Modules
1 -
Welcome to the PenTest+ (PT0-002) Course
#
Lesson
Duration
Type
1.
Welcome
FREE
12h:32m

2.
Download your free study guide

3.
Exam Tips
FREE
3h:50m

4.
How to Use the Lab Environment
FREE
5h:47m

5.
Labs: Exploring the PenTest+ Lab Environment

6.
100% Pass Guarantee
FREE
3h:45m

7.
Checkpoint: Welcome

2 -
Planning an Engagement
#
Lesson
Duration
Type
1.
Planning an Engagement
2h:29m

2.
Risk
FREE
9h:14m

3.
Risk Handling
7h:55m

4.
Controls
7h:33m

5.
PenTest Methodologies
7h:58m

6.
PenTest Standards
7h:9m

7.
Planning a Test
FREE
9h:42m

8.
Legal Concepts
8h:23m

9.
Regulatory Compliance
15h:19m

10.
Professionalism
10h:34m

11.
Checkpoint: Planning an Engagement

3 -
Scoping an Engagement
#
Lesson
Duration
Type
1.
Scoping an Engagement
3h:38m

2.
Defining the Scope
6h:59m

3.
Adversary Emulation
11h:56m

4.
Target List
10h:59m

5.
Identifying Restrictions
8h:4m

6.
Rules of Engagement
7h:48m

7.
Assessment Types
9h:4m

8.
Validating the Scope
5h:20m

9.
Limitations and Permission
7h:4m

10.
Build a Virtual Lab
16h:41m

11.
Checkpoint: Scoping an Engagement

4 -
Passive Reconnaissance
#
Lesson
Duration
Type
1.
Passive Reconnaissance
3h:48m

2.
Information Gathering
6h:0m

3.
Open-Source Intelligence (OSINT)
6h:51m

4.
Social Media Scraping
10h:50m

5.
OSINT Tools
11h:47m

6.
Using OSINT Tools
26h:37m

7A.
Lab: Discovering IoT devices with Shodan

8.
DNS Information
10h:29m

9A.
Lab: Exploring the Domain Tools: Nslookup, Dig, and Whois

10.
Reconnaissance with CentralOps
13h:7m

11.
Public Repositories
8h:12m

12.
Search Engine Analysis
6h:23m

13.
URL Analysis
15h:23m

14A.
Lab: Navigating Open-Source Intelligence Tools

15.
Cryptographic Flaws
16h:33m

16.
CWE & CVE
6h:52m

17.
Checkpoint: Passive Reconnaissance

5 -
Active Reconnaissance
#
Lesson
Duration
Type
1.
Active Reconnaissance
3h:15m

2.
Scanning and Enumeration
10h:10m

3.
Conducting Enumeration
15h:0m

4.
Other Enumeration
9h:27m

5A.
Lab: Demonstrating Enumeration Techniques

6.
Website Reconnaissance
11h:42m

7.
Detecting and Evading Defenses
10h:13m

8.
Packet Crafting
10h:35m

9.
Eavesdropping
10h:19m

10.
Wardriving
8h:19m

11.
DNS and ARP Analysis
23h:6m

12.
Network Traffic Analysis
17h:56m

13.
Checkpoint: Active Reconnaissance

6 -
Vulnerability Scanning
#
Lesson
Duration
Type
1.
Vulnerability Scanning
2h:24m

2.
Vulnerability Lifecycle
8h:39m

3.
Vulnerability Scans
11h:13m

4.
Scanning Considerations
9h:26m

5.
Nessus Scanning
9h:12m

6.
OpenVas Scanning
13h:37m

7A.
Lab: Exploring OpenVAS

8.
Nikto Scanning
5h:22m

9A.
Lab: Using Web Scanners

10.
Checkpoint: Vulnerability Scanning

7 -
Nmap
#
Lesson
Duration
Type
1.
Nmap
4h:17m

2.
Nmap Discovery Scans
7h:57m

3.
Nmap Port Scans
9h:16m

4.
Nmap Fingerprinting
4h:16m

5.
Using Nmap
11h:35m

6A.
Lab: Understanding Nmap Common Usage

7.
Nmap Scripting Engine
20h:24m

8A.
Lab: Scanning a Vulnerable System

8B.
Lab: Understanding Scan Output

9.
Checkpoint: Nmap

8 -
Social Engineering and Physical Attacks
#
Lesson
Duration
Type
1.
Social Engineering and Physical Attacks
4h:10m

2.
Methods of Influence
11h:15m

3.
Social Engineering
14h:3m

4.
Phishing Campaigns
5h:16m

5.
Social Engineering Toolkit
13h:40m

6A.
Lab: Understanding Social Engineering Toolkit (SET)

7.
Pretexting
4h:11m

8.
Baiting Victims
7h:18m

9.
Impersonation
4h:20m

10A.
Lab: Understanding Spearphishing and Credentials Attack

11.
Physical Security
15h:44m

12.
Lock Picking
1h:40m

13.
Physical Attacks
10h:28m

14.
Social Engineering Tools
4h:15m

15.
Checkpoint: Social Engineering and Physical Attacks

9 -
Wireless Attacks
#
Lesson
Duration
Type
1.
Wireless Attacks
4h:6m

2.
Wireless Security
16h:42m

3.
Bypassing MAC Filtering
4h:10m

4.
Signal Exploitation
11h:20m

5.
WEP Hacking
9h:24m

6.
WPA/WPA2 Hacking
8h:40m

7.
WPS PIN Attacks
11h:50m

8A.
Lab: Monitoring with Aircrack-ng

9.
Evil Twins
5h:56m

10.
On-path and Relay Attacks
5h:51m

11.
Bluetooth Attacks
5h:52m

12.
RFID and NFC Attacks
4h:48m

13.
Checkpoint: Wireless Attacks

10 -
Network Attacks
#
Lesson
Duration
Type
1.
Network Attacks
3h:11m

2.
Stress Testing
6h:36m

3.
Exploit Resources
6h:26m

4.
ARP Poisoning
7h:20m

5.
DNS Cache Poisoning
13h:1m

6.
LLMNR/NBT-NS Poisoning
4h:59m

7.
MAC Spoofing
5h:28m

8.
VLAN Hopping
6h:59m

9.
NAC Bypass
4h:55m

10.
On-path Attack
4h:2m

11.
Password Attacks
10h:11m

12A.
Lab: Exploring Password Attacks with John the Ripper and Hydra

13.
Pass the Hash
7h:59m

14A.
Lab: Exploring the Basics of Metasploit

15.
Intro to Metasploit
18h:56m

16.
Netcat
8h:10m

17.
Using Netcat
11h:2m

18.
Checkpoint: Network Attacks

11 -
Application Vulnerabilities
#
Lesson
Duration
Type
1.
Application Vulnerabilities
7h:26m

2.
Race Conditions
4h:58m

3.
Buffer Overflows
12h:26m

4.
Buffer Overflow Attacks
6h:27m

5.
Authentication and References
5h:53m

6.
Improper Error Handling
5h:11m

7.
Improper Headers
6h:10m

8.
Code Signing
1h:56m

9.
Vulnerable Components
11h:45m

10.
Software Composition
9h:47m

11.
Privilege Escalation
6h:9m

12.
Conducting Privilege Escalation
13h:9m

13.
Checkpoint: Application Vulnerabilities

12 -
Application Attacks
#
Lesson
Duration
Type
1.
Application Attacks
3h:39m

2.
Directory Traversals
9h:32m

3.
Dirbuster
7h:18m

4.
Cross-Site Scripting (XSS)
9h:0m

5.
Cross-Site Request Forgery (CSRF)
7h:16m

6.
SQL Injections
7h:2m

7.
Conducting SQL Injections
8h:27m

8.
Burp Suite and SQLmap
10h:9m

9A.
Lab: Using SQL Injection

10.
OWASP ZAP
2h:49m

11.
XML Injections
6h:20m

12.
Other Injection Attacks
4h:18m

13.
Attacking Web Applications
15h:37m

14.
Checkpoint: Application Attacks

13 -
Cloud Attacks
#
Lesson
Duration
Type
1.
Cloud Attacks
2h:41m

2.
Attacking the Cloud
6h:56m

3.
Credential Harvesting
8h:19m

4.
Misconfigured Assets
12h:15m

5.
Metadata Service Attack
6h:45m

6.
Software Development Kit (SDK)
2h:57m

7.
Auditing the Cloud
5h:7m

8.
Conducting Cloud Audits
14h:1m

9A.
Lab: Using VSFTP Manual and Metasploit

10.
Checkpoint: Cloud Attacks

14 -
Attacks on Mobile Devices
#
Lesson
Duration
Type
1.
Attacks on Mobile Devices
5h:42m

2.
Enterprise Mobility Management
9h:36m

3.
Deployment Options
4h:36m

4.
Mobile Reconnaissance Concerns
7h:57m

5.
Mobile Device Insecurity
12h:15m

6.
Multifactor Authentication
12h:12m

7.
Mobile Device Attacks
5h:16m

8.
Malware Analysis
13h:13m

9.
Conducting Malware Analysis
25h:55m

10.
Mobile Device Tools
8h:28m

11.
Checkpoint: Attacks on Mobile Devices

15 -
Attacks on Specialized Systems
#
Lesson
Duration
Type
1.
Attacks on Specialized Systems
3h:32m

2.
Internet of Things (IoT) Devices
8h:35m

3.
Internet of Things (IoT) Vulnerabilities
7h:38m

4.
Embedded Systems
6h:50m

5.
ICS and SCADA Devices
9h:16m

6.
ICS Protocols and Vulnerabilities
10h:54m

7.
Data Storage Vulnerabilities
6h:4m

8.
Virtual Environments
8h:19m

9.
Virtual Machine Attacks
5h:59m

10.
Containerization
5h:45m

11.
Checkpoint: Attacks on Specialized Systems

16 -
Post-exploitation Exploits
#
Lesson
Duration
Type
1.
Post-exploitation
3h:13m

2.
Enumerating the Network
4h:8m

3.
Network Segmentation Testing
3h:15m

4.
Lateral Movement and Pivoting
3h:3m

5.
Pass the Hash
7h:52m

6.
Golden Ticket
6h:8m

7.
Lateral Movement
8h:34m

8.
Pivoting
7h:43m

9.
Escalating Privileges
19h:21m

10.
Upgrading Restrictive Shells
5h:27m

11.
Checkpoint: Post-exploitation

17 -
Detection Avoidance
#
Lesson
Duration
Type
1.
Detection Avoidance
1h:37m

2.
Trojans and Backdoors
4h:44m

3.
Creating Persistence
13h:53m

4A.
Lab: Using Reverse and Bind Shells

5.
Living Off the Land
12h:5m

6.
Data Exfiltration
6h:46m

7.
Covert Channels
4h:47m

8.
Steganography
6h:2m

9A.
Lab: Navigating Steganography Tools

10.
Covering Your Tracks
10h:9m

11.
Persistence and Covering Your Tracks
8h:44m

12.
Post-Exploitation Tools
3h:2m

13.
Checkpoint: Post-exploitation

18 -
Communication and Reports
#
Lesson
Duration
Type
1.
Communication and Reports
1h:59m

2.
Communication Paths
5h:27m

3.
Communication Triggers
4h:39m

4.
Reasons for Communication
10h:21m

5.
Presentation of Findings
6h:6m

6.
Report Data Gathering
3h:40m

7.
Written Reports
14h:45m

8.
Common Themes
3h:6m

9.
Securing and Storing Reports
5h:9m

10.
Checkpoint: Communication and Reports

19 -
Findings and Remediations
#
Lesson
Duration
Type
1.
Findings and Remediations
3h:51m

2.
Security Control Categories
13h:35m

3.
Selecting Security Controls
4h:45m

4.
Physical Controls
6h:57m

5.
Operational Controls
10h:25m

6.
Admnistrative Controls
14h:28m

7.
System Hardening
11h:2m

8.
Secure Coding
9h:28m

9.
Implementing MFA
6h:25m

10.
Digital Certificates
9h:50m

11.
Other Technical Controls
2h:46m

12.
Mitigation Strategies
8h:10m

13.
Checkpoint: Findings and Remediations

20 -
Post-report Activities
#
Lesson
Duration
Type
1.
Post-report Activities
3h:30m

2.
Remove Shells and Tools
2h:58m

3.
Delete Test Credentials
1h:59m

4.
Destroy Test Data
2h:53m

5.
Client Acceptance
3h:4m

6.
Attestation of Findings
3h:5m

7.
Lessons Learned
4h:7m

8.
Retesting
2h:45m

9.
Checkpoint: Post-report Activities

21 -
Scripting Basics
#
Lesson
Duration
Type
1.
Scripting Basics
3h:5m

2.
Shells and Programming Languages
9h:53m

3.
Variables
7h:53m

4.
Loops
5h:21m

5.
Logic Control
4h:40m

6.
Data Structures
12h:44m

7.
Object Oriented Programming
7h:1m

8.
Checkpoint: Scripting Basics

22 -
Analyzing Scripts
#
Lesson
Duration
Type
1.
Analyzing Scripts
7h:23m

2.
Coding in Bash
21h:19m

3.
Bash Example
4h:35m

4.
Coding in PowerShell
15h:45m

5.
PowerShell Example
3h:25m

6.
Coding in Python
20h:39m

7.
Python Example
3h:40m

8.
Coding in Perl
17h:27m

9.
Perl Example
16h:13m

10.
Coding in JavaScript
19h:23m

11.
JavaScript Example
9h:48m

12.
Coding in Ruby
13h:45m

13.
Ruby Example
4h:15m

14A.
Lab: Exploring Programming Shells

15.
Checkpoint: Analyzing Scripts

23 -
Exploits and Automation
#
Lesson
Duration
Type
1.
Exploits and Automation
2h:4m

2.
Exploits to Download Files
4h:35m

3.
Exploits for Remote Access
9h:33m

4.
Exploits for Enumerating Users
6h:2m

5.
Exploits for Enumerating Assets
5h:37m

6A.
Lab: Analyzing Exploit Code

7.
Automation in Engagements
3h:30m

8.
Automation with Nmap Scripts
2h:38m

9A.
Lab: Applying PenTest Automation

10.
Checkpoint: Exploits and Automation

24 -
Tool Round-up
#
Lesson
Duration
Type
1.
Tool Round-up
3h:42m

2.
OSINT Tools
6h:16m

3.
Scanning Tools
6h:42m

4.
Networking Tools
2h:34m

5.
Wireless Tools
7h:40m

6.
Social Engineering Tools
2h:37m

7.
Remote Access Tools
4h:25m

8.
Credential Testing Tools
7h:44m

9.
Web Application Tools
2h:28m

10.
Cloud Tools
3h:1m

11.
Steganography Tools
8h:11m

12.
Debuggers
5h:36m

13.
Miscellaneous Tools
9h:31m

14A.
Lab: Understanding Spear Phishing and Credentials Attack

15.
Checkpoint: Tool Round-up

25 -
Conclusion
#
Lesson
Duration
Type
1.
Conclusion Lesson
15h:45m

2.
BONUS: Where to go from here?

3.
Practice Exam (PT0-002)
