Pentest Exam (BACPP)
For corporate customers our portal offers additional features. A corporate customer account allows a company to manage multiple employee accounts, order various course licenses and assign licenses to specific employee accounts. We are offering discounts for large purchases to our corporate customers.
- Manage employee accounts
- Assign licenses to employees
- Purchase license packs
Successfully perform a penetration test and get certified: Binsec Academy Certified Pentest Professional (BACPP).
As BACPP holder you are proving to others that you
- can compromise IT systems and develop zero day exploits.
- can identify vulnerabilities in networks and applications by using a structured approach.
- can list all your findings in a final report, which also prioritises them according to risk.
- can carry out a penetration test professionally for several days.
When your exam starts you will have access to
- the digital course materials (information for the exam) and
- the virtual network of "Vulnus Health Inc." through OpenVPN.
You will have access to the IT infrastructure of "Vulnus Health Inc." for 5 days, which comprises several network segments. During this time you are going to perform a penetration test of the IT systems and the applications inside it. You will write a report and submit it to us in encrypted form. If the report is structured, comprehensible, complete and if you have identified the main weaknesses in the Vulnus Health network, you are going to receive the BACPP certificate as proof of your performance.
Performing Penetration Tests of networks and services requires a computer, of course. On your computer you need a Linux system (such as Debian, Ubuntu, Kali Linux). You may install it in a virtual environment like VirtualBox. We therefore recommend the following hardware requirements:
- at least 6GB RAM
- at least 20GB free hard disk space
- an internet connection with a bandwith of at least 1 Mbps
To connect to our lab environment you need the open source software "OpenVPN". If you use a firewall that restricts outbound traffic - for example within a company network - you may need to allow outgoing traffic to our OpenVPN server and its tcp port. You will receive your server IP and port with the configuration file for your VPN. For technical reasons, this is not going to be the default port of OpenVPN.
In addition to the following FAQ regarding our Pentest Exam, please also see our general FAQ page.
You are ready for the exam, when you were able to penetrate most of Dubius Payment's systems and applications (including the API) from the "Pentest Training". The time spent to complete the exam is about 2-3 days (8h a day) for a professional penetration tester; while you will get 5 days access to this lab. You should keep in mind that we do focus on professional penetration testing: This does include a good and comprehensive penetration test report, which you could hand over to a potential client.
Yes, you can retake the exam. You may contact support, to get a discount voucher, after you failed the exam.