CPTE Exam Format | CPTE Course Contents | CPTE Course Outline | CPTE Exam Syllabus | CPTE Exam Objectives

Exam Code: C)PTE
Exam Name: Mile2 Certified Penetration Testing Professional (CPTE)
Format: The exam consists of multiple-choice questions (MCQs).
Number Mile2 C)PTE - Certified Penetration Testing Professional (CPTE)of Questions: There are typically 100 multiple-choice questions.
Time Limit: Candidates are usually given 4 hours to complete the exam.
Passing Score: A score of at least 70% is required to pass.

- Business and Technical Logistics of Pen Testing
- What is Penetration Testing?
- Today’s Threats
- Staying up to Date
- Pen Testing Methodology
- Pre-Engagement Activities
- Information Gathering Reconnaissance- Passive (External Only)
- What are we looking for?
- Keeping Track of what we find!
- Where/How do we find this Information?
- Are there tools to help?
- Countermeasures
- Detecting Live Systems – Reconnaissance (Active)
- What are we looking for?
- Reaching Out!
- Port Scanning
- Are there tools to help?
- Countermeasure
- Banner Grabbing and Enumeration
- Banner Grabbing
- Enumeration
- Automated Vulnerability Assessment
- What is a Vulnerability Assessment?
- Tools of the Trade
- Testing Internal/External Systems
- Dealing with the Results
- Hacking Operating Systems
- Key Loggers
- Password Attacks
- Rootkits & Their Friends
- Clearing Tracks
- Advanced Assessment and Exploitation Techniques
- Buffer Overflow
- Exploits
- Exploit Framework
- Evasion Techniques
- Evading Firewall
- Evading Honeypots
- Evading IDS
- Hacking with PowerShell
- PowerShell – A Few Interesting Items
- Finding Passwords with PowerShell
- Networks and Sniffing
- Sniffing Techniques
- Accessing and Hacking Web Techniques
- OWASP Top 10
- SQL Injection
- XSS
- Mobile and IoT Hacking
- What devices are we talking about?
- What is the risk?
- Potential Avenues to Attack
- Hardening Mobile/IoT Devices
- Report Writing Basics
- Report Components
- Report Results Matrix
- Recommendations


- Introduction to Pen Testing Setup
- Recording IPs and Logging into the VMs
- Joining the Domain
- Research

- Using tools for reporting
- Setup a Shared Folder
- Setting up and using Dradis CE

- Information Gathering
- Google Queries
- Searching Shodan
- Maltego
- The many tools of OSINT
- Recon-ng

- Detecting Live Systems - Scanning Techniques
- Finding a target using Ping utility
- Footprinting a Target Using nslookup Tool
- Scanning a Target Using nmap Tools
- Scanning a Target Using Zenmap Tools
- Scanning a Target Using hping3 Utility
- Make use of the telnet utility to perform banner grabbing

- Enumeration
- OS Detection with Zenmap
- Enumerating services with nmap
- DNS Zone Transfer
- Enum4linux
- AD Enumeration

- Vulnerability Assessments
- Vulnerability Assessment with Rapid7 InsightVM
- Vulnerability Assessment with OpenVAS

- System Hacking – Windows Hacking
- Scanning from the Hacked System
- Using a Keylogger
- Extracting SAM Hashes for Password cracking
- Creating Rainbow Tables
- Password Cracking with Rainbow Tables
- Password Cracking with Hashcat
- Mimikatz

- Advanced Vulnerability and Exploitation Techniques
- Metasploitable Fundamentals
- Metasploit port and vulnerability scanning
- Client-side attack with Metasploit
- Using Workspaces in Metasploit
- Remote Exploitation of Windows Server

- AntiVirus Bypass
- Bypassing AntiVirus – Not as effective
- Bypassing AntiVirus Signature Scanning
- Bypassing Windows Defender

- Cracking Passwords from a Linux System
- Cracking Linux Passwords
- Brute-force SSH Accounts

- Hacking with PowerShell
- Using PowerShell to Crack Passwords
- Using PowerShell for Enumeration

- Network Sniffing/IDS
- Sniffing Passwords with Wireshark
- Performing MitM with Cain

- Attacking Web Applications
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities
- Broken Access Control
- Security Misconfiguration
- Cross-Site Scripting
- Insecure Deserialization
- WebApp Scanning