CHPTE Certified Hands-on Penetration Tester Expert

SYLLABUS 2019 Ver 2

150 Hours Hands-On Course

Certified Hands-on Penetration Tester Expert | 2

| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27

Intermediate cyber security course intended for students seeking to enhance their PT and Python

abilities.

This course is offer as the next level course for our unique CHCSS program graduates.

Topics include working with Python, learning to use basic object-oriented programing, working with

Python projects, using threads and learning coding conventions.

The second part of the course include topics of gathering cyber intelligence, learn to do penetration

testing for both application and infrastructure level, using various exploitation tools and making

payloads for attacks. Learn to use tools for various cyber-attacks like Wi-Fi hacking, MITM XSS, SQL

Injections ,Phishing, session hijacking, etc.

The course also gives tools for evaluate vulnerability in web sites. All of those topics are being practice

by the students in our Hands-On labs that were develop specifically for the purpose of this course. The

students also using our unique cyber simulator for practical knowledge on how to mitigate the various

attacks. The course also contains homework for the students as additional hands-on material.

Target Audience

This course is intended for intermediate security personnel wishing to learn how to use the various tools for successful PT.

Prerequisites

• Good understanding of basic cyber-attacks and tools. • Good understanding of networking protocols and TCP/IP • Using Kali and basic Linux commands - Recommended

Course Description

Certified Hands-on Penetration Tester Expert | 3

| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27

01

PYTHON (60 Hours)

Subject Description Hours

Working with Python 1. Work environment. Installing Python and starting it. 2. Working with GIT(BASIC) 3. Variables, basic types, flow control with conditionals and loops. 4. PEP8\coding conventions

5

Basic programing 1. Functions and arguments. 2. Data structures such as dictionaries, sets and lists. Creating these with list/dict/set comprehension 3.Mutable vs immutable types, passing parameters to functions

5

Using Python in Network environment

1. Editing Files 2. Network requests 3. Scapy

10

Exam Mid-Course Programming exam 5

Working with Databases

Databases and Exception handling 5

Object Oriented Programing

Basic OOP, Classes and objects. 10

Using Python projects 1. Installing new packages and use them 2. Pyinstaller 3. Packaging our project

5

Advance programming

Asynchronous & Threads 10

Exam Final programming exam 5

Certified Hands-on Penetration Tester Expert | 4

| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27

02 PT (90 Hours)

Subject Description Hours

Gathering cyber intelligence

1. Active/Passive reconnaissance 2. Using Social media – Building Avatar 3. Using google to search vulnerabilities in websites 4. Using tools: P0F, FOCA, GOOGLE DORKING, WIRESHARK, maltego 5. Web anonymity, VPNs, Darknet, Bitcoin 6. Advance scans: Nmap, nikto, nessus, scapy, Shodan, Exploitdb

15

Exam Reconnaissance Exam 5

Application Penetration Testing - Basic

1. XSS – review 2. Advance XSS and XSS types 3. Session hijacking and phishing 4. Using encoding to bypass special character filters 5. beef 6. Burp Suite & Zed Attack Proxy 7. How to report venerable web site 8. Bug bounty program subscription 9. Path traversal, CSRF, Race Conditions, Directory Listing

15

Application Penetration Testing - Advance

1. SQL review 2. SQL Injection to websites 3. SQLMAP 4. Working with Beebox 5. Different types of Databases 6. BlindSQL 7. Using encoding to bypass special character filters 8. Buffer Overflow

15

Exam Application Penetration Testing Exam 5

Infrastructure Penetration

1. Exploit Review 2. exploit-db, rapid7, virustotal, metasploit, Veil-Evasion,

10

Certified Hands-on Penetration Tester Expert | 5

| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27

Testing – Basic msfvenom, Armitage 3. Creating payloads against Windows and Linux OS and bypassing AVs 4. Creating payloads against web browsers 5. Creating RAT and Reverse/Bind Shell

Infrastructure Penetration Testing - Advance

MITM Advance Attacks 5

Exam Testing MITM Advance Attacks 5

Infrastructure Penetration Testing - Wi-Fi Networks

1. WEP Protocol – Attack types, Using Aircrack-NG, Using PYRIT 2. WPA Protocol - Attack types, Dictionary attacks, Using Aircrack-NG

10

Exam WI-FI Exam – Testing Infrastructure Penetration 5

Total Hours: 150

Certified Hands-on Penetration Tester Expert | 6

| www.kernelios.com info@kernelios.com| 5 153-566-3-Yosef Lishansky St. Rishon Lezion, Israel | +972 27

+972-3-566-3155 info@kernelios.com

27 Yosef Lishansky st. Rishon-Lezion, Israel

We're Waiting to Hear From You!