The Certified Penetration Testing Professional, or CPENT for short, redefines the standards of penetration testing skill development, delivering advanced expertise for modern enterprise environments.

EC-Council’s Certified Penetration Tester (CPENT) program provides professionals with the essential cybersecurity skills to conduct effective penetration tests in complex enterprise networks that must be attacked, exploited, evaded, and defended — skills increasingly in demand as organizations seek to secure expanding attack surfaces.

Penetration testing expertise is among the top five most critical cybersecurity skills organizations need today, as global cyber leaders prioritize advanced capabilities to defend against evolving threats. (ISACA State of Cybersecurity 2024)

If you have only worked in flat networks, CPENT’s live practice range will take your skills to the next level: testing IoT systems, OT systems, writing your own exploits, building custom tools, conducting advanced binary exploitation, double pivoting to access hidden networks, and customizing scripts/exploits to penetrate the innermost network segments.

Overview

A rigorous Pen Testing program that, unlike contemporary Pen Testing courses, the CPENT: Certified Penetration Testing Professional teaches you how to perform an effective penetration test across filtered networks.

The course requires you to Pen Test IoT systems, OT systems, builds on your ability to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and various technologies. In summary, there is no program of its kind in the world.

Explore more about cybersecurity certifications with our cybersecurity training and certifications guide.

Cybersecurity is not optional. It’s Operational. Don’t wait for a breach. Build the skills. Earn the badge. Lead the defense. Explore our Top Cybersecurity Skills for Malaysia’s Digital Future campaign.

Be the reason your organization survives the next cyberattack.

Skills Covered

Advanced Windows Attacks

  • Access active directories. Power your way through network defenses using PowerShell to execute Silver and Gold Ticket and Kerberoasting.

Attacking loT Systems

  • CPENT is the 1st certification in the world to teach loT attacks

Writing Exploits: Advanced Binary Exploitation

  • Go beyond advanced application security testing techniques and experience the thrill of exploiting vulnerabilities in flawed binaries across 32- and 64-bit cot

Bypassing a Filtered Network

  • Unlike flat networks that most certifications train in, access web applications and extract data through a series of filtered networks with CENT.

Pentesting Operational Technology (OT)

  • CPENT is the world’s first pen testing certification that allows you to intercept Modbus communication protocol and communicate between PLC and its slave nodes.

Access Hidden Networks with Pivoting

  • Learn lateral movement and what it means to pivot through filtered networks.

Double Pivoting

  • If you think pivoting is hard, wait until you try double pivoting!

Privilege Escalation

  • Gain root access by mastering privilege escalation techniques

Evading Defense Mechanisms

  • We don’t just teach you to write exploits; we teach you to how to bypass protections

Attack Automation with Scripts

  • A key skill for most employers, we’ll teach you to go beyond tools!

Weaponize Your Exploits

  • Penetesting tools not enough for you? Here’s your chance to learn to build your own armory.

Write Professional Reports

  • Learn classic pen testing skills from experts.

Prerequisites

There are no pre-requisites required to attend this course.

Target Audience

  • Penetration Testers
  • Ethical Hackers
  • Information security Consultant
  • Security Testers
  • Security Analysts
  • Security Engineers
  • Network Server Administrators
  • Firewall Administrators
  • System Administrators
  • Risk Assesement Professionals

Course Curriculum

Module 1: Introduction to Penetration Testing

  • Cover the fundamentals of penetration testing, including penetration testing approaches, strategies, methodologies, techniques, and various guidelines and recommendations for penetration testing.

Module 2: Penetration Testing Scoping and Engagement

  • Learn the different stages and elements of scoping and engagement in penetration testing

Module 3: Open source Intelligence (OSINT)

  • Learn how to use techniques and tools to gather intelligence about the target from publicly available sources such as the World Wide Web (WWW), through website analysis by using tools/frameworks/scripts and so on

Module 4: Social Engineering Penetration Testing

  • Learn different social engineering techniques and perform social-engineering penetration testing on a target organization

Module 5: Network Penetration Testing – External

  • Learn how to implement a comprehensive penetration testing methodology for assessing networks from outsider’ perspectives. Learn the process attackers follow to exploit the assets using vulnerabilities from the outside of the network perimeter

Module 6: Network Penetration Testing – Internal

  • Learn how to implement a comprehensive penetration testing methodology for assessing networks from insider’s perspectives.

Module 7: Network Penetration Testing – Perimeter Devices

  • Learn how to implement a comprehensive penetration testing methodology for assessing the security of network perimeter devices, such as Firewalls, IDS, Routers and Switches

Module 8: Web Application Penetration Testing

  • Learn how to analyze we application for various vulnerabilities, including the Open Web Application Security (OWASP) Top 10, and determine the risk of exploitation

Module 9: Wireless Penetration Testing

  • Learn how to test various components of wireless networks, such as WLAN, RFID devices, and NFC technology devices

Module 10: IoT Penetration Testing

  • Understand various threats to Internet of things (IoT) networks and learn how to audit security controls for various inherent IoT risks

Module 11: OT/SCADA Penetration Testing

  • Understand OT and SCADA concepts and learn the process of testing various components of OT and SCADA networks

Module 12: Cloud Penetration Testing

  • Understand various security threats and concerns in cloud computing and learn how to perform cloud penetration testing to determine the probability of exploitation

Module 13: Binary Analysis and Exploitation

  • Understand the binary analysis methodology and reverse engineer applications to identify vulnerable applications that may lead to the exploitation of an information system

Module 14: Report Writing and Post Testing Actions

Learn how to document and analyze the results of a penetration test and recommend post-penetration test actions

Dates & Locations

Let’s make it work for you

Can’t find a date that fits? Need to train your whole team? Looking for a discount?
Speak to one of our learning experts today.

x Clear all selections

June 22, 2026 - June 26, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
Included
RM 8100

June 22, 2026 - June 26, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
Included
RM 8100

September 21, 2026 - September 25, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
Included
RM 8100

September 21, 2026 - September 25, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
Included
RM 8100

December 14, 2026 - December 18, 2026

Location: Online
Modal: VILT
Availability: TBC
Exam:
Included
RM 8100

December 14, 2026 - December 18, 2026

Location: Kuala Lumpur
Modal: ILT
Availability: TBC
Exam:
Included
RM 8100
Trainocate exam and cert

Exam & Certification

Certified Penetration Testing Professional.

The heart of the CPENT program is all about helping you master your pen testing skills by putting them to use on our live cyber ranges. The CPENT ranges were designed to be dynamic in order to give you a real-world training program, so just as targets and technology continue to change in live networks, both the CPENT practice and exam ranges will mimic this reality as our team of engineers continue to add targets and defenses throughout the CPENT course’s lifetime.

Training & Certification Guide

In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (i.e., different question banks).

Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only have academic rigor but also have “real world” applicability.

We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form.

To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

ECSS: EC-Council Certified Security Specialist

EC-Council Certified Security Specialist (ECSS) is an entry level cybersecurity certification covering the fundamental concepts of information security, computer forensics, and network security. It enables students to identify information security threats which reflect on the security posture of the organization and implement general security controls.

CEH: Certified Ethical Hacker v12

The CEH: Certified Ethical Hacker credential is the most trusted ethical hacking certification and accomplishment recommended by employers globally. It is the most desired information security certification and represents one of the fastest-growing cyber credentials required by critical infrastructure and essential service providers.

CHFI: Computer Hacking Forensic Investigator

The CHFI: Computer Hacking Forensic Investigator certification includes all the essentials of digital forensics analysis and evaluation required for today’s digital world. From identifying the footprints of a breach to collecting evidence for a prosecution, CHFI v10 walks students through every step of the process with experiential learning. This course has been tested and approved by veterans and top practitioners of the cyber forensics industry.

CND: Certified Network Defender v2

The Certified Network Defender program has been upgraded and loaded with battle-ready ammunition to help Blue Teams defend and win the war against network breaches. Individuals and corporations looking to strengthen their Network Defense Skills will find CND v2 a must-have.

Frequently Asked Questions

Speak to a Training Consultant

All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631

Preferred mode of training
Checkboxes