Only 5 days
Classroom
23/12/2024 (Monday)
Overview
On this accelerated Firebrand course, you'll learn how to assess target networks and systems to find security vulnerabilities and sit the exam to get GIAC GPEN certified in just five days. New threats arise daily – with the GPEN course you’ll learn to defend your business by developing the skills to locate and mitigate IT security vulnerabilities, before they can be exploited.
Attack is the best form of defence - with GPEN you'll learn how to protect your business and achieve one of the most recognised penetration testing certifications in just five days. You’ll study penetration testing methodologies, legal issues and how to correctly conduct a real penetration test.
Hack your own organisation with GPEN
As well as studying the best practice techniques specific to penetration testing, you’ll also learn:
- How to perform password attacks
- Limitations and benefits of command shell access
- Exploitation fundamentals
- Web application probing and attacks
- Target & vulnerability scanning
This Firebrand course prepares you for the GIAC Penetration Tester (GPEN) exam.
This course provides knowledge equivalent to the SANS SEC560: Network Penetration Testing and Ethical Hacking.
Benefits
Please Note
- Examination vouchers not included for GIAC, CREST and CISSP CBK Review
- On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses
Curriculum
Advanced Password Attacks
Use additional methods to attack password hashes and authenticate.
Attacking Password Hashes
Obtain and attack password hashes and other password representations.
Command Shell vs. Terminal Access
Learn the benefits, limitations, and distinguishing characteristics of command shell and terminal access.
Enumerating Users
Enumerate users through different methods.
Exploitation Fundamentals
Demonstrate the fundamental concepts associated with the exploitation phase of a pentest.
General Web Application Probing
Use tools and proxies to understand and exploit web application weaknesses.
Initial Target Scanning
Conduct port, operating system and service version scans and analyse the results.
Metasploit
Use and configure the Metasploit Framework at an intermediate level.
Moving Files with Exploits
Use exploits to move files between remote systems.
Password Attacks
Understand types of password attacks, formats, defenses, and the circumstances under which to use each password attack variation. You will be able to conduct password guessing attacks.
Pen-testing Foundations
Demonstrate the fundamental concepts associated with pen-testing.
Pen-testing Process
Utilise a process-oriented approach to pentesting and reporting.
Pen-Testing via the Command Line
Use advanced Windows command line skills during a pen test.
Reconnaissance
Understand the fundamental concepts of reconnaissance and will understand how to obtain basic, high level information about the target organisation and network, often considered information leakage, including but not limited to technical and non technical public contacts, IP address ranges, document formats, and supported systems.
Scanning for Targets
Use the appropriate technique to scan a network for potential targets.
Vulnerability Scanning
Conduct vulnerability scans and analyse the results.
Web Application Attacks
Utilise common web application attacks.
Wireless Crypto and Client Attacks
Utilise wireless cryptographic and client attacks including but not limited to hijacking and key attacks.
Wireless Fundamentals
Understand the fundamental concepts associated with wireless networks.
Exam Track
This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.
- GIAC Penetration Tester (GPEN)
- 115 questions
- 3 hour time limit
- 74% minimum passing score
You will be required to renew your GPEN certification every four years through Continuing Professional Experience (CPE) credits.
What's Included
Included:
- Official Firebrand courseware
Prerequisites
In order to be successful on this course, it is recommended you have:
- basic computer networking and security principles
- previous experience in setting up virtual machines
- A basic understanding of Python and Powershell
- basic Linux knowledge including:
- directory transversal
- file manipulation using utilities
- how to find details of processes
- how to find and change network settings
- basic SQL knowledge
- a working knowledge of how to set up and run Wireshark on a network