Certified Penetration Tester (CPT) - Security Professionals & Engineers

Duration: 5 Days
Modes: In-Person, Live Online, On-Demand, On-Site
A 100% hands-on programme that takes you from vulnerability discovery to exploitation and reporting. Learn to think like an attacker, test like a professional, and secure like a practitioner. No slides, no theory, all lab.
Speak to a Training Advisor
Speak to a Training Advisor
Course Objectives
check icon
Understand different attacks used by hackers to compromise organisations
check icon
Learn various types of information and intelligence gathering techniques, tools, and countermeasures
check icon
Learn network scanning techniques, enumeration techniques, and scanning countermeasures
check icon
Understand packet sniffing techniques, tools, and how to defend against sniffing
check icon
Learn social engineering techniques, identity theft methods, and countermeasures
check icon
Master different types of web application attacks, hacking methodologies, and countermeasures
check icon
Understand wireless encryption, wireless hacking methodology, and Wi-Fi security tools
check icon
Learn mobile platform attack vectors, vulnerabilities, and countermeasures
check icon
Learn firewall, IDS, and honeypot evasion techniques and countermeasures
check icon
Perform vulnerability analysis and prepare professional pentest reports
Expected Outcomes
check icon
Conduct full vulnerability assessments on networks, web applications, and mobile platforms
check icon
Safely exploit identified vulnerabilities as proof of concept for client engagements
check icon
Perform information intelligence gathering to map target infrastructure
check icon
Execute network scanning, enumeration, and vulnerability identification
check icon
Run social engineering attacks and campaigns for testing purposes
check icon
Perform web application penetration testing across OWASP Top 10 vulnerabilities
check icon
Conduct wireless network penetration testing
check icon
Perform penetration testing, security consultation, and architecture review
check icon
Prepare and submit professional vulnerability assessment and pentest reports
check icon
Advise IT teams on hardening and defence strategies
Training Modules
1. Introduction to Vulnerability Assessment & Penetration Testing
chevron down icon
1. Attack life cycle, methodologies, and vulnerability types
2. Vulnerability Assessment vs. Penetration Testing
3. Vulnerability research sources and exploit databases
4. Commercial and open-source penetration testing tools
5. Penetration Testing Methodologies and Report Templates
2. Information Intelligence Techniques
chevron down icon
1. Passive information gathering with tools
2. Intelligence gathering and mapping the target organisation
3. Information intelligence and mapping infrastructure/technologies
3. Scanning & Vulnerability Assessment
chevron down icon
1. Scanning types and scan options
2. NMap scanning (Ninja and Non-Ninja techniques)
3. Host discovery, ping and port scanning
4. OS fingerprinting and service enumeration
5. NMap scripts and firewall bypassing
6. ZenMap, Netcat fingerprinting
7. NeXpose vulnerability scanning and reporting
8. OpenVAS
4. Cracking & Social Engineering
chevron down icon
1. Man-in-the-Middle concepts and attacks
2. Password cracking (Hydra, Medusa, John the Ripper)
3. Brute force tools and password generators
4. FTP, Telnet, SSH credential cracking
5. Social engineering attacks: Java Applet, Infectious Media Generator, Credential Harvester, Spear-Phishing, and more
5. Exploitation & Pentest
chevron down icon
1. Metasploit Framework concepts
2. Metasploit Community and Armitage
3. Exploitations: password hash dump, screenshots, keystrokes, privilege escalation, pivoting, persistence, backdoors
4. Anti-virus evasion frameworks
5. Netcat exploitations and backdoors
6. Advanced exploitations using PowerShell
7. Pentest reporting
6. PowerShell Exploitation
chevron down icon
1. PowerShell basics
2. PowerShell log analysis
3. PowerShell malware evading antivirus and endpoint defences
7. Web Pentest
chevron down icon
1. Web application basics and fingerprinting
2. Payment gateway and order tampering
3. Labs on OWASP Top 10: SQL Injection, XSS, CSRF, LDAP Injection, Command Injection, Directory Traversal, File Upload/Download, and more
4. Tools: Acunetix, Qualys, Burp Suite
5. Pentest reporting
8. Wireless Pentest
chevron down icon
1. Introduction to WEP, WPA, WPA2
2. Wireless cracking with Reaver
3. Uncovering hidden SSIDs
4. Wi-Fi Twinning attacks
Certification & Accreditation
Certification Path 1: GlobalACE Certification
The GlobalACE certification is designed to align with internationally recognised Knowledge, Skills, and Attitudes (KSA) standards for Information Security Professionals. Candidates are assessed through a combination of multiple choice questions, practical assessments, assignments, and case studies. Examinations are conducted at authorised centres across participating member countries, and successful candidates are eligible to apply as Associate or Professional Members under the GlobalACE framework, recognised in 64+ countries.
Certification Path 2: CyberKnights Certification
Exam Format: 100% Hands-on Exam. Exam Duration: 2 Hours. Pass Mark: 70%. The CPT exam is a fully practical, hands-on assessment. Candidates must demonstrate their ability to find, exploit, and report vulnerabilities in a virtualised environment. Exam fees are inclusive in the course fees. All certified candidates receive complimentary membership access to the KALAM Cybersecurity Collaboration and Community Skills Validation Platform.
Frequently Asked Questions
What level of experience do I need to attend?
This course is designed for beginners to intermediate-level security professionals. You should have basic networking knowledge and familiarity with Windows and Linux operating systems.
What tools will I learn to use during the course?
You will work with industry-standard tools including Metasploit, NMap, Burp Suite, Acunetix, Qualys, Hydra, John the Ripper, PowerShell, Netcat, and many more.
How does this certification compare to CEH or OSCP?
CPT focuses entirely on practical, hands-on skills with zero theory exams. Unlike CEH which is largely MCQ-based, every module in CPT involves real lab exercises. It bridges the gap between CEH-level awareness and OSCP-level practical depth.
Is the exam hands-on or theory-based?
The CyberKnights CPT exam is 100% hands-on. You have 2 hours to find and exploit vulnerabilities in a virtualised lab environment with a 70% pass mark. No multiple choice questions.
Can this training be delivered on-site for our security team?
Yes. We offer private on-site delivery where the lab environment is configured to reflect scenarios relevant to your organisation's infrastructure and industry.
Will I be able to perform professional pentest engagements after this course?
Yes. The course covers the full engagement lifecycle from reconnaissance and intelligence gathering through exploitation, reporting, and client advisory. You will leave equipped to conduct professional assessments.
Ready to get started?
Train your team. Strengthen your defence.
Fill in the form and our training advisors will get back to you within 24 hours with a tailored programme recommendation for your team.
20,000+ professionals trained across enterprise and government sectors
chevron down icon
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
© Copyright. All Rights Reserved