Nexusguard Certified Pentester (NCP)

Course Description

This course was designed for information security professionals who wanted to take a step forward in their cybersecurity career as a penetration testing professional.

Prerequisites

  • A minimum of 6-Months to 1-year experience in IT or security related background
  • Basic knowledge in TCP/IP
  • Basic knowledge in web application technology
  • Basic knowledge in windows and linux commands

Learning Assessments

  • Multiple choice questions
  • Online virtual labs hands-on
  • Capture the flag challenges
  • Documentation report
  • Cyber Drill – Crisis Simulation

Who should attend

  • Security Analyst / Vulnerability Assessors
  • Security Researcher / Web Developer
  • Ethical Hacker
  • Penetration Testers
  • Cybersecurity Professionals
  • Cyber Security Managers
  • Information Security Managers

Course Content

Below is the course syllabus which breaks down the topics to be conducted during the duration of the training program. The delivery method is done on both face to face and the online methods.

Proficiency Exams: Based on multiple choice questions

Course Introduction:

  1. Introduction about Nexusguard Certified Pentester (NCP)
  2. Finding your way around the Nexusguard LMS platform
  3. Knowing your consulting professors
  • Module 1 – Penetration Testing Concepts (Face to Face and Online LMS)
    1. Cybersecurity Evolving Threats
      • Attack trends and statistics
      • Common attack vectors
    2. Cybersecurity and data privacy laws and regulations
      • GDPR and country data privacy laws
      • How can a data breach affect you?
        • Sample used cases and field reports
      • Improving security controls vs data breach

      Workshop: Understanding ISMS and analyzing your own gaps

    3. Understand the concepts of Penetration Testing
      • The difference of vulnerability assessment and penetration testing
      • Importance of vulnerability assessment and penetration testing
      • Requirements and rules of engagements

      Learning Assessment: Multiple choice questions

  • Module 2 – Penetration Testing Preparation (Face to Face and Online LMS)
    1. Building an infosec team in your organization
      • Roles and responsibilities in the InfoSec organization
      • Difference between Red Team and VAPT Team
      • Building your own VAPT Team
    2. Considering a 3rd Party Supplier
    3. Identifying the target environment
    4. Establishing a governance framework

    Learning Assessment: Multiple choice questions

  • Module 3 – Penetration Testing Procedures (Face to Face and Online LMS)
    1. Introduction to VAPT tools
      • About Kali Linux b. Burp Suite
      • Nmap
      • Netcat
      • Wireshark
      • The Harvester
      • Hydra
      • Nikto
    2. Attack methodology – Theoretical Approach
      • Information gathering
        • Passive information gathering
          • Open web information gathering
            • Search engines
            • Google dorking
        • Active information gathering
          • DNS Enumeration
          • Social Engineering and user side attacks

        Workshop: Doing reconnaissance report on your target. Preparation for the offensive.

      • Improving security controls vs data breach

      Workshop: Understanding ISMS and analyzing your own gaps

    3. Discovery via vulnerability scanning
    4. Vulnerability exploitation
    5. Maintaining access
    6. Access escalation
    7. Covering your tracks

    Learning Assessment: Multiple choice questions

  • Module 4 – Web Application Penetration Testing (Face to Face and Virtual Machines)
    1. Understanding the web
      • Html tags
      • Javascript programming
      • HTTP requests
      • Cookies
    2. Web Application Testing Methodology
      • Setting up penetration testing environment
        • Installing burp suite community edition
        • Configuring the burp suite proxy settings
        • Configuring the browser to use proxy
        • Introduction to burp suite
      • Information Gathering
        • Search engine reconnaissance
        • Application technology foot printing
        • Functionality tracing
        • Hidden content discovery
      • Configuration and Deployment Testing
        • Known vulnerable components
        • Default configurations
        • Old, backup, and unreferenced files with sensitive information
        • Secure HTTP headers
        • Administrative tools/modules
        • Event logging mechanism
      • Authentication Testing
        • SQL injection
        • Forced browsing
        • Parameter modification
        • Cookie modification
        • Session prediction
      • Authorization Testing
        • Directory traversal
        • Privilege escalation
        • Insecure direct object references
      • Session Management Testing
        • Session fixation
        • Exposed session variables
        • Cross site request forgery
        • Session timeout
      • Session Management Testing
        • Cross Site Scripting
        • SQL Injection
        • Command Injection
        • HTTP Verb Tampering
        • Parameter Pollution
      • Error Handling
      • Cryptography
      • Business Logic Testing

      Learning Assessment: Multiple choice questions

    3. OWASP Top 10 Risk Vulnerabilities
      • A1 Injection
      • A2 Broken Authentication
      • A3 Sensitive Data Exposure
      • A4 XML External Entity (XXE)
      • A5 Broken Access Control
      • A6 Security Misconfiguration
      • A7 Cross Site Scripting (XSS)
      • A8 Insecure Deserialization
      • A9 Using Components with Known Vulnerabilities
      • A10 Insufficient Logging and Monitoring

      Virtual Labs: Testing your knowledge on OWASP Top 10.

  • Module 5 – Network Penetration Testing (Face to Face and Virtual Machines)
    1. OSI Layer
      • Understanding tcpdumps
      • Pcap analysis via wireshark
    2. Interacting with a DNS server
      • Forward lookup brute force
      • Reverse lookup brute force
      • DNS zone transfers
    3. Port Scanning with Nmap
      • TCP connect/Syn scanning
      • UDP scanning
      • Operating System fingerprinting
      • Banner grabbing
      • Services enumeration
    4. SMB enumeration with Nmap
    5. SMTP enumeration
    6. SNMP enumeration
    7. Vulnerability History
      • Vulnerability scanning
      • Nmap vulnerability scanning
      • The OpenVAS vulnerability scanner
    8. Understanding Exploits
      • Finding exploits on the internet
      • Understanding the Metasploit framework
        • Exploring the Metasploit framework
        • Metasploit payloads
        • Introduction to Win32 exploitation
        • Introduction to Linux exploitation
        • Discussion on Buffer Overflows

      Learning Assessment: Multiple choice questions

    9. File Transfers using Netcat
      • Non-interactive shell
      • Uploading files
    10. Privilege Escalation
      • Local privilege escalation on Windows
      • Local privilege escalation on Linux
      • Configuration issues like incorrect permissions
      • Password challenges
        • Brute force attacks
        • Online password attacks
        • Password hash attacks

      Learning Assessment: Multiple choice questions

    11. Port redirection and tunneling
      • Port forwarding and redirection
      • SSH tunneling
      • HTTP tunneling
      • Traffic encapsulation

    Virtual Labs: Cracking into your first target network.

  • Module 6 – Vulnerability Management and Handling (Face to Face and Online LMS)
    1. Importance of vulnerability management
      • Vulnerability scanners
      • Associated risks
      • Vulnerability management process overview
    2. Vulnerability Process Preparation
      • Initial vulnerability scan
      • Understanding vulnerabilities and risks scoring
      • Remediation phase
      • Implementing remediating actions
      • Rescan phase
      • Report generation

    Learning Assessment: Multiple choice questions

  • Module 7 – Vulnerability Management and Handling (Face to Face and Online LMS)
    1. Understanding threat modeling
      • Importance of the threat modeling
      • Starting your own threat modeling within your organization
    2. Threat modeling approaches
      • STRIDE approach

      Workshop: Conducting a threat modeling exercise

    3. Threat and risks analysis
    4. OWASP ASF threat and countermeasures

    Learning Assessment: Multiple choice questions

  • Module 8 – CREST Penetration Testing Maturity Assessment (Face to Face and Online LMS)
    1. Penetration Testing Assessment overview
    2. Penetration Testing Maturity models
    3. Penetration Testing Program
    4. Penetration Testing Assessment Process
    5. Penetration Testing Assessment Results

    Learning Assessment: Multiple choice questions

    • Makati
    • +63 2 8891 0713
    • +63 2 8751 6482

    • Intramuros
    • +63 2 8524-5572
    • Intramuros
    • 658 Muralla St., Intramuros, Manila 1002, Philippines


    • Makati
    • 333 Sen. Gil Puyat Ave., Makati City 1200, Philippines