Discover the world of penetration testing. Learn how to infiltrate networks and take control of systems and applications. Learn the difference between hacking and penetration testing. Become a penetration tester.
Specialists in IT security are in demand like never before. The threat of online attacks is getting worse by the day. To protect themselves, companies need IT security experts who can spot vulnerabilities in their IT systems and present these in a report. To introduce you to the job of a penetration tester, we offer the “Pentest 101“ online training course, which is divided into different chapters and is structured according to the way a pentest is conducted:
- Introduction of Penetration Testing
- Legal Basics
- Hacking vs. Penetration Testing
- Information Value of Penetration Tests
- International Standards for Penetration Testing
- Hacking I - Network Scanning
- Hacking II - Password attacks
- Hacking III - Web Applications
- Hacking IV - Privilege Escalation
- Hacking V - Tunneling Techniques
- Hacking VI - Vulnerability Scanning and Metasploit Framework
- Demonstration of a Penetration Test
- Risk Assessment
- Report preparation
You will learn the same technical procedures used by malicious attackers and get your hands on all the tools necessary to perform professional penetration tests. Not only will you be able to identify and exploit vulnerabilities in company networks and applications, but you will also be able to impress your future clientele with a reproducible approach and a final, structured report about your findings.
What makes our training unique: we provide you with a fully-fledged laboratory environment – the network of the fictitious "Dubius Payment Ltd."
This lab environment is designed to practice and gain your first hands-on experience and is the practical core of our course. You can apply your newly learned skills in the lab and develop and improve your skillset further. The laboratory is available to you only and you do not have to share it with other participants. You will get access to the lab for 60 days, during which it is up to you to decide when you want to experiment. The laboratory environment is available around the clock. After getting your personal course license, you can set the start date of the lab in our portal.
To make things as realistic as possible, we paid special attention to crafting the employees of "Dubius Payment Ltd.". In the lab environment, the employees are represented on social networks and their relationships to each other are based upon an intriguing background story. Get enthralled by the mystery surrounding “Dubius Payment Ltd.”.
Our online penetration test course was designed in accordance with a special didactic concept, which helps you to learn the theoretical and practical content through independent study.
At the start of the course, our portal provides
- Access to the digital course materials
- Your OpenVPN access data for the virtual network of "Dubius Payment Ltd."
The course materials are divided into chapters. Each chapter is followed by a small multiple-choice test or an open self-check question. Depending on the topic of the chapter, we explain the theoretical basics and also refer to external (free) standard documents or publications on the internet. It is important to work on the contents on your own in order to be able to implement them. Basically, we give you the tools and fundamentals to work with.
At the latest after the chapter "Hacking I - scanning networks" you will be able to take a first look at the network of “Dubius Payment Ltd.”. The subsequent hacking chapters will introduce you to other types of attacks in theory, which you can then try in the lab. You will spend most of your course hours in the lab or the “Dubius Payment” network and put the learned theory to practice. You have access to this network for a total of 60 days.
No particular trainings or vocational qualifications are required to participate in our online "Pentest Training" course. However, the course is designed for persons who have in-depth theoretical and practical experience in IT, such as system administrators, software developers or even computer science students who are about to graduate. Prior knowledge in the following areas is mandatory:
- Use of Linux and Windows operating systems
- Software installation, such as VirtualBox
- Basic shell and terminal commands
- Understanding of how networks and services work:
- ISO/OSI reference model
- TCP/IP, UDP
- SSH, web server, FTP Server
- Programming basics
- Scripting languages such as Python
- Compiling of C code
- Basic IT security controls
- Firewall concepts
- Authentication mechanisms
- Language proficiency
- English - especially written proficiency
It goes without saying that you must have a computer to perform penetration tests at the network and application level. This computer must run Linux (e.g. Debian, Ubuntu, Kali Linux), which you can also operate virtualised, e.g. with VirtualBox. We recommend the following hardware:
- min. 6GB of RAM
- min. 20GB of free hard disk space
- internet speed of 1 Mbps or more
To connect to our lab, you need the open source software “OpenVPN”. If you use a firewall that restricts outgoing data traffic, e.g. in a corporate network, you may need to enable (or have enabled) the associated TCP port. We will provide you with the port number together with the configuration file for your VPN. For technical reasons, this is not the default port of OpenVPN.
Below are the most common questions and answers about the course:
This course does not include a certificate exam, but you may take our "Pentest Exam ". As a registered user, you can buy the "Pentest Exam" bundled with our "Pentest Training" and get a discount. Of course, you can also buy them separately or just one of them.
After you buy a license for the course, you can access the course material and define the start date for your personal lab. The 60 days start from the date you specify.
Tests have shown that persons with good prior knowledge must invest at least 40 hours in the course or the laboratory. On average, we think that 60-80 hours is realistic. We recommend spreading those hours over the 60 lab days and/or adapting it to your pace of learning.
University of Applied Sciences Darmstadt (HDA) offers "Penetration Testing" as a classroom event and as an online self-study session. The course materials of the self-study online session are identical to the course materials of our "Pentest Training". Both use part of the laboratory network of the fictitious "Dubius Payment Ltd." At the university, both courses are subject to a written exam. binsec academy GmbH makes the course available free of charge to the participants of the university event. The corresponding user accounts on the portal are created by binsec academy GmbH Prior registration as a student is not necessary and should be avoided.