CompTIA PenTest+ (Exam: PT0-003)
The CompTIA PenTest+ course prepares students to perform comprehensive penetration tests using professional and ethical methodologies. The training covers everything from planning, reconnaissance, and enumeration to vulnerability exploitation, post-exploitation, and the preparation of the final report for the client.
Through practical labs in controlled environments, the student will learn to work with the tools and techniques used by real pentesters in network, web application, infrastructure, hybrid and cloud environments.
The course develops skills that allow you to both start professionally in the world of ethical hacking and improve skills for advanced roles in cybersecurity, auditing, incident response and red team.
🧪 This course includes official practical laboratories
🔹Scan systems and networks to identify vulnerabilities🔹Execute controlled attacks using professional pentesting tools🔹Exploit vulnerabilities and validate their real impact🔹Analyze results and document technical findings
CompTIA Pentest+ Course - Pentest+ Certification - Penetration Testing - Pentesting - Offensive Cybersecurity - Hands-on Labs - Vulnerability Assessment - Ethical Hacking - CompTIA Training
Training objectives
- Understanding the complete cycle of a professional penetration test.
- Identify, scan, and list vulnerabilities in real-world environments.
- Apply exploitation and post-exploitation techniques in an ethical and safe manner.
- Use advanced penetration testing tools for networks, applications, and systems.
- Perform basic forensic analysis and document findings.
- Prepare technical and executive reports with mitigation recommendations.
CompTIA PenTest+ Course Content
Module 1: Determining the scope and planning a penetration test
Domain covered:
Specific domain objectives:
- Summarize the activities prior to the commitment
Lessons
- Scope definition
- Types of agreements
- Target selection
- Types of evaluation
- Shared responsibility model
- Legal and ethical considerations
Module 2: Frameworks, methodologies and communication
Domain covered:
Specific domain objectives:
- Explain the collaboration and communication activities.
- Compare and contrast testing frameworks and methodologies
- Explain the components of a penetration test report
- Given a scenario, analyze the findings and recommend the appropriate solution within a report.
Lessons
- Collaboration and communication
- Testing frameworks and methodologies
- Threat modeling frameworks
- Components of the penetration test report
- Remediation recommendations
Module 3: Fundamentals of Recognition
Domain covered:
- Recognition and enumeration
Specific domain objectives:
- Given a scenario, apply information gathering techniques
- Given a scenario, use the appropriate tools for recognition and enumeration.
Lessons
- Information gathering
- Recognition tools
Module 4: Enumeration and Reconnaissance Scripting
Domain covered:
- Recognition and enumeration
Specific domain objectives:
- Given a scenario, apply enumeration techniques
- Given a scenario, modify the scripts for recognition and enumeration.
Lessons
- Enumeration techniques
- Reconnaissance scripting
Module 5: Vulnerability Discovery and Scanning
Domain covered:
- Vulnerability discovery and analysis
Specific domain objectives:
- Given a scenario, perform vulnerability discovery using various techniques
- Given a scenario, analyze the results of the recognition, scanning, and enumeration phases.
- Explain the concepts of physical security
Lessons
- Scanning techniques
- Tools for assessing the vulnerability of industrial control systems (ICS)
- Scan output analysis
- Physical security concepts
Module 6: Attack Planning and Prioritization
Domain covered:
Specific domain objectives:
- Given a scenario, analyze the outcome to prioritize and prepare attacks.
Lessons
- Prioritization of objectives
- Capacity selection
Module 7: Network, Host, and Application Exploits
Domain covered:
Specific domain objectives:
- Given a scenario, perform network attacks using the appropriate tools
- Given a scenario, perform authentication attacks using the appropriate tools
- Given a scenario, perform host-based attacks using the appropriate tools
- Given a scenario, perform web application attacks using the appropriate tools.
- Given a scenario, perform cloud-based attacks using the appropriate tools
Lessons
- Network attacks
- Authentication attacks
- Host-based attacks
- Attacks on web applications
- Cloud attacks
Module 8: Wireless, social engineering, and specialized attacks
Domain covered:
Specific domain objectives:
- Given a scenario, perform wireless attacks using the appropriate tools
- Given a scenario, perform social engineering attacks using the appropriate tools
- Explain common attacks against specialized systems
- Given a scenario, use scripts to automate attacks
Lessons
- Wireless attacks
- Social engineering attacks
- Attacks on specialized systems
- Attack automation
Module 9: Post-exploitation, lateral movement and cleaning
Domain covered:
- Post-exploitation and lateral movement
Specific domain objectives:
- Given a scenario, perform tasks to establish and maintain persistence.
- Given a scenario, perform tasks to move laterally through the environment.
- Summarize concepts related to staging and exfiltration.
- Explain the cleaning and restoration activities
Lessons
- Establish and maintain persistence
- Lateral movement
- Staging and exfiltration
- Cleaning and restoration
CompTIA PenTest+ Laboratory
This lab provides comprehensive hands-on experience in the fundamental methodologies and skills required for professional penetration testing. Students will develop expertise across the entire penetration testing lifecycle, from defining test parameters and gathering intelligence to exploiting vulnerabilities, establishing persistence, and conducting post-exploitation activities. The curriculum emphasizes both technical proficiency with industry-standard tools and the crucial importance of professional documentation, ethical considerations, and effectively communicating findings to various stakeholders. This lab prepares students for the PT0-003 exam.
Prerequisites
- Basic knowledge of networks (TCP/IP, ports, protocols).
- Familiarity with Windows and Linux systems.
- General knowledge of cybersecurity (fundamentals, threats, vulnerabilities).
- Completion of CompTIA Security+ is recommended (not mandatory, but ideal).
- Ability to use command line tools.
Language
- Course: English
- Labs: English
