CompTIA Pentest+ Course (PTO-003) | Online Penetration Testing Certification Training
The CompTIA Pentest+ Course (PTO-003) is an on-demand training program designed to equip you with the skills needed to become a certified penetration tester. This comprehensive course covers essential topics to begin your PenTester career.
Included In This Course
Closed Captions
Certificate of Completion
Are you ready to take your cybersecurity skills to the next level? Our CompTIA Pentest+ Course (PTO-003) is designed to equip you with the knowledge and hands-on experience needed to excel in penetration testing and ethical hacking. This comprehensive on-demand training covers everything from network security and web application attacks to cloud-based vulnerabilities and social engineering techniques.
The CompTIA Pentest+ Course (PTO-003) is an on-demand training program designed to equip you with the skills needed to become a certified penetration tester. This comprehensive course covers essential topics such as vulnerability assessment, network attacks, web application security, cloud-based vulnerabilities, and social engineering techniques. You’ll gain hands-on experience with industry-standard tools like Metasploit, Wireshark, and NMAP, and learn to use frameworks like MITRE ATT&CK. Whether you’re preparing for the CompTIA Pentest+ certification exam or looking to advance your cybersecurity career, this course provides the knowledge and practical skills to succeed in the field of ethical hacking and penetration testing.
Key Features of the CompTIA Pentest+ Course:
- Learn to perform vulnerability assessments and penetration tests using industry-standard tools like Metasploit, Wireshark, and NMAP.
- Master the MITRE ATT&CK framework and other penetration testing methodologies.
- Gain hands-on experience with network attacks, authentication attacks, and post-exploitation techniques.
- Prepare for the CompTIA Pentest+ (PTO-003) certification exam with real-world scenarios and practical exercises.
- Learn to secure cloud environments, wireless networks, and mobile devices from cyber threats.
Who Should Enroll?
- Aspiring penetration testers and ethical hackers.
- IT professionals looking to specialize in cybersecurity.
- Anyone preparing for the CompTIA Pentest+ certification exam.
Why Choose This Course?
- On-demand access: Learn at your own pace, anytime, anywhere.
- Hands-on labs: Practice real-world penetration testing techniques.
- Expert instruction: Learn from industry-leading cybersecurity professionals.
- Career advancement: Boost your resume with a globally recognized certification.
Enroll Now and start your journey to becoming a certified penetration tester with the CompTIA Pentest+ Course (PTO-003). Don’t miss this opportunity to advance your cybersecurity career!
Frequently Asked Questions
What is the CompTIA PenTest+ Certification?
The CompTIA PenTest+ is a cybersecurity certification that validates skills in penetration testing, vulnerability assessment, and ethical hacking. It is designed for professionals who conduct security assessments and penetration testing to identify and mitigate security risks.
Who should take the CompTIA PenTest+ exam?
The CompTIA PenTest+ certification is ideal for cybersecurity professionals such as penetration testers, security analysts, vulnerability assessment specialists, and ethical hackers who want to enhance their skills in identifying and exploiting security vulnerabilities.
What are the prerequisites for the CompTIA PenTest+ exam?
There are no mandatory prerequisites for the CompTIA PenTest+ exam, but it is recommended that candidates have Network+, Security+, or equivalent knowledge along with 3-4 years of hands-on experience in information security or penetration testing.
How much does the CompTIA PenTest+ exam cost?
As of 2025, the CompTIA PenTest+ exam costs approximately $392 USD. Prices may vary by region and discounts may be available for students, military personnel, and CompTIA members.
How long is the CompTIA PenTest+ certification valid?
The CompTIA PenTest+ certification is valid for three years from the date of passing the exam. To maintain certification, professionals must earn Continuing Education Units (CEUs) or retake the exam.
Proudly DisplayYour Achievement
Upon completion of your training, you’ll receive a personalized certificate of completion to help validate to others your new skills.
CompTIA Pentest+ PT0-003 Course Content
Module 1 - Engagement Management
- 1.1 Pre Engagement Activities
- 1.2 Collaboration and Communication Activities
- 1.3 Testing Frameworks and Methodologies
- 1.3.1 Examining MITRE ATT&CK
- 1.4 Engagement Management Review
Module 2 - Reconnaissance and Enumeration
- 2.1 Passive Reconnaissance
- 2.1.1 Google Hacking
- 2.2 Active Reconnaissance
- 2.2.1 Port Scanning and Fingerprinting
- 2.2.2 Tracing a Network Path with Traceroute
- 2.2.3 Intercepting Data with Wireshark
- 2.2.4 Web Scraping
- 2.3 Enumeration Techniques
- 2.3.1 Directory Enumeration
- 2.3.2 Email Enumeration
- 2.4 Reconnaissance and Enumeration Scripts
- 2.4.1 Using Scripts
- 2.5 Reconnaissance and Enumeration Tools
- 2.5.1 Perform OSINT with Recon ng
- 2.5.2 Adding an API Key to Recon ng
- 2.5.3 Discovering IoT with Shodan
- 2.5.4 Performing WHOIS Lookups
- 2.5.5 Performing DNS Lookups
- 2.5.6 Using NMAP Scripts
- 2.5.7 Performing OSINT with theHarvester
- 2.6 Reconnaissance and Enumeration Review
Module 3 - Vulnerability Discovery and Analysis
- 3.1 Vulnerability Discovery
- 3.1.1 Performing a Vulnerability Scan with OpenVAS
- 3.1.2 Performing Static Code Analysis
- 3.2 Reconnaissance, Scanning and Enumeration Output Analysis
- 3.3 Physical Security
- 3.3.1 Cloning an RFID Badge
- 3.3.2 Cloning NFC with Flipper Zero
- 3.4 Vulnerability Discover and Analysis Review
Module 4 - Attacks and Exploits
- 4.1 Prioritize and Prepare Attacks
- 4.2 Network Attacks
- 4.2.1 Performing an On Path Attack
- 4.2.2 Executing a Network Attack with Metasploit
- 4.2.3 Migrating Meterpreter to Another Process
- 4.2.4 Creating a Malware Dropper with Msfvenom
- 4.2.5 Using Netcat
- 4.2.6 Capturing Files with Wireshark
- 4.3 Authentication Attacks
- 4.3.1 Brute Forcing with Medusa
- 4.3.2 Pass the Hash
- 4.3.3 Password Spraying with Hydra
- 4.3.4 Pass the Token Attack
- 4.3.5 Spoofing Authentication with Responder
- 4.3.6 Cracking Linux Passwords with John the Ripper
- 4.3.7 Hashcat Password Cracking
- 4.4 Host Based Attacks
- 4.4.1 Privilege Escalation with Eternal Blue
- 4.4.2 Log Tampering
- 4.4.3 Pwn a Linux Target from Start to Finish
- 4.5 Web Application Attacks
- 4.5.1 Performing Directory Traversal
- 4.5.2 Grabbing Passwords with SQL Injection
- 4.5.3 SQLi on a Live Website Part 1
- 4.5.4 SQLi on a Live Website Part 2
- 4.5.5 Command Injection
- 4.5.6 Injecting an iFrame with Stored XSS
- 4.5.7 Busting the DOM
- 4.5.8 IDOR Abuse with Burp Suite
- 4.5.9 Web Session Hijacking
- 4.5.10 Parameter Tampering with Burp Suite
- 4.6 Cloud Based Attacks
- 4.6.1 Hacking S3 Buckets
- 4.7 Wireless Attacks
- 4.7.1 WiFi Pumpkin Evil Twin
- 4.7.2 WPA2 Crack Attack
- 4.8 Social Engineering Attacks
- 4.8.1 Phishing for Credentials
- 4.8.2 OMG Cable Baiting
- 4.9 Specialized System Attacks
- 4.9.1 Pwn a Mobile Device
- 4.10 Automated Script Attacks
- 4.11 Attacks and Exploits Review
Module 5 - Post-exploitation and Lateral Movement
- 5.1 Establishing and Maintaining Persistence
- 5.1.1 Creating a Persistent Netcat Back Door
- 5.1.2 Exfiltrating Data with a Scheduled Task
- 5.2 Lateral Movement
- 5.2.1 Preparing to Pivot
- 5.2.2 Lateral Movement through Pivoting
- 5.3 Staging and Exfiltration
- 5.3.1 Hiding Data with Steganography
- 5.3.2 Automatically Exfiltrating Data
- 5.4 Cleanup and Restoration
- 5.5 Post-Exploitation and Lateral Movement Review
Module 6 - Diliverables
- 6.1 Penetration Test Report Components
- 6.2 Report Findings and Recommendations
- 6.2.1 Examining Pentest Reports
- 6.3 Deliverables Review
- 6.4 Course Conclusion
CompTIA Pentest+ PT0-003 Course Content
Module 1 - Engagement Management
- 1.1 Pre Engagement Activities
- 1.2 Collaboration and Communication Activities
- 1.3 Testing Frameworks and Methodologies
- 1.3.1 Examining MITRE ATT&CK
- 1.4 Engagement Management Review
Module 2 - Reconnaissance and Enumeration
- 2.1 Passive Reconnaissance
- 2.1.1 Google Hacking
- 2.2 Active Reconnaissance
- 2.2.1 Port Scanning and Fingerprinting
- 2.2.2 Tracing a Network Path with Traceroute
- 2.2.3 Intercepting Data with Wireshark
- 2.2.4 Web Scraping
- 2.3 Enumeration Techniques
- 2.3.1 Directory Enumeration
- 2.3.2 Email Enumeration
- 2.4 Reconnaissance and Enumeration Scripts
- 2.4.1 Using Scripts
- 2.5 Reconnaissance and Enumeration Tools
- 2.5.1 Perform OSINT with Recon ng
- 2.5.2 Adding an API Key to Recon ng
- 2.5.3 Discovering IoT with Shodan
- 2.5.4 Performing WHOIS Lookups
- 2.5.5 Performing DNS Lookups
- 2.5.6 Using NMAP Scripts
- 2.5.7 Performing OSINT with theHarvester
- 2.6 Reconnaissance and Enumeration Review
Module 3 - Vulnerability Discovery and Analysis
- 3.1 Vulnerability Discovery
- 3.1.1 Performing a Vulnerability Scan with OpenVAS
- 3.1.2 Performing Static Code Analysis
- 3.2 Reconnaissance, Scanning and Enumeration Output Analysis
- 3.3 Physical Security
- 3.3.1 Cloning an RFID Badge
- 3.3.2 Cloning NFC with Flipper Zero
- 3.4 Vulnerability Discover and Analysis Review
Module 4 - Attacks and Exploits
- 4.1 Prioritize and Prepare Attacks
- 4.2 Network Attacks
- 4.2.1 Performing an On Path Attack
- 4.2.2 Executing a Network Attack with Metasploit
- 4.2.3 Migrating Meterpreter to Another Process
- 4.2.4 Creating a Malware Dropper with Msfvenom
- 4.2.5 Using Netcat
- 4.2.6 Capturing Files with Wireshark
- 4.3 Authentication Attacks
- 4.3.1 Brute Forcing with Medusa
- 4.3.2 Pass the Hash
- 4.3.3 Password Spraying with Hydra
- 4.3.4 Pass the Token Attack
- 4.3.5 Spoofing Authentication with Responder
- 4.3.6 Cracking Linux Passwords with John the Ripper
- 4.3.7 Hashcat Password Cracking
- 4.4 Host Based Attacks
- 4.4.1 Privilege Escalation with Eternal Blue
- 4.4.2 Log Tampering
- 4.4.3 Pwn a Linux Target from Start to Finish
- 4.5 Web Application Attacks
- 4.5.1 Performing Directory Traversal
- 4.5.2 Grabbing Passwords with SQL Injection
- 4.5.3 SQLi on a Live Website Part 1
- 4.5.4 SQLi on a Live Website Part 2
- 4.5.5 Command Injection
- 4.5.6 Injecting an iFrame with Stored XSS
- 4.5.7 Busting the DOM
- 4.5.8 IDOR Abuse with Burp Suite
- 4.5.9 Web Session Hijacking
- 4.5.10 Parameter Tampering with Burp Suite
- 4.6 Cloud Based Attacks
- 4.6.1 Hacking S3 Buckets
- 4.7 Wireless Attacks
- 4.7.1 WiFi Pumpkin Evil Twin
- 4.7.2 WPA2 Crack Attack
- 4.8 Social Engineering Attacks
- 4.8.1 Phishing for Credentials
- 4.8.2 OMG Cable Baiting
- 4.9 Specialized System Attacks
- 4.9.1 Pwn a Mobile Device
- 4.10 Automated Script Attacks
- 4.11 Attacks and Exploits Review
Module 5 - Post-exploitation and Lateral Movement
- 5.1 Establishing and Maintaining Persistence
- 5.1.1 Creating a Persistent Netcat Back Door
- 5.1.2 Exfiltrating Data with a Scheduled Task
- 5.2 Lateral Movement
- 5.2.1 Preparing to Pivot
- 5.2.2 Lateral Movement through Pivoting
- 5.3 Staging and Exfiltration
- 5.3.1 Hiding Data with Steganography
- 5.3.2 Automatically Exfiltrating Data
- 5.4 Cleanup and Restoration
- 5.5 Post-Exploitation and Lateral Movement Review
Module 6 - Diliverables
- 6.1 Penetration Test Report Components
- 6.2 Report Findings and Recommendations
- 6.2.1 Examining Pentest Reports
- 6.3 Deliverables Review
- 6.4 Course Conclusion
| 5 star | 82% | |
| 4 star | 17% | |
| 3 star | 1% | |
| 2 star | 0% | |
| 1 star | 0% |
Your Training Instructor
Chrys Thorsen is an education and technology expert who specializes in enterprise-level IT infrastructure consulting and certified training-of-trainers. In her career, she has garnered over 50 IT Certifications including CISSP, CISA, CEHv12, PenTest+, CompTIA CNVP, Cisco CCSI/CCNP, Microsoft Cloud and on-premises technologies, VMware vSphere, and many more. She has also authored 40 published certification textbooks, and over 35 full-length IT certification video courses.
When not working in the United States, Chrys spends her time abroad capacity-building IT literacy in developing nations in Sub-Saharan Africa. Her client list has included: the US Federal Government, the Republic of Zambia Ministry of Health, Cavendish University Zambia, Accenture, JP Morgan Chase, the US Centers for Disease Control and Prevention, the Elizabeth Glaser Pediatric AIDS Foundation (EGPAF), Hughes Aircraft, Microsoft, and many more.
Chrys lives by, and is fond of repeating, her professional creed:
“The only true measure of success for any project or training is results on the ground. Everything else is just noise.” “I teach what I deploy; I deploy what I teach.”
Subscribe To All-Access
Lock In $16.99 / Month Forever
Access this course and over 2,900 hours of focused IT training. Start your first month for only $1.00. Then lock in only $16.99 / month for life.
- Get Every Course
- Free Updates / New Content Added
- 2,900+ Hours of IT Training
- Price Lock Guarantee
- Games / Flashcards
- 22,000+ Practice Questions
- AI Study Buddy
- Certificates of Completion
$49.99 $16.99 Monthly
$49.00
good
Smooth delivery and easy access to LMS. Good to see that the LMS offers progress tracking. Would be great if badges were offered on completion of courses to share via Credly to future employers.