GIAC - Firebrand's training for GIAC's Penetration Tester | GPEN

On this accelerated Firebrand course, you'll learn how to assess target networks and systems to find security vulnerabilities and sit the exam to get GIAC GPEN certified in just five days. New threats arise daily – with the GPEN course you’ll learn to defend your business by developing the skills to locate and mitigate IT security vulnerabilities, before they can be exploited.

Attack is the best form of defence - with GPEN you'll learn how to protect your business and achieve one of the most recognised penetration testing certifications in just five days. You’ll study penetration testing methodologies, legal issues and how to correctly conduct a real penetration test.

Hack your own organisation with GPEN

As well as studying the best practice techniques specific to penetration testing, you’ll also learn:

• How to perform password attacks
• Limitations and benefits of command shell access
• Exploitation fundamentals
• Web application probing and attacks
• Target & vulnerability scanning

This Firebrand course prepares you for the GIAC Penetration Tester (GPEN) exam.

This course provides knowledge equivalent to the SANS SEC560: Network Penetration Testing and Ethical Hacking.

Please Note

• Examination vouchers not included for GIAC, CREST and CISSP CBK Review
• On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses

Advanced Password Attacks

Use additional methods to attack password hashes and authenticate.

Attacking Password Hashes

Obtain and attack password hashes and other password representations.

Command Shell vs. Terminal Access

Learn the benefits, limitations, and distinguishing characteristics of command shell and terminal access.

Enumerating Users

Enumerate users through different methods.

Exploitation Fundamentals

Demonstrate the fundamental concepts associated with the exploitation phase of a pentest.

General Web Application Probing

Use tools and proxies to understand and exploit web application weaknesses.

Initial Target Scanning

Conduct port, operating system and service version scans and analyse the results.

Metasploit

Use and configure the Metasploit Framework at an intermediate level.

Moving Files with Exploits

Use exploits to move files between remote systems.

Password Attacks

Understand types of password attacks, formats, defenses, and the circumstances under which to use each password attack variation. You will be able to conduct password guessing attacks.

Pen-testing Foundations

Demonstrate the fundamental concepts associated with pen-testing.

Pen-testing Process

Utilise a process-oriented approach to pentesting and reporting.

Pen-Testing via the Command Line

Use advanced Windows command line skills during a pen test.

Reconnaissance

Understand the fundamental concepts of reconnaissance and will understand how to obtain basic, high level information about the target organisation and network, often considered information leakage, including but not limited to technical and non technical public contacts, IP address ranges, document formats, and supported systems.

Scanning for Targets

Use the appropriate technique to scan a network for potential targets.

Vulnerability Scanning

Conduct vulnerability scans and analyse the results.

Web Application Attacks

Utilise common web application attacks.

Wireless Crypto and Client Attacks

Utilise wireless cryptographic and client attacks including but not limited to hijacking and key attacks.

Wireless Fundamentals

Understand the fundamental concepts associated with wireless networks.

This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.

• GIAC Penetration Tester (GPEN)
• 115 questions
• 3 hour time limit
• 74% minimum passing score

You will be required to renew your GPEN certification every four years through Continuing Professional Experience (CPE) credits.

Included:

• Official Firebrand courseware

In order to be successful on this course, it is recommended you have:

• basic computer networking and security principles
• previous experience in setting up virtual machines
• A basic understanding of Python and Powershell
• basic Linux knowledge including:
• directory transversal
• file manipulation using utilities
• how to find details of processes
• how to find and change network settings
• basic SQL knowledge
• a working knowledge of how to set up and run Wireshark on a network