QA is proud to be the UK official partner with Offensive Security.
Cracking the Perimeter (CTP) is the next step for penetration testers who have completed PWK. This online, self-paced ethical hacking course is among the most challenging available.
This is the 30 day access product, www.qa.com/qaosce60 is the 60 day access product.
CTP teaches exploit development. Students learn how to identify advanced vulnerabilities and misconfigurations in various operating systems, then execute organized attacks.
This course is designed for experienced penetration testers and seasoned, hardcore security professionals. To register, you will need to complete a skills test.
- Materials include:
- 3.5 hours of video
- 145-page course guide
- Access to virtual lab environment
- Active student forums
- Course includes a 48-hour exam
Cracking the Perimeter is an advanced course and requires prior knowledge of Windows exploitation techniques. You should be comfortable in OllyDbg and understand concepts such as shellcode encoding, use of the Metasploit Framework, and Linux.
We recommend a minimum of 4 GB of RAM installed with at least a dual-core CPU and 20 GB of free hard drive space.
- Debugging Windows binaries
- Working through encoding issues and space restrictions while crafting exploits
- Understanding PE structure to learn techniques that backdoor executables and bypass AV
- Familiarity with more advanced protections like ASLR
- Using creative and lateral thinking to achieve expanded view of standard vectors
- Thinking outside the box to determine innovative ways of penetrating internal networks
Like other Offensive Security courses, CTP combines traditional course materials teaching advanced penetration testing skills with hands-on, practice within a virtual lab environment. The course covers the following topics in detail.
- The Web Application Angle
- Cross Site Scripting Attacks – Scenario #1
- Real World Scenario
- Directory traversal – Scenario #2
- Real World Scenario
- The Backdoor angle
- Backdooring PE files under Windows Vista
- Advanced Exploitation Techniques
- MS07-017 – Dealing with Vista
- Cracking the Egghunter
- The 0Day angle
- Windows TFTP Server – Case study #1
- HP Openview NNM – Case study #2
- The Networking Angle – Attacking the Infrastructure
- Bypassing Cisco Access Lists using Spoofed SNMP Requests
- GRE Route-Map Kung Fu
- Sniffing Remote Traffic via GRE tunnel
- Compromised Router Config
Students who complete the course and pass the exam earn the Offensive Security Certified Expert (OSCE) certification.
OSCE is an advanced penetration testing certification focusing on exploit development. We recommend going for this cert after attaining your OSCP and pursuing further pentesting experience.
Once you’ve reviewed the course material, completed the exercises in CTP, and practiced your skills in the lab, you’re ready to take the certification exam.
The OSCE exam has a 48-hour time limit and consists of a hands-on penetration test in our isolated VPN exam network. The network contains varying configurations and operating systems. Points are awarded for each compromised host, based on their difficulty and level of access obtained.
You must submit a comprehensive test report as part of the exam. It should contain in-depth notes and screenshots detailing your findings.