
CompTIA PenTest+
CompTIA PenTest+ covers the practical penetration testing skills measured by the PT0-003 exam. Participants study engagement management, reconnaissance and enumeration, vulnerability discovery and analysis, attacks and exploits, post-exploitation, and lateral movement.
No sessions available
Check back later or contact a provider directly.
Description
CompTIA PenTest+ covers the practical penetration testing skills measured by the PT0-003 exam.
Participants study engagement management, reconnaissance and enumeration, vulnerability discovery and analysis, attacks and exploits, post-exploitation, and lateral movement.
Training typically combines guided instruction with hands-on exercises that follow a test lifecycle: planning scope, gathering information, using appropriate tools and techniques, validating findings, and preparing clear reports.
After completion, participants should be better prepared to assess systems ethically, communicate risk to stakeholders, and continue toward CompTIA PenTest+ certification.
What You Will Learn
CompTIA PenTest+ Course Content
This course follows the current CompTIA PenTest+ PT0-003 exam domains: engagement management, reconnaissance and enumeration, vulnerability discovery and analysis, attacks and exploits, and post-exploitation and lateral movement. Learning combines instructor-led teaching, guided labs, tool output review, scripting tasks, and report-writing exercises.
Module 1: Engagement Management and Reporting
Scope definition, rules of engagement, testing windows, exclusions, and escalation paths.
Legal and ethical requirements, authorization letters, NDAs, MSAs, statements of work, and terms of service.
Use of OSSTMM, CREST, PTES, MITRE ATT&CK, OWASP Top 10, OWASP MASVS, STRIDE, DREAD, and OCTAVE.
Penetration test reports, risk scoring, executive summaries, attack narratives, findings, and remediation guidance.
Module 2: Reconnaissance and Enumeration
Passive and active reconnaissance, OSINT, DNS review, certificate transparency logs, banner grabbing, web crawling, and network sniffing.
Enumeration of hosts, services, directories, shares, users, wireless networks, permissions, secrets, APIs, and WAF origin addresses.
Use of tools such as Nmap, NSE, Wireshark, tcpdump, theHarvester, Recon-ng, Shodan, Censys.io, Maltego, Amass, WHOIS, nslookup, dig, and Aircrack-ng.
Module 3: Vulnerability Discovery and Analysis
Network, host, application, mobile, container, wireless, authenticated, unauthenticated, and secrets scanning.
DAST, IAST, SAST, SCA, source code analysis, Infrastructure as Code review, and ICS assessment concepts.
Scan validation, false positives, false negatives, CVE, CWE, CVSS, EPSS, and exploit selection.
Tools may include Nessus, Greenbone OpenVAS, Nikto, TruffleHog, BloodHound, Grype, Trivy, and Kube-hunter.
Module 4: Attacks, Exploits, and Scripting
Network, authentication, host-based, web application, cloud, wireless, social engineering, IoT, mobile, AI, OT, NFC, RFID, and Bluetooth attack concepts.
Use and interpretation of tools such as Metasploit, msfvenom, Netcat, Impacket, CrackMapExec, Responder, Hydra, hashcat, John the Ripper, Burp Suite, Mimikatz, Rubeus, Pacu, Prowler, ScoutSuite, Scapy, Caldera, Infection Monkey, and Atomic Red Team.
Basic Bash, Python, and PowerShell scripting for reconnaissance, validation, and attack automation.
Module 5: Post-exploitation, Lateral Movement, and Cleanup
Persistence methods, reverse shells, bind shells, account creation, registry keys, C2 concepts, and web shells.
Pivoting, relay creation, credential capture, SMB, RDP, SSH, LDAP, RPC, WMI, WinRM, LOLBins, Proxychains, sshuttle, PsExec, and Metasploit.
Staging, controlled exfiltration concepts, artifact preservation, removal of tester-created credentials, removal of tools, infrastructure shutdown, and secure data destruction.
Certification & Exam
Certification: This course prepares participants for the CompTIA PenTest+ certification exam, currently PT0-003. Certification is earned by registering for and passing the CompTIA exam, not by course attendance alone.
The exam includes a maximum of 90 questions, with both multiple-choice and performance-based tasks that assess practical penetration testing skills. Candidates have 165 minutes to complete the exam and must achieve a passing score of 750 on CompTIA’s 100-900 scale.
CompTIA recommends 3 to 4 years in a penetration tester role before attempting the exam.
See the official CompTIA PenTest+ certification page for current exam details.
What You Will Achieve
After completing this CompTIA PenTest+ course, participants should be able to complete the following outcomes in line with the PT0-003 exam objectives.
Plan and scope a penetration testing engagement by defining authorization, rules of engagement, testing limits, communication paths, and legal or compliance requirements.
Apply reconnaissance and enumeration methods using OSINT, DNS analysis, service discovery, and tools such as Nmap, Nmap Scripting Engine, Wireshark/tcpdump, Maltego, Shodan, and theHarvester.
Analyze vulnerability scan results to identify true positives, assess business and technical risk, and prioritize findings for further testing.
Perform authorized attacks and exploits against network, web application, wireless, cloud, and hybrid environments while following agreed engagement rules.
Use penetration testing tools and techniques for vulnerability discovery, exploitation, post-exploitation, lateral movement, and evidence collection.
Evaluate scripts, code samples, and tool output to support reconnaissance, vulnerability analysis, and exploitation tasks.
Create a professional penetration test report that documents scope, methods, evidence, risk impact, findings, and practical remediation recommendations for technical and non-technical audiences.
Training Providers
1 providerFAQs
General Information
Prerequisites & Requirements
Certification & Exam
Get Custom In-house Training
Post once, get competitive offers from multiple providers. Choose the one that fits your team.
Similar Trainings
EC Council Certified Ethical Hacker Certification (CEH)
The Certified Ethical Hacker (CEH) course teaches participants how to identify and fix security vulnerabilities. Through hands-on labs and theory, learners use attacker tools to test and strengthen network security. The training covers networks , web applications , cloud , mobile , and IoT systems. Participants develop technical skills for security audits and vulnerability assessments. Upon completion, professionals can perform penetration testing and report security gaps to protect systems from exploitation.
EC-Council Certified Penetration Testing Professional (CPENT)
The Certified Penetration Testing Professional (CPENT ) program is the world’s most comprehensive guided penetration testing program. It offers a complete hands-on pentesting methodology and AI techniques mapped to all pentesting phases. CPENT enables you to master pentesting within an enterprise network environment, evaluating intrusion risks and compiling actionable, structured reports. Distinguish yourself with the CPENT , learning beyond technical knowledge, scoping engagements, understanding design, estimating effort, and presenting findings and thrive as a leader in offensive security with versatile skills. CPENT combines guided learning with hands-on practice while immersing you in diverse live scenarios involving IoT systems, segmented networks, and advanced defenses, with practical challenges mapped to each domain. Gain expertise in advanced skills necessary to create your tools, conduct advanced binary exploitation, double pivot, customize scripts, and write your exploits to penetrate the deepest pockets of the network. Hands-on course featuring CTFs, 110+ labs, live cyber ranges, and 50+ tools Practical exam tests skills on unique multi-disciplinary network ranges The only program to teach a complete pen testing methodology
EC-Council Computer Hacking Forensic Investigator (CHFI)
EC-Council’s CHFI program enabled cybersecurity professionals with the knowledge and skills to perform effective digital forensics investigations and accomplish forensic readiness. Master the methodological approach of forensics process, evidence handling procedures, chain-of-custody, acquisition, preservation, analysis, and reporting of digital evidence, legal procedures to ensure it is admissible in court. Build skills beyond traditional hardware and memory forensics and with cloud forensics, mobile and IoT, investigating web application attacks, and malware forensics. CHFI equips you with skills to validate/triage incidents and guide the incident response teams. Build job ready skills on immersive 68 forensic labs Earn globally recognized and demanded by employers Flexible learning options without quitting your current jobs
EC-Council Certified Network Defender (CND) Program
The CND course gives you a full introduction to network security from a defender’s perspective. You learn how to protect, monitor, detect and respond to threats in modern network environments. The training includes theory and hands-on labs , teaching you how to secure networks, configure firewalls and IDS/IPS, monitor traffic, and implement defensive strategies across devices, endpoints, cloud and IoT. The goal is to equip you to build and maintain secure networks for organisations.
EC-Council Certified Cloud Security Engineer (CCSE)
The CCSE course teaches you how to secure, manage and defend cloud environments. You learn both general cloud-security principles and specific skills for major providers such as AWS, Azure and GCP. The training includes hands-on labs, real-world scenarios, and guidance on cloud governance, compliance, monitoring and incident response. This course prepares you to build secure cloud infrastructures , protect data and services in multi-cloud settings , and respond to cloud-specific threats professionally.
EC-Council Certified DevSecOps Engineer (ECDE)
The ECDE course shows you how to combine development, operations and security in a modern workflow. You learn both cloud-native and on-prem security practices, secure coding, infrastructure hardening, automated security tools and continuous deployment pipelines. The training uses many hands-on labs to build real-world DevSecOps skills.