CREST CPSA & CRT Training - 10 Day Online Penetration Testing Course

  • Delivered virtually on Teams
  • Tutorial & CTF Driven
  • Designed for both the CPSA & CRT exams
  • Taught by experienced and certified CRT testers
  • 4 Weeks access to CREST CRT labs

£3,450.00 + VAT

4 in stock

At a glance

9 Days

Duration

Online Classroom

Method

4th - 13th May

Date

Our Course

Our course is designed, as closely as we can, to give you the experience needed to pass the CRT practical exam. The vulnerabilities, exploit and deployment methods can be paralleled with those of the exam, and with a mix of both internal infrastructure and web application vulnerabilities.

All our trainers have extensive experience delivering cybersecurity courses in top UK universities, as well as performing penetration testing as their core job role in Samurai. The mix of academic teaching and real-world experience with CREST accredited penetration testers gives us the ability to get you through these CREST exams successfully.

What people say about our training

Course leaders

Neil Richardson

Technical Director

Neil has worked as an academic teaching web application, mobile and infrastructure penetration testing at several universities around the UK for 7 years before co-founding Samurai. Since, he has spent 4 years leading a talented team of CREST registered penetration testers.

Ali Malik

Cyber Security Consultant

Ali has over 7 years’ experience in CRT penetration testing, secure web application development using C#, Java, JSP, PHP and Python. This gives him a unique understanding of the security of web applications and the different ways of exploitation.

Structure

  • Domain Name Server (DNS)
  • Interpreting Tool Output
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • File System Permissions
  • Management Protocols
  • Networking Protocols
  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Vulnerabilities
  • Common Windows Applications
  • User enumeration
  • Unix vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH
  • Web Server Operation
  • Web Servers & their Flaws
  • Web Protocols
  • Web Application Servers
  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation
  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity

Description

CPSA 5 Days

The CPSA is the first exam in CREST’s penetration testing pathway. It covers the core knowledge and skills needed to assess common network services and operating systems.

The course covers:

  • Core Technical Skills – OS fingerprinting, cryptography and network mapping
  • Information Gathering & Open Source – Google Hacking and DNS checks
  • Networking Equipment – configuration analysis and networking protocols
  • Windows and Unix Security Assessments – common vulnerabilities and patch management
  • Web Testing Techniques – fuzzing, CRLF and Session ID attacks

 

CRT 5 Days

On Samurai’s intensive CREST Registered Tester (CRT) course, you will be immersed in the knowledge, tools and techniques obtained by our penetration testers and university academics through their years of industry and teaching experience. All of Samurai’s instructors hold CREST CRT, giving them an in-depth understanding of what is required to pass this demanding exam first time.

This is a five day live online course which prepares you for the CREST Register Tester (CRT) exams. Training is provided by practising penetration testers who are CRT certified. All our trainers have extensive experience delivering cybersecurity courses in top UK universities, as well as performing penetration testing as their core job role in Samurai. The mix of academic teaching and real-world experience with CREST accredited penetration testers gives us the ability to get you through these CREST exams successfully.

Our purpose-built testing virtual environment

Included in the course is 4 weeks of access to our purpose-built penetration testing environment.  This has been designed, as closely as we can, to replicate the experience you will get when taking the CRT practical exam.  The vulnerabilities, exploits and deployment methods can be paralleled with those of the exam, and with a mix of both internal infrastructure and web application vulnerabilities, we have the bases covered.  In addition, we are constantly adding and updating the environment with new machines and vulnerabilities to allow your testing prowess to progress beyond CRT.

Pre-requisites

A basic understanding of computer networking and TCP/IP is required, for example how IP addressing and subnet masks work and how network ports and services operate.  Moderate experience of the Linux command line is expected also.  If you intend to take the CRT exam, you will need to pass CPSA first, however, this is not a prerequisite for this course.

About the exam

The CREST Registered Tester exam is a practical assessment, where you will be expected to find vulnerabilities across network, application and database technologies. The exam is designed to test your theoretical and practical knowledge of penetration testing methodology and skills against networks, hosts and applications. Passing the CRT exam also means you can act as a CHECK team member as part of a CHECK accredited penetration testing company, hugely increasing your employability.

Typically CRT has a high failure rate, not just because of its difficultly, but because the exam time is brief.  You will not have time to frequently look up command syntax, or refer to the documentation to determine the correct tools to answer each question. The commands, tools, syntax, switches and options need to be very familiar to you, so you can determine the answers quickly and the first time.  Once you get behind in the exam, it is hard to get back on track. This is why our Samurai Dojo (a custom-built penetration testing environment) is crucial; it is created to simulate the environment you be using in the exam. We recommend at least 75hrs working in the environment, completing all the tutorials several times while moving from machine to machine, hacking and exploiting ALL the vulnerabilities until it becomes habitual.

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

This course consists of nine modules:

1 – Core Technical Skills
2 – Background Information Gathering & Open Source
3 – Networking Equipment
4 – Microsoft Windows Security Assessment
5 – Unix Security Assessment – Web Technologies
7 – Web Testing Techniques
8 – Databases
9 – Preparation for the CRT exam