• Corporate Courses
  • CompTIA
CompTIA

CompTIA PenTest+

CompTIA PenTest+ validates your ability to identify, mitigate, and report system vulnerabilities. Covering all stages of penetration testing across attack surfaces like cloud, web apps, APIs, and IoT, it emphasizes hands-on skills such as vulnerability management and lateral movement – equipping you to advance your career as a penetration tester or security consultant.

Enquire Now

Why choose this course?

  • End-to-end penetration testing – master engagement planning, reconnaissance, vulnerability analysis, exploitation, cloud-based attacks and post-exploit cleanup.
  • Hands-on, performance-based labs – use industry tools (Nmap, Nessus, Wireshark, Metasploit) and custom scripts to simulate real-world attack scenarios.
  • Vendor-neutral credential – PenTest+ sits at the intersection of Security+ and advanced exploit techniques, making it ideal for multi-platform environments.
See Course Content

This course is ideal for:

  • Penetration testers, ethical hackers and security consultants who perform hands-on assessments across networks, applications and cloud services.
  • SOC analysts and incident responders who need to understand offensive tactics and improve defensive controls.
  • Anyone preparing for CompTIA PenTest+ (Exam PT0-003) on their cybersecurity-certification journey.

Prerequisites

  • 3–4 years of hands-on experience in penetration testing or vulnerability management.
  • CompTIA Network+ and Security+ certification or equivalent knowledge.

Course Content

  • Engagement management – planning and scoping tests (rules of engagement, windows, targets), ensuring legal/ethical compliance, stakeholder communication and crafting professional penetration-test reports.
  • Reconnaissance and enumeration – active/passive information gathering (OSINT, sniffing, protocol scans), DNS/service/directory enumeration, and script customization with Python, PowerShell or Bash.
  • Vulnerability discovery and analysis – authenticated/unauthenticated scanning (SAST/DAST), tool-based discovery with Nessus/Nikto/OpenVAS, validating findings and troubleshooting false positives.
  • Attacks and exploits – network attacks (VLAN hopping, on-path), authentication attacks (brute-force, pass-the-hash), host-based exploits (privilege escalation, credential dumping), web app attacks (SQLi, XSS, traversal), cloud-specific exploits (container escapes, metadata-service attacks, IAM misconfigurations) and emerging AI-focused attacks (prompt injection, model manipulation).
  • Post-exploitation and lateral movement – establishing persistence, pivoting within networks, cleaning up artifacts and documenting attack narratives with remediation recommendations.

Hardware Requirements

Interested?

Enquire today and one of our consultants will be in touch.