Training & Certifications


This program provides participants with knowledge and skills that are essential for carrying out penetration tester responsibilities in their organization.


At the end of the program, the participants will be able to :

  1. Conduct a thorough security testing through FORESEC proven methodology
  2. Analyse security loophole in operating systems , application and network environment
  3. Conduct a black box , white box and grey box test

Network Administrator, Systems Administrator, Network Engineer, Systems Engineer.


This program is 5 days of intensive training class.


Participants are required to have knowledge of Fundamental ICT, Networking Essentials, Computer Networking Technology or related subjects.


At the end of the program, the participants will be assessed with Foresec Certified Penetration Tester Exam.


Foresec Certified Penetration Tester Certification will be awarded upon successfully passing the exam from Foresec, through an independent online exam engine, PXmatics.


  1. Business and Technical Requirement for Penetration Testing
  2. Linux Basic Understanding
  3. Introducing Kali Linux Penetration Testing Distro
  4. Legal and Privacy Issues
  1. Information Gathering Passively
  2. Active Information Gathering with using Social Media
  3. Mapping Corporate Network and Hosts
  4. Detecting Domain Information
  1. Port Scanning Basics
  2. Enumerating Services and version detection
  3. Understanding Service Versions and Vulnerabilities
  4. Fingerprinting System Services
  1. Open Source VS Commercial Vulnerability Assessment Tool
  2. Advanced Nessus Usage
  3. Vulnerability Detection using Nmap and other open source tool
  4. Vulnerability Testing and Confirmation
  1. Exploiting Routers using SNMP
  2. Exploiting Switches and Traffic Diddling
  3. SNMP Service and OID Vulnerability
  4. GRE Tunnel Exploits
  5. Router and Switches Password Cracking Methods
  6. Sniffing Router Traffic
  1. Windows Client Side Exploits
  2. Internet Explorer Common Exploits
  3. Windows Client Side Java Exploits
  4. Windows File Sharing Protocol Exploits
  5. Malicious USB Attacks and Reverse Shell Attacks
  1. Local Exploit Vulnerabilities
  2. File Permission and Environment Exploits
  3. Understanding Buffer Overflow Concepts
  4. Local Root Exploit vs Remote Root Exploits
  5. Exploiting Samba / NFS / CIFS services
  6. Common SSH Attacks
  1. Enumerating Applications ( Php / Asp / JSP )
  2. Enumerating Database Vulnerabilities ( Local and Remote Enumeration )
  3. Exploiting ( Php / Asp/ JSP ) Application
  4. Common Exploit Framework
  1. Setting up Phishing Attack Servers
  2. Traffic Redirection and Traffic Manipulation
  3. SSL Man in The Middle Attacks
  4. Spoofing Attacks
  5. Injecting Protocols
  1. Assembler Language at Glance
  2. Introduction to Fuzzing and Egg hunting
  3. Building your own Exploit from Scratch ( win32/64 & x86/x686 )
  4. ShellCode and Python Programming
  5. Testing and Improving Exploits

Scroll to Top