Kursus
SU-417
Certified Penetration Tester (CPENT)
Bliv en avanceret penetration tester med EC-Council’s Certified Penetration Testing Professional (CPENT)-kursus! Dette hands-on kursus kombinerer moderne pentest-metodikker med AI-assisterede teknikker for at ruste dig til at identificere, udnytte og rapportere sikkerhedssvagheder i komplekse netværk og systemer.
Hillerød
Februar
Uge
X
Marts
Uge
X
April
27/4
Uge 18
27/4
1/5 2026
VideoLink
Uge
X
Uge
X
27/4
Uge 18
27/4
1/5 2026
Hillerød
Februar
Uge
X
Marts
Uge
X
April
27/4
Uge 18
27/4
1/5 2026
Maj
Uge
X
VideoLink
Uge
X
Uge
X
27/4
Uge 18
27/4
1/5 2026
Uge
X
Hillerød
Februar
Uge
X
Marts
Uge
X
April
27/4
Uge 18
27/4
1/5 2026
Maj
Uge
X
Juni
Uge
X
Juli
Uge
X
August
Uge
X
September
14/9
Uge 38
14-18/9 2026
VideoLink
Uge
X
Uge
X
27/4
Uge 18
27/4
1/5 2026
Uge
X
Uge
X
Uge
X
Uge
X
14/9
Uge 38
14-18/9 2026
Datoerne er startdatoer
Mulighed for virtual deltagelse
Afholdelsesgaranti
Beskrivelse
Certified Penetration Testing Professional (CPENT) er et avanceret penetration testing-kursus, der lærer dig at tænke og handle som en professionel etisk hacker. Gennem realistiske, praktiske labs og live cyber ranges får du hands-on erfaring med hele pentest-metodologien – fra forberedelse og scoping til udnyttelse, pivoting, post-exploitation og rapportering. Kurset er designet til at udvikle færdigheder, som efterspørges i dagens cyber-sikkerhedsmarked, og understøtter både netværk, web-apps, API’er, Active Directory, IoT og cloud-miljøer.
På kurset arbejder du med:
- Advanced penetration testing teknikker og frameworks
- Scoping, engagement og regler for penetration test
- Open Source Intelligence (OSINT) og social engineering
- Eksterne og interne netværk, perimeter og web applikationer
- API security, privilege escalation og defence evasion
- Report writing og post-test analyser
Kurset giver dig en realistisk træning i at identificere sikkerhedshuller, angribe dem effektivt og udarbejde professionelle rapporter, som både tekniske teams og ledelsen kan bruge i praksis.
Certificeringspakker
Listepris 36.000 DKK
Din pris 30.000 DKK
(Eksl. moms)
Moduloversigt
- Modul 1Introduction to Penetration Testing and Methodologies
- Principles and Objectives of Penetration Testing
- Penetration Testing Methodologies and Frameworks
- Best Practices and Guidelines for Penetration Testing
- Role of Artificial Intelligence in Penetration Testing
- Role of Penetration Testing in Compliance with Laws, Acts, and Standards
- Modul 2Penetration Testing Scoping and Engagement
- Penetration Testing: Pre-engagement Activities
- Key Elements Required to Respond to Penetration Testing RFPs
- Drafting Effective Rules of Engagement (ROE)
- Legal and Regulatory Considerations Critical to Penetration Testing
- Resources and Tools for Successful Penetration Testing
- Strategies to Effectively Manage Scope Creep
- Modul 3Open Source Intelligence (OSINT)
- Collect Open-Source Intelligence (OSINT) on Target’s Domain Name
- Collect OSINT About Target Organization on the Web
- Perform OSINT on Target’s Employees
- OSINT Using Automation Tools
- Map the Attack Surface
- Labs:
- Collect OSINT on Target's Domain Name, Web, and Employees
- Collect OSINT Using Automation Tools
- Identify and Map Attack Surface
- Modul 4Social Engineering Penetration Testing
- Social Engineering Penetration Testing Concepts
- Off-Site Social Engineering Penetration Testing
- On-Site Social Engineering Penetration Testing
- Document Findings with Countermeasure Recommendations
- Labs:
- Sniff credentials using the Social-Engineer Toolkit (SET)
- Modul 5Web Application Penetration Testing
- Web Application Footprinting and Enumeration Techniques
- Techniques for Web Vulnerability Scanning
- Test for Vulnerabilities in Application Deployment and Configuration
- Techniques to Assess Identity Management, Authentication, and Authorization Mechanisms
- Evaluate Session Management Security and Input Validation Mechanisms
- Detect and Exploit SQL Injection and other Injection Vulnerabilities
- Identify Weak Cryptography and Business Logic Flaws
- Evaluate Applications for Client-Side Vulnerabilities
- Labs:
- Perform Website Footprinting
- Perform Web Vulnerability Scanning Using AI
- Perform Various Attacks on Target Web Application
- Modul 6API and Java Web Token Penetration Testing
- Techniques and Tools to Perform API Reconnaissance
- Test APIs for Authentication, Authorization, and Input Validation Vulnerabilities
- Evaluate the Security of JSON Web Tokens (JWT)
- Test APIs for Security Misconfiguration, Rate Limiting, and DoS
- Test APIs for Security of GraphQL Implementations
- Test APIs for Business Logic Flaws and Session Management
- Labs:
- Perform API Reconnaissance Using AI
- Scan and Identify Vulnerabilities in APIs
- Exploit Various Vulnerabilities to Gather Information on the Target Application
- Modul 7Perimeter Defense Evasion Techniques
- Techniques to Evaluate Firewall Security Implementations
- Techniques to Evaluate IDS Security Implementations
- Techniques to Evaluate the Security of Routers and Switches
- Labs:
- Identify and Bypass a Firewall
- Evade Perimeter Defenses Using Social-Engineer Toolkit (SET)
- Perform WAF Fingerprinting
- Modul 8Windows Exploitation and Privilege Escalation
- Windows Pen Testing Methodology
- Techniques to Perform Reconnaissance on a Windows Target
- Techniques to Perform Vulnerability Assessment and Exploit Verification
- Methods to Gain Initial Access to Windows Systems
- Techniques to Perform Enumeration with User Privilege
- Techniques to Perform Privilege Escalation and Post-Exploitation Activities
- Labs:
- Exploit Windows OS Vulnerability
- Exploit and Escalate Privileges on a Windows Operating System
- Gain Access to a Remote System
- Exploit Buffer Overflow Vulnerability on a Windows Machine
- Modul 9Active Directory Penetration Testing
- Architecture and Components of Active Directory
- Active Directory Reconnaissance and Enumeration
- Exploit Identified Active Directory Vulnerabilities
- Role of Artificial Intelligence in AD Penetration Testing Strategies
- Labs:
- Explore the Active Directory Environment
- Perform Active Directory Enumeration
- Perform Horizontal Privilege Escalation and Lateral Movement
- Retrieve Cached Active Directory Credentials
- Modul 10Linux Exploitation and Privilege Escalation
- Linux Exploitation and Penetration Testing Methodologies
- Reconnaissance and Vulnerability Assessment on Linux Targets
- Gain Access to Linux Systems using Various Techniques
- Privilege Escalation on Linux Systems
- Labs:
- Exploit Linux OS Vulnerabilities
- Perform Privilege Escalation on a Linux Machine
- Gain Access to a Remote Linux System
- Modul 11OT and SCADA Penetration Testing
- Introduction to OT and SCADA Systems
- OT and SCADA Penetration Testing Methodology
- Challenges in Testing OT and SCADA Environments
- Labs:
- Intercept Modbus Communication Protocol
- Communicate between PLCs and Slave Nodes
- Modul 12Reverse Engineering, Fuzzing, and Binary Exploitation
- Introduction to Reverse Engineering and Fuzzing
- Perform Static and Dynamic Analysis of Binaries
- Identify Vulnerabilities through Fuzzing
- Exploit Binary Vulnerabilities
- Labs:
- Perform Binary Analysis
- Perform Fuzzing to Identify Vulnerabilities
- Exploit Buffer Overflow and Other Binary Flaws
- Modul 13IoT Penetration Testing
- IoT Penetration Testing Methodology
- IoT Device Reconnaissance and Enumeration
- Analyze and Exploit IoT Firmware and Communication Protocols
- Labs:
- Analyze IoT Firmware
- Exploit Vulnerabilities in IoT Devices and Protocols
- Modul 14Report Writing and Post-Testing Actions
- Importance of Comprehensive Penetration Testing Reports
- Components of a Professional Penetration Testing Report
- Post-Testing Actions and Remediation Guidance
- Labs:
- Practice Writing Professional Pentesting Reports
Er du i tvivl?
Det ligger os meget på sinde, at du finder det kursusforløb, der skaber størst værdi for dig og din arbejdsplads. Tag fat i vores kursusrådgivere, de sidder klar til at hjælpe dig!
