CREST Practitioner Security Analyst / CREST Registered Penetration Tester (CREST)


Description

ONE PACK - TWO CERTIFICATIONS

CREST Practitioner Security Analyst

The CPSA exam must be registered directly with CREST. This exam includes an intermediate level of web application security testing and methods to identify common web application security vulnerabilities. The exam covers a standard set of essential skills and knowledge that assess the candidate’s technical expertise. The candidate must demonstrate that he can perform web infrastructure tests and basic applications and interpret the results to locate vulnerabilities. This certification is a prerequisite for the CREST Registered Penetration Tester (CRT) exam.

CREST Registered Penetration Tester

The CREST Registered Tester is a practical evaluation in which the candidate is expected to find known vulnerabilities in popular networks, applications and current technologies as a database. This exam evaluates the candidate’s technical knowledge about the methodology and penetration test skills. It is necessary to have the CPSA certification as a prerequisite for the CRT exam. The candidate must pass the theoretical review of CSPA and overcome the practical element of CRT. The candidate who does not give the functional part will keep the CPSA certificate and may request again to take the CRT actual exam.

Content
  • introduction
  • Notes-CPSA-v2-1
  • Notes-CRT-v2.0
  • Syllabus-2.1
  • Training Platform
  • VPN_Configuration_Guide v 1.0
  • Laboratory_Rules.pdf
  • VPN_Settings.mp4
  • appendix A: Soft Skills and Assessment Management
  • A - Soft Skills and Assessment Management-v1.0
  • appendix b: Core Technical Skills
  • B - Core Techicals Skills-v1.1
  • The_Harvester.mp4
  • Reddit_Leaks.mp4
  • Nmap.mp4
  • Metasploit_Overview.mp4
  • Metasploit_DB.mp4
  • Metasploit-Nessus_Integration.mp4
  • Metasploit-Nmap_Integration.mp4
  • Metasploit_Commands.mp4
  • Meterpreter_Commands.mp4
  • Metasploit_Scripts.mp4
  • Wireshark_Traffic_Analysis_.mp4
  • SSH_Pivoting.mp4
  • PortForwarding.mp4
  • IPtables_Pivoting.mp4
  • appendix C: Backgound Information Gathering & Open Source
  • C - Background information Gathering _ Open Source_v1.0
  • OpenVAS_Installation.mp4
  • Nessus_Installation.mp4
  • Scanning_with_Nessus.mp4
  • Scanning_with_OpenVAS.mp4
  • DNS_Enumeration.mp4
  • AWSBucketDump_S3Scanner.mp4
  • Aquatone.mp4
  • FOFA.so.mp4
  • Internet_Archive.mp4
  • Datasploit.mp4
  • Social_Mapper.mp4
  • haveibeenpwned.com.mp4
  • Shodan.mp4
  • IPv4info.mp4
  • Pastebin.mp4
  • appendix d: Network Equipment
  • D - Networking Equipment
  • appendix e: Micorosoft Windows Security ASsessment
  • E - Microsoft Windows Security Assesment-v1.0
  • Enumerate_Service_NETBIOS Windows7.mp4
  • Enumerate_Service_RPC-Windows.mp4
  • Windows_Privilege_Escalation_Extract_Hashes.mp4
  • Dump_Hashes_AD_Console.mp4
  • PTH_Attack_Windows.mp4
  • Mimikat.mp4 sample
  • Metasploit_Incognito.mp4
  • appendix f: Unix Security Assessment
  • F - Unix Security Assesment- v1.0
  • Service_Samba.mp4
  • Service_SMTP.mp4
  • Service_SNMP.mp4
  • Service_FTP.mp4
  • Linux_Shadow.mp4
  • RPC-Portmapper-Service-Detection.mp4
  • Service_Rlogin_RSH.mp4
  • Service_NFS.mp4
  • Service_VNC.mp4
  • Service_Tomcat.mp4
  • Service_SSH.mp4
  • Linux_Privilege_Escalation.mp4
  • appendix G: Web Technologies
  • G - Web Technologies-v1.0
  • Maltego
  • Indetify Frameworks
  • WebDAV Attack
  • Hacking_Google
  • TomcatAttack
  • appendix H: Web Testing Methodologies
  • H - Web Testing Methodologies - v1.0
  • XPATH_Injection
  • LDAP_Injection
  • Cookie_ID_Session_ID
  • HTTP Method
  • HTML_Injection
  • Command_Execution
  • Command_Execution_SOAP
  • LFI_RFI
  • appendix i: web testing Techniques
  • I - Web Testing Techniques-v1.0
  • Burp
  • Map_Application
  • Backup Files
  • Discovery_Content
  • Default Credentials
  • External_Entity_Attacks_XXE
  • Captcha Bypass
  • Force Brute attack
  • Discovery_Inputs
  • Discovery_SQLi
  • Bypass_Login_SQLi
  • Default Credentials
  • Error_Based_SQLi
  • Blind_SQLi
  • UNION_SQLi
  • Avanced_SQLi
  • User Enumeration
  • Path-Transversal
  • Stored XSS
  • Reflected_XSS
  • Cross-Site_Request_Forgery_CSRF
  • Javascript
  • Logout
  • appendix J: Databases
  • J - Databases-v1.0
  • Service_MSSQL-2008.mp4
  • Decrypt_Hashes_Windows_MSSQL
  • Service_MYSQL.mp4
  • Service_Oracle.mp4
  • extra content
  • HTML_Cheatsheet.pdf
  • PHP_Cheatsheet.pdf
  • Quick_Reference_NMAPv6.pdf
  • PHP_Cheatsheet_NEW_.pdf
  • RedHat5_6_7_Cheatsheet.pdf
  • Javascript_Cheatsheet.png.pdf
  • SQLmap Cheatsheet v1.0-SBD.pdf
  • UnixToolBox.pdf
  • Wireshark_Display_Filters.pdf
  • Methodologies
  • OWASP_Testing_Guidev4_English.pdf
  • SIMULATION EXAMS
  • Theory Exam
  • CRT Practical Exam Autonoe 10.28.0.254
  • CRT Practical Exam Calice 10.28.0.152
  • CRT Practical Exam Chamaleon 10.28.0.156
  • CRT Practical Exam Grus 10.28.0.187
  • CRT Practical Exam Delphinus 10.28.0.167
  • CRT Practical Exam Ganimedes 10.28.0.151
  • CRT Practical Exam Circinus 10.28.0.166
  • CRT Practical Exam Yocasta 10.28.0.253
  • CRT Practical Exam Marcus 10.28.0.155
  • CRT Practical Exam Cygnus 10.28.0.159
  • CRT Practical Exam Fornax 10.28.0.163
  • CRT Practical Exam Ortosia 10.28.0.153
Completion rules
  • All units must be completed