading Defense Mechanisms
The range requires your exploits be tested by different defenses you are likely to see in the wild. Candidates are required to get their exploits past the defenses by weaponizing them.
Attack Automation with Scripts
Prepare for advanced penetration testing techniques and scripting with seven self-study appendices: Penetration testing with Ruby, Python, PowerShell, Perl, BASH, Fuzzing, and Metasploit.
Weaponize Your Exploits
Customize your own tools and build your armory with your coding expertise to hack the challenges presented to you as you would in real life.
Write Professional Reports
Experience how a pen tester can mitigate risks and validate the report presented to the client to really make an impact. Great pen testing doesn’t mean much to clients without a clearly written report!

An Exciting Career Awaits A CPENT

Time of Completion

40-hour course + 24-hour exam

jobs in cybersecurity

Jobs Available

8,000+ on LinkedIn alone for Pen Testers

Average Salary

$84,000 in the U.S.

Spend just 40 hours and align your career to the growing demand for Penetration Testers. With CPENT, you will cover advanced penetration testing tools, techniques, and methodologies most needed right now.

Advance in your job today with CPENT

Learn how we can help!

Get Trained