Certified Penetration Testing Expert
 /  Certified Penetration Testing Expert
Certified Penetration Testing Expert

Certified Penetration Testing Expert(CPTE): It is the only comprehensive penetration testing training program in India which covers all aspects of defence as well as attacks and prepare security professionals to analyze the security posture of a network and recommend corrective measures authoritatively.

IP & Malware – Basics:

  • IANA, Allotment of IP Address
  • Foot-Printing Techniques
  • Types of Malwares

Web Basics:

  • ICANN guidelines
  • Registrar, Registry, Registrant
  • Hosting Servers
  • Registrant & Hosting panels
  • Static & Dynamic website

Basic Ways to Hack:

  • Using Google dorks
  • Finding control panel of website
  • Breaking Cpanel


  • Introduction
  • Vulnerability assessment tools (acunetix, dvwa, etc. )

Attacks Using Local System:

  • Windows Hacking
  • Phishing
  • Scanning
  • Session Hijacking

Web Foot-Printing:

  • Advance Google dorks
  • Sub-domains scanner
  • Gathering Information about target on web app

Web server Hacking:

  • Metasploit
  • Understanding the Msf modules
  • Auxiliaries, Exploits and Payloads
  • Attacking Windows Services
  • Attacking Linux Services
  • Privilege escalation attack
  • Shell Uploading
  • Introduction to Assemble Language
  • Shellcoding
  • Basic misconfiguration of web-server (IISspy)
  • Encryption/Decryption
  • Encrypting your own backdoor shell and bypass mod_security

SQL Attacks:

  • Introduction
  • Blind sqli
  • Attacks on sql server
  • Performing all types of SQL Injection attack
  • Countermeasures against sql-injection
  • Source code analysis

Different types of CMS identification:

  • Joomla
  • WordPress
  • Vbulletin
  • Other CMS

Web Application Hacking:

  • Attack on CMS
  • Remote Code execution
  • File upload vulnerability
  • Sql-injection
  • Brute force attacks on web application
  • Phishing
  • Automated tools (Netsparker)
  • Working with Proxy – Burp site

Wi-Fi Attacks:

  • Introduction
  • WEP and WPA attacks
  • Creating wordlist for effective WPA2 cracking
  • Security measures

Lan Penetration Testing:

  • Client side exploit
  • MITM attack
  • Sniffing attacks (http,https)
  • Trojans and backdoors
  • Automated Discovery
  • Scanners (Nessus)
  • Nmap

Hacking Unix/Linux:

  • Password Cracking
  • Kernel
  • Processes
  • Accounts and Groups
  • Password & Shadow File Formats
  • Linux and UNIX Permissions
  • Password & Shadow File Formats
  • SUID Files Countermeasure


  • Injection
  • Broken Authentication and Session Management
  • Cross-Site Scripting (XSS)
  • Insecure Direct Object References
  • Security Misconfiguration
  • Sensitive Data Exposure
  • Missing Function Level Access Control
  • Cross-Site Request Forgery (CRSF)
  • Using Components with known Vulnerabilities
  • Un-validated Redirects and Forwards

VAPT  Reporting:

  • Legal approval and steps to follow
  • Way to report
  • Formatting and guidelines
  • Case study

Cyber Law and Consulting:

  • What is Cyber Law
  • Cyber Space
  • Problems in Cyber Law
  • Types of Crimes
  • IT Act, 2000
  • Trademark & Copyright Infringement
  • Central Acts & State Acts
  • Extradition
  • Abettor
  • Uniform Domain Dispute Resolutions Policy
  • Case study


Related Courses


WordPress is the fastest-growing CMS. There is a reason why around one fourth of the websites on the

  • Start8th August
  • Row House 2, Leslie Villa, Barkha Bahar Co-op Society, Thakur Complex, Kandivali(E), Mumbai-400101
  • +918898681393 / +919699934589
  • admin@diplomads.com




Our mission is to empower students by providing quality study resources, educational services and valuable guidance.We want students to realize their own purpose to learn and gain the skills and the confidence required to pursue a career of their choice and excel in it.


-Ethical Hacking
-Mobile Game Development
-All Platform Mobile App Development
-Soft Skills
-Programming Languages