Full course content for PEN-101. The sidebar to the left lists every overview document, weekly module, and lab. Pick a starting point below or use the sidebar to jump anywhere.
Start here: PEN-101: Introduction to Penetration Testing -- Course Outline →
Overview
Weekly modules
- Week 1: Engagement Lifecycle, Authorization, and Professional Ethics
- Week 2: OSINT and Passive Reconnaissance
- Week 3: Active Reconnaissance (Nmap, Masscan, Service Enumeration)
- Week 4: Web Application Reconnaissance
- Week 5: Vulnerability Identification, Scanning, and Triage
- Week 6: Midterm Practical
- Week 7: Exploitation I (Metasploit, Public Exploits, Manual Techniques)
- Week 8: Exploitation II -- Web Application Attacks
- Week 9: Post-Exploitation and Privilege Escalation
- Week 10: Lateral Movement, Pivoting, and Operational Security
- Week 11: Reporting and Client Communication
Labs
- Lab 1: Rules of Engagement Drafting
- Lab 2: OSINT Dossier
- Lab 3: Active Reconnaissance -- Full Network Scan and Service Enumeration
- Lab 4: Web Application Reconnaissance
- Lab 5: Vulnerability Identification and Triage
- Lab 7: Exploitation I -- Metasploit, Public Exploits, and Manual Techniques
- Lab 8: Web Application Exploitation
- Lab 9: Privilege Escalation
- Lab 10: Lateral Movement and Multi-Host Engagement Transcript
- Lab 11: Report Workshop