Courses Details
Course Overview
The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and enhances your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology. It focuses on pentesting methodology with an emphasis on hands-on learning

The ECSA penetration testing course provides you with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.
Course Schedule
Target Audience

Who Is It For?

  • Ethical Hackers
  • Penetration Testers
  • Network server administrators
  • Firewall Administrators
  • Security Testers
  • System Administrators and Risk Assessment professionals
Course Prerequisites
Recommended to attend CEH  training OR you must have core ethical hacking skills
Course Outline
Module 00: Penetration Testing Essential Concepts (Self-Study)
  • Computer Network Fundamentals
  • Network Security Controls and Devices
  • Windows and Linux Security
  • Web Application and Web Server Architecture and Operations
  • Web Application Security Mechanisms
  • Information Security Attacks• Information Security Standards
Module 01: Introduction to Penetration Testing and Methodologies
  • Penetration Testing Process and Methodologies & Benefits
  • Types, Areas and Selection of Pentesting
Module 02: Penetration Testing Scoping and Engagement Methodology
  • Penetration Testing Scoping and Rules and Engagement
  • Penetration Testing Engagement Contract and Preparation
Module 03: Open-Source Intelligence (OSINT) Methodology
  • OSINT Through World Wide Web(WWW), Website Analysis, DNS Interrogation
  • Automating your OSINT Effort Using Tools/Frameworks/Scripts 
Module 04: Social Engineering Penetration Testing Methodology
  • Social Engineering Penetration Testing Techniques & Steps
  • Social Engineering Penetration testing using E
Module 05: Network Penetration Testing Methodology – External
  • External Network Information & Reconnaissance
  • Scanning, and Exploitation
Module 06: Network Penetration Testing Methodology – Internal
  • Internal Network Information Reconnaissance and Scanning
  • Internal Network Enumeration and Vulnerability Scanning
  • Local and Remote System Exploitation
Module 07: Network Penetration Testing Methodology – Perimeter Devices
  • Firewall Security Assessment Techniques
  • iDs Security Assessment Techniques
  • Router and Switch Security Assessment Techniques 
Module 08: Web Application Penetration Testing Methodology
  • Web Application Content Discovery and Vulnerability Scanning
  • SQL Injection Vulnerability Penetration Testing
  • XSS, Parameter Tampering, Weak Cryptography, Security Misconfiguration and Client side scripting, vulnerabilities penetration techniques Authentication, Authorization, session, Web Server Vulnerabilities Penetration Testing
Module 09: Database Penetration Testing Methodology
  • Database Penetration Testing Techniques & Information Reconnaissance
  • Database Enumeration & Exploitation 
Module 10: Wireless Penetration Testing Methodology
  • WLAN Penetration Testing Techniques
  • RFID and NFC Penetration Testing Techniques
  • Mobile Device Penetration Testing Techniques
  • loT Penetration Testing Techniques 
Module 11: Cloud Penetration Testing Methodology
  • Cloud Specific Penetration Testing Techniques and Recommendations
  • Cloud Specific Penetration Testing Methods
Module 12: Report Writing and Post Testing Actions
  • Penetration Testing Report Writing Process
  • Penetration Testing Reporting Formats