Certified Penetration Testing Professional (CPENT)

Section 01

01. At a Glance

About the course

CPENT is EC-Council's flagship offensive certification — fully practical, with a 24-hour exam against a real corporate network. Macksofy's CPENT bootcamp is led by LPT-certified instructors with bug-bounty backgrounds.

Section 02

02. Who Is This Course For

• Penetration testers
• Red team operators
• Bug bounty hunters

Prerequisites

• CEH or equivalent hands-on experience
• Comfort with Kali Linux + scripting

Section 03

03. What You Will Be Able To Do

• Pivot through segmented networks with VPN tunneling
• Exploit IoT, OT and binary-level vulnerabilities
• Write working binary exploits and bypass DEP/ASLR
• Earn CPENT (and LPT Master at 90%+)

Section 04

04. Curriculum — 15 Modules

Module structure and topic coverage authored by Macksofy Technologies based on the publicly-published vendor syllabus, current as of the issue date of this brochure. Vendor reserves the right to revise content; Macksofy keeps cohort material aligned to the latest release.

1. Module 01

   Module 01 · Introduction to Penetration Testing & Methodologies

   3 topics
   • PTES, OSSTMM, NIST SP 800-115
   • Pen-test vs vulnerability assessment
   • Engagement types — black/grey/white-box
2. Module 02

   Module 02 · Penetration Testing Scoping and Engagement

   3 topics
   • Scoping & rules of engagement
   • Legal & contractual framework
   • Reporting workflow & client communication
3. Module 03

   Module 03 · Open-Source Intelligence (OSINT)

   4 topics
   • Domain & IP intelligence (whois, ASN)
   • OSINT tools — theHarvester, Maltego, Shodan, Censys
   • People & social-media OSINT
   • Dark-web reconnaissance
4. Module 04

   Module 04 · Social Engineering Penetration Testing

   4 topics
   • Phishing & spear-phishing campaigns (GoPhish)
   • Vishing & smishing
   • Physical social engineering
   • Pretext development
5. Module 05

   Module 05 · Network Penetration Testing — External

   3 topics
   • External recon & enumeration
   • Public-facing service exploitation
   • Initial access & VPN compromise
6. Module 06

   Module 06 · Network Penetration Testing — Internal

   4 topics
   • Internal recon & enumeration
   • Active Directory exploitation (BloodHound, Mimikatz, Rubeus)
   • Lateral movement (PsExec, WMI, WinRM)
   • Pivoting (Chisel, ligolo-ng, sshuttle)
7. Module 07

   Module 07 · Network Penetration Testing — Perimeter Devices

   3 topics
   • Firewall, IDS/IPS testing
   • Router & switch exploitation
   • Bypassing network access control
8. Module 08

   Module 08 · Web Application Penetration Testing

   4 topics
   • OWASP Top 10 & API Top 10
   • Authentication & session attacks
   • Server-side template injection, deserialization
   • Burp Suite Pro mastery
9. Module 09

   Module 09 · Wireless Penetration Testing

   3 topics
   • 802.11 frame analysis
   • WPA2 / WPA3 cracking (Aircrack-ng, Hashcat)
   • Evil twin, KARMA, enterprise EAP
10. Module 10

    Module 10 · IoT Penetration Testing

    4 topics
    • IoT firmware extraction (binwalk)
    • Hardware interfaces — UART, JTAG, SWD
    • BLE, ZigBee, LoRa attacks
    • Companion mobile-app testing
11. Module 11

    Module 11 · OT / SCADA Penetration Testing

    4 topics
    • IEC 62443 introduction
    • Modbus, DNP3, S7 protocol attacks
    • PLC / HMI exploitation in lab
    • Safe testing methodology for production OT
12. Module 12

    Module 12 · Cloud Penetration Testing

    4 topics
    • AWS / Azure / GCP attack chains
    • IAM privilege escalation (Pacu, ScoutSuite)
    • S3 / Blob / GCS misconfiguration
    • Container & K8s RBAC abuse
13. Module 13

    Module 13 · Binary Analysis and Exploitation

    4 topics
    • x86 / x64 assembly fundamentals
    • Stack overflow exploitation
    • Bypassing DEP/ASLR with ROP
    • Custom shellcode creation
14. Module 14

    Module 14 · Report Writing and Post-Testing Actions

    4 topics
    • Executive + technical reporting
    • CVSS 3.1 scoring rationale
    • Remediation guidance & retest workflow
    • 24-hour exam playbook (LPT Master path at 90%+)
15. Module 15

    Capstone · 24-hour CPENT mock (Macksofy)

    3 topics
    • Full-scope mock exam in Macksofy lab
    • Live mentor feedback
    • Report deliverable per OffSec/EC-Council standards

Section 05

05. Tools You Will Operate

Section 06

06. Career Outcomes

Section 07

07. Placement Support

Macksofy's placement desk works directly with 80+ hiring partners across India and the UAE. Resume coaching, mock interviews and direct intros included.

• 1:1 resume + LinkedIn rewrite with our hiring desk
• Mock interviews with active practitioners
• Direct intros to BFSI, fintech and Big-4 partners
• UAE placement support (Dubai, Abu Dhabi)

Section 08

08. Why Macksofy

• Vendor-true delivery — Macksofy is an EC-Council Accredited Training Center (ATC) delivering practitioner-led bootcamps with exam-prep support.
• Practitioner-led delivery — every Macksofy instructor is a working OSCP / OSWE / OSEP / CISA-certified consultant on real client engagements during the week.
• Mentor support until you pass — extended access to mentor office hours and exam-day prep at no additional cost.
• Placement desk — Macksofy works with 80+ hiring partners across India and the UAE; your post-course resume, portfolio review and mock interviews are included.
• Indian classroom + online cohorts — onsite delivery in Mumbai BKC and Hyderabad HITEC City; live virtual cohorts pan-India with recordings.

Section 09

09. How to Enrol

1. Submit the enquiry form at macksofy.com/contact or call +91 99308 24239.
2. A Macksofy advisor will respond within 4 business hours with the next batch dates, payment terms and invoice.
3. Confirm enrolment via NEFT / RTGS / corporate card. EMI options available for select courses.
4. Receive welcome kit, lab credentials and the cohort calendar within 24 hours of confirmation.