The CompTIA Pentest certification is designed for IT professionals who wish to specialize in penetration testing. This designation is pivotal for those looking to enhance their skill set in identifying vulnerabilities within systems and applications.

As cyber threats continue to evolve, the demand for skilled professionals in penetration testing has never been higher.

Importance of CompTIA Pentest Certification

The relevance of CompTIA Pentest cannot be overstated in today’s digital landscape. Organizations strive for heightened security measures, making it essential for their personnel to be adept at assessing potential vulnerabilities.

Gaining this certification provides individuals with both credibility and an advanced understanding of penetration testing methodologies, ensuring they can effectively safeguard organizational assets.

Skills Acquired Through CompTIA Pentest+

Through the CompTIA Pentest certification process, individuals will master numerous critical skills. These include threat analysis, vulnerability assessment techniques, and the ability to execute penetration tests effectively. Furthermore, practitioners gain expertise in security tools and technologies while developing incident response strategies.

This breadth of knowledge empowers candidates to contribute significantly to the cybersecurity domain.

Pre Engagement Tasks

Planning the Tests

  • Types of Pentration testing
  • Overall Pentest Process

Defining The Scope

  • Overall Pentest Process
  • Planning and Scoping
  • Initial Information Gathering with the client
  • Regulatory Considerations
  • Contacts, Agreements and SOWs
  • Defining Scope
  • Defining Methodologies
  • Rules of Engagement
  • The Ethical Hacking Mindset

Pentest Drivers

Why is the client paying for the pentest?

  • Compliance Requirements
  • New Application
  • Recent breaches
  • Periodic pentest
  • Risk Mitigation

Client Expectations

  • Formal report
  • Remediation List
  • Retesting
  • Business-risk Analysis
  • Stakeholder Presentations
  • Threat Simulations

Collect Environment Information

  • How many IPs?
  • How many Assets?
  • How many URLs?
  • How many Pages per URL?
  • Security Controls

Defining Pentest Type

  • External Network
  • Internal Network
  • Web Application
  • Mobile Application
  • IoT / SCADA
  • Red Team Attacks

Testing Visibility

  • BlackBox Testing
  • GreyBox Testing
  • WhiteBox Testing

Compliance Standards

Most Common Compliance Standards

PCI-DSS – Payment Card Industry – Data Security Standards

This requirments is mandatory for any company that processes credit card transations.

Read Here the PCI-DSS Penetration Testing Guidance

GDPR – General Data Protection Regulation

Is a cyber security standard to protect data in Europe

HIPAA

SOX

NERC-CIP

ISO27001

Attacks and Tools Restritions

  • DoS Attacks
  • Massive Scans
  • Password Bruteforcing

Privacy Requirements

  • No sensitive data leaves the company
  • Pentester location requirements
  • Minimum-access requirements
  • Additional Privacy Requirements

Contracts, Agreements and SOWs

Basic Agreement Concepts

  • NDAs – Non-Disclosure Agreements
  • MSA – Master Service Agreement
  • SOW – Statement of Work
  • ROE – Rules of Engagement

Defining Scope

  • Assets
  • Types of Attacks
  • IP Ranges

Defining Methodologies and frameworks

  • OWASP Top 10
  • Mitre ATT&CK
  • NIST
  • PTES
  • ISSAF
  • OSSTMM

Rules of Engagement

The Ethical Hacker Mindset

Techincal Information Gathering

OSINT Techniques

Active Scanning

People Information Gathering

Vulnerability Scans

Scan Types

  • Discovery Scans
  • Full Scans
  • Compliance Scans
  • Stealth Scans

Scan Visibility

  • Authenticated Scan
  • UnAuthenticated Scan

Tools

  • OpenVAS
  • Nikto
  • Qualys
  • Nessus
  • Burp Suite
  • OWASP ZAP

Attacks and Exploits

  • Attacks and Exploits Basics
  • Network Attacks
  • Wireless Attacks
  • Application Based Attacks
  • Cloud Attacks
  • Specialized Systems Attacks
  • Social Engineering
  • Physical Security
  • Post Exploitation

Attacks and Exploits Basics

BAsh and Powershell

Networks Attacks

  • ARP Posisoning
  • Password Attacks
  • MITM
  • NAC Bypass
  • Kerberoasting
  • LLMNR / NBT-NS Poisoning
  • NTLM Relay Attacks

Tools

  • Netcat
  • Nmap
  • Metasploit
  • Hydra
  • John The Ripper
  • Hashcat
  • MAC Changer
  • Responder
  • Impacket

Wireless Attacks

  • Enumeration
  • Eavesdropping
  • De-Authentication
  • Jamming
  • Replay Attacks
  • WEP / WPA /WPS
  • Evil Twin and Fake Captive Portals
  • Bluetooth Attacks
  • RFID Attacks

Application Attacks

  • OWASP Top 10
  • SQL Injection
  • Command Injection
  • Cross-Site Scripting
  • LDAP Injection
  • API Attacks
  • Directory Transversal Attacks

Tools

  • Burp Suite
  • OWASP ZAP
  • SQLMAP
  • DirBuster
  • Wfuzz

Cloud Attacks

  • Misconfigurations
  • Credential Harvesting
  • Denial of Service

Specialized Attacks

  • Mobile
  • IoT
  • Industrial Systems
  • Virtual Environments

Social Engineering

  • Phishing Attacks
    • Email
    • Voice
    • SMS
  • USB Drops
  • Impersonation
  • Methods Of Influence
    • Authority
    • Scarity
    • Social Proof
    • Urgency
    • Likeness
    • Fear

Tools

  • Beef
  • SET Toolkit
  • Call Spoofing Tools

Physical Security

  • Obtaining Physical Access to Restrited Area
    • Tailgating
    • Badge Cloning
  • Obtaining Sensitive Data
    • Dumpster Diving
    • Shoulder Surfing

POST Exploitation

  • Upgrade Restrictive Shell
  • Enumeration
  • Gaining Administrator Access
  • Lateral Movement
  • Creating Foothold
  • Data Exfiltration
  • Detection Bypass

Tools

  • Empire C2 Tool
  • Mimikatz
  • Bloodhound
  • PsExec
  • ADRecon
  • Kerberoasting

Reporting and Communications

  • Communication During Pentest
  • Writing Proper Findings
  • Writing Proper Recommendations
  • The Final Report
  • Post Report Activities

BAsic Concepts

  • Contact Escalation Points
    • Primary Contact
    • Techical Contact
    • Emergency Contact
  • Reasons and Triggers for Communication

The Final Report

  • Report Structure
    • Cover
    • Executive Summay
    • Scope
    • Methodology
    • Findings
    • Recommendations
  • Tailoring Information for business Audience
  • Providing details for Tecnical Audience

Post Testing Activities

  • Environment Clean Up
  • Secure Report Distribution
  • Presenting Findings
  • Re-testing

Tools and Code Analysis

  • Coding Basics
    • Logic Structures
    • Data Structures
    • Libraries
    • Functions
    • Procedures
  • Shell Languages
    • Bash
    • Powershell / Batch
  • Programming Languages
    • Python
    • Ruby
    • Perl
    • Javascript
  • Customizeing Exploits
    • Review Code
    • Change Variables
    • Sandboxes
  • Automating Tasks
    • Pentest Environment
    • Automate Enumeration
    • Nmap NSE

CompTIA PenTest+

Categorized in:

Training and Certification,