Call 1-800-305-3855 for  more information on available plans and pricing

Study at your own pace

PTX is an online, self-paced training course that provides the knowledge and skills to execute state-sponsored-like operations, perform advanced adversary simulation and covers implementation details on numerous undocumented attacks plus much more. PTX comes with lifetime access to course material and flexible access to the most sophisticated virtual labs on Network and Web Application Security.

Extremely Hands-on

Practice advanced Network Pentesting against a number of real world network infrastructures. PTX includes the most sophisticated virtual lab on Network and Web App Security: Hera Lab.

Become Certified

Obtain the eCPTX certification and prove your practical skills with the only 100% practical certification on Advanced Network Penetration Testing.

Course at a glance
  • Obscure ways of exploitation and backdooring
  • Advanced client side exploitation techniques
  • Custom attack vector and payload creation
  • In depth Active Directory Reconnaissance & Enumeration
  • In depth analysis of Active Directory exploitation
  • Stealthy lateral movement and evasion against modern defenses
  • In depth analysis of critical domain infrastructure exploitation
  • In depth details of common misconfigurations and weaknesses
  • Details for covert operations and stealthy persistence
  • Extremely Hands-on with challenges in virtual-labs
  • Obtaining the eCPTX certification qualifies you for 40 CPE
Course Material
  •     High Definition Videos
  •     Interactive slides
  •     Hands-on challenges in our industry leading virtual labs
Course Delivery
  •     Self-paced / HTML5, PDF, MP4
  •     Off-line access available
  •     Access from PC, Tablet and Smartphone
  • Module 1 : Advanced Social Engineering

    In this module, you will be shown how to execute advanced client-side attacks, while remaining under the radar. You will learn how to execute advanced social engineering attacks as well as how to develop your own custom attack vectors and payloads. Uncommon phishing techniques and anti-analysis practices are also included in this module.

  • Module 2 : Advanced AD Reconnaissance & Enumeration

    A red team member will usually identify misconfigurations or exploit trust relationships which will take him all the way to domain administrator. To achieve this, stealthy and extensive reconnaissance and enumeration are required, prior to any exploitation activities. In this module, you will be shown such advanced reconnaissance and enumeration techniques against Windows environments. You will actually learn how to retrieve the most important pieces of information out of Active Directory, while remaining undetected.

  • Module 3 : Red Teaming Active Directory

    In this module, you will be shown how to attack Active Directory environments. Specifically, you will be shown how to attack Windows authentication, leveraging inefficiencies in its core (regardless of the basis being NTLM or Kerberos), how to bypass the latest in Windows security enhancements (Script block logging, AMSI, Constrained Language Mode etc.) and how to identify and abuse common Active Directory misconfigurations. Then, you will be taught how to stealthily move laterally into a network, leveraging native Windows functionality, how to abuse domain trusts and finally, how to stealthily own the whole infrastructure and persist on it.

  • Module 4 : Red Teaming MS SQL Server

    The majority of organizations base their database infrastructure on SQL Server. In this module, attention will be given on weak and default SQL Server configurations that can be leveraged by a penetration tester / red team member. The whole SQL Server attack surface will also be mapped in this module. You will eventually learn how to locate and access SQL servers from various attack perspectives, how to identify insufficiently secure configurations, how to escalate privileges within SQL server from various attack perspectives and how to perform post-exploitation activities against SQL servers.

  • Module 5 : Red Teaming Exchange

    The majority of organizations base their email infrastructure on MS Exchange Server and Outlook. In this module, you will see that those two components offer capabilities that can greatly assist us in a Red Team engagement. You will learn how you can compromise an organization externally by attacking its Exchange infrastructure. Specifically, you will be shown how to gain initial foothold, move laterally and even bypass network segregation by abusing Exchange functionality. Stealthily spreading the compromise is another thing that you will be taught to do again by abusing Exchange functionality. The same actions, as you will see, can also be performed during an internal engagement.

  • Module 6 : Red Teaming WSUS

    Windows updates are an important aspect of security in every organization. Due to the trust relationship that exists between users and Windows updates, WSUS has some great potential for serious compromise. In this module, you will learn how to manipulate WSUS components, using a variety of techniques, to gain initial foothold, move laterally and even spread the compromise into an organization’s network.

  • Solid understanding of networks and network related security models
  • Solid understanding of Active Directory administration and Windows internals
  • Good knowledge of network protocols
  • Basic knowledge of PowerShell scripting
  • Basic reverse engineering skills
This training course is for…
  • Penetration Testers
  • IT Security personnel (incl. Blue Team members)
  • IT admins and staff
  • Forensers

Penetration Testing eXtreme (PTX) is the most practical training course on Advanced Penetration testing. Being integrated with Hera Lab, the most sophisticated virtual lab on IT Security, it offers an unmatched practical learning experience.

Hera is the only virtual lab that provides fully isolated per-student access to each of the real world network scenarios available on the platform.

Students can access Hera Lab from anywhere through VPN.

Lab IDDescriptionCategory
Lab 1Custom Undetectable Macro DevelopmentEducational
Lab 2Establishing A Shell Through The Victim’s BrowserEducational
Lab 3Serving a Malicious Update Through WSUSEducational
Lab 4SQL injection to Domain Administrator hashEducational

Call 1-800-305-3855 for  more information on available plans and pricing