Advanced Tips and Techniques
The Advanced Penetration Testing Course by EC-Council was created as the progression after the ECSA to prepare those that want to challenge the Licensed Penetration Tester (Master) certification and be recognized as elite penetration testing professionals. Our training has been designed by the best in the industry and meant to push you to develop the kind of skill that you’ve been waiting to acquire.
LPT (Master) training is not comfortable (and the exam is even worse!), but filled with intense stress meant to elicit the best from you. Those who prevail will have developed an instinctual and intellectual response to real-world penetration testing challenges.
We want to bring out the best in you. Our aim is to push you to your limit while making you solve complex problems that actual penetration testers solve daily in the real world. For four punishing and long days, you will have to perform various tasks until it becomes second nature. This is the foundation of the program.
This program is radically different from the ECSA. In the ECSA course, you are provided guidance on what machines to attack and an initial starting point. In the Advanced Penetration Testing Course, you are presented with minimal network information along with a Scope of Work (SOW). The course was created to provide you with advanced concepts that will help when it comes to attempting the LPT (Master) Certification exam.
In this course, you will learn professional security and penetration testing skills. The course is designed to show advanced concepts like scanning against defenses, pivoting between networks, deploying proxy chains, and using web shells. The last module of the course includes an SOW for each of the various networks we have created for the course. This, combined with the composition of various ranges, mimics a professional penetration test. Time is limited and you will be required to identify the attack surface followed by the weaknesses of the machines that are on the network.
About the Program
The LPT (Master) is the world’s first fully online, remotely proctored LPT (Master) practical exam, which challenges the candidates through a grueling 18 hours of performance-based, hands-on exam categorized into three practical exams for six-hour duration each, which will test your perseverance and focus by forcing you to outdo yourself with each new challenge. The exam requires the candidates to demonstrate a methodical approach to test and validate security defenses. The LPT (Master) exam is developed with close collaboration with SMEs and practitioners around the world after a thorough job role, job task, and skills-gap analysis.
Module 01 Introduction to Vulnerability Assessment and Penetration Testing
Module 02 Information Gathering Methodology
Module 03 Scanning and Enumeration
Module 04 Identify Vulnerabilities
Module 05 Exploitation
Module 06 Post Exploitation
Module 07 Advanced Tips and Techniques
Module 08 Preparing a Report
Module 09 Practice Ranges
Real-world, performance-based assessment:
The successful candidates need to demonstrate a mastery of the skills required to conduct a full black-box penetration test that simulates a complex network of a multi-national organization in real-time. The exam environment via EC-Council’s cloud-based cyber range, iLabs, has multiple networks with different militarized and demilitarized zones. You will follow the entire process of “Cyber kill chain”, taking you from reconnaissance, scanning, enumeration, gaining access, maintaining access, then exploiting vulnerabilities that you will have to seek out in a network that only a true penetration tester will be able to break.
To build on the technical skills taught in the Certified Ethical Hacking course, the repeatable and documentable methodology provided in the EC Council security analyst program, the EC-Council LPT (Master) course emphasizes the application of this methodical approach to penetration testing. The LPT (Master) practical exam thoroughly tests the application of the penetration testing process and lifecycle knowledge and the skills required in an examination that even our reviewers have called “extremely challenging”.
Penetration test report:
Many have described report writing as one of least preferred, yet arguably one of the most critical parts of any penetration testing engagement. While so many cybersecurity courses are offered globally to cover various subjects in the penetration testing realm, hardly any are dedicated to this very important skill, especially almost since half of all time spent at any penetration testing engagement can revolve around writing and reporting the core findings of the engagement to the client.
The key skill also lies in communicating a highly technical finding in an elaborate penetration test engagement to someone to the senior management and the board of directors can be very challenging and frustrating at times. Mastery of communication, research, and report writing is required to make sense of technically complex topics like specific vulnerabilities and their resulting exploits in a meaningful manner to make educated decisions to improve the security posture of the organization. The candidates are required to submit a comprehensive report of their findings, methodology used, corroborative screenshots, scripts, custom exploits, or any other method they have used to penetrate the network within 45 days after completing the three challenges. The submitted report should be very clear so that we should be able to compromise the target again by following the report.
Renewal Cycle, Certification Fees & ECE Scheme
The certification is valid for 2 years from the date of approval and members must then renew annually.
For renewals, members will need to remit USD250 per annum which can be done at our online store.
LPT (Master) certification falls under the ECE Policy. Members must ensure that they meet the ECE requirement.
Should you have any queries, please do not hesitate to write to firstname.lastname@example.org.