WIXLIB

CertifiedPenetration TestingExpertCPTECYBER THREAT IS.One Of The Most Dangerous Threats Surpassing Terrorism To The World.Develop Your Knowledge Base By Getting The Right Training With Respect To Security Fundamentals.www.pristineinfosolutions.com

CPTECPTEABOUT USPristine InfoSolutions is one of the leading cyber security services andinformation security training provider headquartered in Mumbai,having branches all over India.Achievements1stIndia's top cyber securitycompany of the year 2014.500 Website’s been patched,made hack proof.20000 Students trained includingcorporate & college workshops150 Corporate and ristine InfoSolutions Career Developmentand Training Department is one of the mosttrusted and by far the largest source forinformation security training and ethicalhacking courses in India.Over the years we have trained manyengineers, professionals and corporates indifferent cities across the country andproduced highly skilled pool of ITprofessionals to counter global industrychallenges in the field of InformationSecurity.The company is inspired by the guidingprinciple and vision of educating one andall about the nuances of cyber crime andthe risks involved. We deliver trainings,workshops, seminars and services on'Cyber Security', 'Computer Forensics' andalso provides 'Cyber Investigation Support'on request basis.The company's research developmentprograms and training helps youth toachieve real-world skills to compete betterin today's scenario.We have a diverse client base and ourability to tailor our services to the needs ofpublic, private, government andinternational clients is fundamental to ourapproach. We have served many reputedorganizations like Indian Railways, HCL,Accenture, Wipro, Capgemini, Trend Micro,etc.Pristine InfoSolutions has been awarded as the India's top cyber securitycompany of the year 2014 by SiliconIndia.Also got featured in Silicon India Magazine:http://siliconindian.com/si freemag/india-edition sep 14 issue1.pdf(51st page in pdf, Page no. 100 in hard copy).Pristine InfoSolutions has been featured in various printmedia and TV news channels to impart expertise on theissues of Cyber Security. Recently, Pristine InfoSolutions was interviewed by NDTVon the issue of Xiaomi smartphone data compromise. Show recording available on:https://www.youtube.com/watch?v xvlKnOFEfXUWORK DOMAINSCurrently the Company offers:A) Cyber support services:1) Cyber crime investigation and computer forensics2) Penetration & Vulnerability testing3) Cyber detectivesB) Training services:4) Corporate training5) UG/PG students training6) School students trainingApart from this the Company also encompasses:1. Pristine training centre (for professionals and students).2. Pristine summer camp in cyber security and computer forensic (for school &Jr. college students).3. Pristine Digital Lab (Lab for computer forensic).4. Pristine Customized Solutions (Research & Development).5. Pristine Distance learning (Correspondence course).www.pristineinfosolutions.com2

CPTECPTECPTECERTIFIED PENETRATIONTESTING EXPERTCPTE is a comprehensive penetration testing training program which covers allaspects of defence as well as attacks and prepare security professionals to analyzethe security posture of a network and recommend corrective measuresauthoritatively.Certi ed Penetration Testing Expert training is the advanced level of Ethical Hackingin which the personnel evaluates security of IT network or corporate websites bysimulating an attack from external threats and internal threats and recommendcorrective measures authoritatively. This analysis is carried out from the position of apotential attacker and can involve active exploitation of security vulnerabilities.Pristine InfoSolutions Certi ed Penetration Testing Expert (CPTE) truly prepares youto conduct successful penetration testing projects in real-time scenarios by usingworld class tools and ground breaking techniques. The course starts with properplanning, scoping and recon, and then dives deep into scanning, target exploitation,password attacks, and wireless and web apps with detailed hands-on exercises andpractical tips for doing the job safely and effectively.The objectives of this certi cation include penetration-testing methodologies, thelegal issues surrounding penetration testing and how to properly conduct apenetration test as well as best practice technical and non-technical techniquesspeci c to conduct a penetration test.This penetration testing course also enhances the business skills needed to identifyprotection opportunities, justify testing activities and optimize security controlsappropriate to the business needs in order to reduce business risk. The CPTEcerti cation helps students perform the intensive assessments required to effectivelyidentify and mitigate risks to the information security of an infrastructure.3www.pristineinfosolutions.comBE FASTER, BETTER EQUIPPED & READY.MASTER BLEEDING EDGEPENETRATION TESTING SKILLS.DON'T BE AN ORDINARY PEN-TESTERBE A CPTE.www.pristineinfosolutions.com4

CPTECPTEWHY CPTE CERTIFICATION ?Cyber Attacks and Security vulnerabilities in IT Infrastructure and systems continue toplague organizations. Enterprises need experts who can nd these aws in aprofessional manner to help eradicate them from their infrastructures. A penetrationtester is generally expected to run a number of tests on web-based applications,networks, and other types of computer systems and ll out assessment reports aboutwhat they have discovered and help mitigate risks to the security of company’sinfrastructure.As technology becomes a bigger part of more individual industries, the demand forpenetration testers is consistently growing each year. If you are motivated enough,curious enough and determined, then CPTE is the perfect course for you to earn apromising career.HOW IS CPTE DIFFERENT FROMOTHER PEN-TESTING COURSES ?WHO SHOULD ATTEND THIS COURSE ?The CPTE certi cation is a highly technical and indepth training for experienced information securityprofessionals, network server administrators,information security analysts, systemadministrators, IT of cers, IT Managers, IT Auditors,risk assessment professionals and anyone havingprior ethical hacking knowledge.5www.pristineinfosolutions.comThe CPTE is anintensive course onpenetration testingdesigned for thosewho already haveundergone EthicalHacking training.The Certi ed Penetration Testing Expert (CPTE) is the only course that trainsstudents on all the major key elements of penetration testing: informationgathering, scanning, enumeration, exploitation and reporting. It covers real-timescenarios to train students in standard penetration testing methodologies.ŸAdvanced and latest techniques covered. ŸA premier international certi cation of CPTE.ŸMaster report writing.ŸIndustry accepted comprehensive pentesting standards.ŸSecurity auditing techniques andstandard practices.ŸDesigning security policies and procedures.ŸNew exploitation methodologies.ŸReal world scenarios and targets.ŸBoth automated and manual techniques.Ÿ24x7 lab availability to practice hackingconcepts.www.pristineinfosolutions.com6

CPTECOURSE CONTENTDuration: 80 hoursŸŸŸŸŸŸŸŸŸŸŸŸŸŸŸŸŸ7IP & Malware - Basics:IANA, Allotment of IP AddressFoot-Printing TechniquesTypes of MalwaresWeb Basics:ICANN guidelinesRegistrar, Registry, RegistrantHosting ServersRegistrant & Hosting panelsStatic & Dynamic websiteBasic Ways to Hack:Using Google dorksFinding control panel of websiteBreaking CpanelVAPT:IntroductionVulnerability assessment tools(acunetix, dvwa, etc.)Attacks Using Local System:Windows HackingPhishingScanningSession b Foot-Printing:Advance Google dorksSub-domains scannerGathering information about target onweb appWeb Server Hacking:MetasploitUnderstanding the Msf modulesAuxiliaries, Exploits and PayloadsAttacking Windows ServicesAttacking Linux ServicesPrivilege escalation attackRooting (using local root exploit)Introduction to Assemble LanguageShellcodingBasic misconfiguration of web-server(symlink, IISspy)Ÿ Encryption / DecryptionŸ Encrypting your own backdoor shelland bypass mod securityŸŸŸŸŸŸŸŸŸŸSQL Attacks:IntroductionBlind sqliAttacks on sql serverPerforming all types of SQL InjectionattackŸ Countermeasures against sql-injectionŸ Source code analysisŸŸŸŸŸŸŸŸDifferent types of CMSidentifications:JoomlaWordpressVbulletinOther CMSŸŸŸŸŸŸŸŸWeb Application Hacking:Attack on CMSRemote Code executionFile upload vulnerabilitySql-injectionBruteforce attacks on web applicationPhishingAutomated tools (Netsparker)Working with Proxy – Burp suiteWi-Fi Attacks:IntroductionWEP and WPA attacksCreating wordlist for effective WPA2crackingŸ Security measuresŸŸŸŸŸŸŸŸŸŸLan Penetration Testing:Client side exploitMITM attackSniffing attacks (http, https)Trojans and backdoorsAutomated DiscoveryScanners (Nessus)NmapŸŸŸŸŸŸŸŸHacking Unix/Linux:Password CrackingKernelProcessesAccounts and GroupsPassword & Shadow File FormatsLinux and UNIX PermissionsPassword & Shadow File FormatsSUID Files CountermeasureŸOWASP:InjectionBroken Authentication and SessionManagementCross-Site Scripting (XSS)Insecure Direct Object ReferencesSecurity MisconfigurationSensitive Data ExposureMissing Function Level Access ControlCross-Site Request Forgery (CSRF)Using Components with KnownVulnerabilitiesUn-validated Redirects and ForwardsŸŸŸŸVAPT Reporting:Legal approval and steps to followWay to reportFormatting and guidelinesCase studyŸŸŸŸŸŸŸŸŸCyber Law and Consulting:What is Cyber LawCyber SpaceProblems in Cyber LawTypes of CrimesIT Act, 2000CERT-IND & AOTrademark & Copyright InfringementCentral Acts & State ActsExtraditionAbettorUniform Domain Dispute ResolutionsPolicyŸ Case ns.com8

CPTECPTEPENETRATION TESTER AS A CAREERCyber Attacks vs Demand for IT Security2014JOB PROFILE20132012The penetration testerfrequently works as a part ofan information technology (IT)or cyber security team.2011201020090The kinds of jobs available arethat of Network SecurityEngineer, System SecurityManager, IT Security Auditor, ITSecurity Of cers, NetworkSecurity Administrator, WebSecurity Administrator, WebSecurity Manager, NetworkSecurity Consultant, etc.102030405060708090100IT Security demand in the MarketCyber AttacksIT Security Professionals vs IT Professionals Jobs201420132012201120102009010203040IT Security JobsAs malicious computer attackers ampup the number and magnitude of theirbreaches, the information securityindustry needs an enormous amount ofhelp in proactively nding and resolvingvulnerabilities. Penetration testers whoare able to identify aws, understandthem, and demonstrate their businessimpact through careful exploitation arean important piece of the defensivepuzzle. There is massive demand forpeople who understand how to breakinto applications and how to suggest xes for the discovered issues.9www.pristineinfosolutions.comAll in all, being a Penetration Tester, isan excellent, well-paid and importantlyis an in-demand career and profession!If you are interested in a career ininformation security then go for it –especially if you are just starting yourprofessional life. If you already work inIT then rotating into the InfoSec spaceis likely very achievable. In fact, themajority of our students are ‘mature’ inthe sense that they have been workingfor at least 10/ 15 years in IT.COURSE SPECIFICATIONS Duration80 HoursBatchesRegular /WeekendsFees35000 /-5060708090100IT Professionals JobsUnlike others, CPTEprogram providesstandard-based,methodologicaltraining designed toprepare students forreal-time penetrationtesting and auditingassignments.Includes- Service Tax, Training, Online Examination,Study Material and Toolkit.www.pristineinfosolutions.com10