CompTIA PenTest+
Overview
CompTIA PenTest+ (v3) is a performance-based certification that validates advanced
penetration testing, vulnerability assessment, and ethical hacking skills required in today’s
cybersecurity landscape. This updated version places greater emphasis on management skills, AI
and cloud attack techniques, and real-world exploit methodology.
The course is ideal for cybersecurity professionals tasked with identifying and exploiting vulnerabilities across network, application, cloud, and hybrid environments—while ensuring legal, ethical, and compliance obligations are met.
The course is ideal for cybersecurity professionals tasked with identifying and exploiting vulnerabilities across network, application, cloud, and hybrid environments—while ensuring legal, ethical, and compliance obligations are met.
What You’ll Learn
By the end of this course, you will be able to:
- Plan, scope, and manage penetration testing engagements with full stakeholder
alignment - Conduct passive and active reconnaissance using advanced enumeration techniques
- Identify and analyze vulnerabilities across systems, applications, and cloud environments
- Execute network, web, and host-based exploits including modern AI and cloud-based
attack vectors - Document attack paths and create professional, remediation-focused reports
- Establish post-exploitation persistence, lateral movement, and cleanup procedures
- Use tools and scripts (Python, PowerShell, Bash) to automate and modify recon and
attack stages
Prerequisites
- 2+ years of hands-on cybersecurity or penetration testing experience
- Recommended: CompTIA Security+ or equivalent knowledge
- Familiarity with Linux, scripting, and networking concepts
Course Content Outline
1. Engagement Management (13%)
- Planning & Scoping: Defining scope, testing windows, and rules of engagement
- Legal & Ethical Compliance: Authorization letters, reporting obligations, and regulatory
awareness - Communication: Stakeholder collaboration, peer review, escalation procedures
- Reporting: Drafting structured reports with executive summaries, findings, risk levels,
and recommendations
2. Reconnaissance and Enumeration (21%)
- Recon Techniques: OSINT, DNS enumeration, packet sniffing, and service discovery
- Tools: Nmap, Wireshark, Shodan, and custom scanning tools
- Script Modification: Adjusting reconnaissance scripts in Bash, PowerShell, and Python for
target-specific data gathering
3. Vulnerability Discovery and Analysis (17%)
- Scanning Techniques: Authenticated and unauthenticated scans, SAST/DAST testing
- Tools: Nessus, Nikto, OpenVAS, Burp Suite
- Analysis: Identifying real threats, troubleshooting scan results, and eliminating false
positives
4. Attacks and Exploits (35%)
- Network Exploits: VLAN hopping, MITM attacks, and exploiting network services
- Authentication Attacks: Brute force, pass-the-hash, password spraying, and credential
stuffing - Host-Based Exploits: Privilege escalation, DLL injection, and credential harvesting
- Web Application Attacks: SQL injection, XSS, command injection, and file traversal
- Cloud Attacks: Container escape, cloud metadata service abuse, IAM misconfiguration
- AI Attacks: Prompt injection and model manipulation against machine learning systems
5. Post-Exploitation and Lateral Movement (14%)
- Maintaining Access: Persistence techniques and pivoting
- Lateral Movement: Moving across hosts and subnets
- Cleanup: Artifact removal and evasion
- Documentation: Creating attack narratives and detailed remediation guidance