Choose Language:       
Home > blog > Pentest teaching methodology

Pentest teaching methodology

  Articles     pentest, methodology
Our methodology is divided in four steps that togheter will take you to professional level.

Lately I have received several requests to demonstrate how our Pentest teaching methodology works and what it has so different from other existing training. Our methodology is divided into four parts that together will take you to the professional level.

The first step - learning


I have separated some classes to exemplify how we work the students' learning in a didactic and totally practical way, the student goes beyond learning to use tools, he learns to understand the concepts and techniques and with that he has the possibility to adapt or build his own tools.

During the recognition phase of a Pentest we need to collect as much information about our target and when we talk about web server it is common to use a technique to discover applications, systems, sensitive files in order to proceed with the attack.



Maybe you already knew this technique and this tool, as I said earlier is a known tool.

But is knowing that enough? Do you really understand how the technique works and what happens underneath the cloths? For us it is necessary to understand the concept behind the tool, to understand the technique and how things work behind the scenes.

Learning to use tools anyone learns, does not even need to courseware for this, just read the tool manual. Now understanding how things really happen is the cat's leap for anyone who wants to become a good pro.

Based on this we will continue to demonstrate how things work in Desec Security. In this video you will understand some fundamental concepts to understand the necessary basis of how the tool operates.



You have already learned part of the necessary base, we will continue with another class very practical and easy to understand.


Look how incredible, 20 minutes ago maybe you knew or not part of this technique but now your brain called and it's a thousand thinking how to implement everything you just absorbed in a few minutes.

Let's continue with one more lesson and now teaching to implement the concepts learned using bash script, the idea of this post is to demonstrate our teaching methodology so we will not focus on the concepts of Linux, Bash Script, commands or security-oriented programming as this is taught meticulously in the first modules of the complete training and you have all the resources and support to gradually evolve in your own time.

Building Your Own Script


See how simple it is? Now you have a very clear idea of how we teach Pentec security and techniques in Desec Security in a very didactic and fully practical way.

Download this manual for this task

You know what's crazy about all this? That the more than 22 modules and more than 260 classes are equivalent to only 25% of our methodology, meaning attending classes is the beginning of the methodology. Contact Us

Second step of the methodology - vlab (virtual lab)






The vlab contains over 50 practical labs related to concepts taught in training, these labs function in a game-like manner and can be online (real-world environments, real-world domains, etc.), off-line (downloadable files) or via VPN.





The image below shows an example of VLAB where the student needs to use the techniques learned to discover information from a web server in the realistic environment.







As the student solves the practical challenges he will receive a score and increase in the ranking of students. All the training follows this idea, they are more than 20 modules, being more than 260 classes and more than 50 practical laboratories. When the student finishes all the classes and all the practical laboratories he receives the certificate of conclusion of Course as well as any other course.  

At that time the student completed approximately 80 hours of course and reached half of our methodology.


At the end of the course the student can consult the self-correction manual and videos of solutions of the tasks.



Market Problem

Over the years we identified a problem in the market, when the student finished the course, although he had a good base existed a barrier to enter the area. Companies look for professionals with experience and professionals seek opportunities to develop and gain experience, the problem is the professional can not get the opportunity because they do not have experience and can not experience because they do not have opportunities. The result of this is that the professional enters while true; an infinite loop. It would be a great challenge to solve this, but a good solution arises from a great challenge, so we decided to create CORP NETWORK the third step of our methodology.


Third stage - corp network




CORP NETWORK is a huge realistic network with an immense variety of mixed systems, created to build the technical background needed to act as a Pentester. This network has networks segmented to other departments, hosts from the oldest to the most modern, Windows, Linux, FreeBSD, Solaris, Web Applications, CMS, Firewall, etc. There are dozens of hosts to compromise without any help, just using the knowledge gained in the course, plus lots of extra research. As if in a real Pentest.


Step Four - dcpt certification desec certified penetration tester




When the student completes all the steps of the methodology he has to prove that he is ready and able to act as a Pentester, for this he needs to pass our examination for the DCPT Certification that is totally practical.

All students receive a voucher to make our DCPT Practice Certification in which the student receives a VPN that gives access to an isolated network and the student has 24 hours to compromise all the hosts of that environment and to take the confidential information


Conclusion

Desec is a company specializing in offensive security more precisely (Pentest), basically companies hire us to test the security of their environments and point out the vulnerabilities. This is our first line of action and it was where it all began. In 2014 we detected a great lack in the existing Pentest training in the market and we decided to revolutionize bringing a totally different concept and based on our real experience and thus was born the Professional Pentest Course of Desec Security. Imagine where you can get with the guidance we provide through our hands-on training. Imagine how many years and how much money you will be saving for having that direction. Imagine where you want to be in your career within a year, the decision to change is entirely yours.


We give you the tool and guidance, you just have to do your part and study.
The investment for the full Pentest Professional training is $ 1850.00 in up to 12x on the credit card. Divide this value by 12 and pause to think about where you can be in a year from now, how much experience you can absorb in this time of study. Without a doubt, knowledge is the best investment and it is what makes people really reach the next level of their life
To learn more about the training visit: www.pentestprofissional.com.br


IF YOU WANT TO RECEIVE MORE CONTENT LIKE THIS, CLICK BELOW AND JOIN OUR NEWSLETTER.


Cadastre-se para receber mais posts como este.

CEH, OSCP, DCPT
Our Channels Comunication
 
 
+55 11 3075 2780   |    contato@desecsecurity.com
Work Hour: 09:00am to 06:00pm
Our Location
Paulista Avenue, 1765 - 7th Floor - Bela Vista - São Paulo
Bug Report
if you found some bug in our plataforms, contact us via Bug Report.
Bug Report