Track 05 · Corporate Training
Vulnerability Assessment and Penetration Testing
Develop teams who can scope, execute and report professional assessments and penetration tests.
10 Modules
50–60 Hours
Instructor-Led / Virtual / Hybrid
Overview
A practical offensive-testing track that develops the full VAPT workflow — from scoping and reconnaissance through web, API, infrastructure and Active Directory testing to evidence handling and reporting, ending in a controlled corporate-style assessment.
01
VAPT Fundamentals
Assessment lifecycle, scoping, rules of engagement and reporting
3 Hours
02
Reconnaissance
Passive and active information gathering
4 Hours
03
Network Scanning
Port scanning, service identification and network enumeration
4 Hours
04
Vulnerability Assessment
Scanner usage, validation, prioritisation and false-positive analysis
5 Hours
05
Web Application Testing
Authentication, access control, injection, session and business-logic testing
8 Hours
06
API Penetration Testing
Endpoint discovery, token testing, object-level access control and data validation
6 Hours
07
Infrastructure Penetration Testing
Service exploitation, misconfigurations, lateral movement and privilege escalation
8 Hours
08
Active Directory Security Testing
Domain enumeration, authentication attacks, privilege paths and defensive validation
8 Hours
09
Evidence and Reporting
Findings, severity, impact, reproduction steps and remediation guidance
4 Hours
10
Practical Assessment
Controlled corporate-style penetration-testing exercise
6 Hours
Delivery Formats
Instructor-Led ClassroomVirtual Instructor-LedHybrid TrainingWorkshop-BasedLaboratory-BasedExecutive BriefingTabletop ExerciseBootcampTrain-the-TrainerCustom Corporate Programme