Penetration Testing Methodology was developed to provide students with a comprehensive hands-on exposure to the processes, tools and procedures used by penetration testers. This course teaches students concepts and methods involved in targeting, infiltrating and expanding access within networks. The course allows students to understand the attacker mindset and learn how to simulate a real-world attackers thoughts and actions, all for the purpose of helping to improve the security posture of the organizations they support. Penetration Testing Methodology includes significant amounts of hands-on practical application of skills learned. Students are introduced to topics and concepts through lectures then given a series of lab exercises to reinforce that learning and build skill. Students must exercise the penetration testing methodology, process and analyze collected data, and develop the necessary tradecraft and stealth in order to successfully complete the goals of the course.
Open Source Information Gathering
Legal Issues of Penetration Testing
Sources of Interesting Information
Footprinting, Scanning and Enumeration
Pivoting and Redirection
Passwords, Reuse and Cracking
Public-Facing Networks vs. Intranets
Keyloggers and Sniffers
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.