CompTIA PenTest+ (PT0-002)
CompTIA's PenTest+ certification is for cybersecurity professionals tasked with penetration testing and vulnerability management. This certification prep path is designed to provide you with a comprehensive overview of the concepts and skills you will need to pass the certification exam.
29
H
47
M
Intermediate
24
Learners at 96% of Fortune 1000 companies trust Cybrary
.svg){kind=small}
About this Path
CompTIA's PenTest+ certification is for intermediate-level cybersecurity professionals tasked with identifying, exploiting, reporting, and managing vulnerabilities on a network. PenTest+ is unique because it includes performance-based questions to assess your hands-on ability to perform penetration testing and vulnerability management. Earning this certification validates that you have the skills to plan and scope an assessment, understand legal and compliance requirements, and recommend effective remediation strategies.
The PenTest+ (PT0-002) exam will test your knowledge and skills across five key domains:
- Planning and Scoping: Defining the scope of an engagement, understanding rules of engagement, and adhering to compliance standards.
- Information Gathering and Vulnerability Identification: Performing reconnaissance and using scanning tools to identify network and system weaknesses.
- Attacks and Exploits: Exploiting network, wireless, application, and radio-frequency-based vulnerabilities, and performing post-exploitation techniques.
- Reporting and Communication: Compiling and delivering actionable reports and communicating findings to stakeholders.
- Tools and Code Analysis: Identifying and analyzing basic scripts and using various penetration testing tools.
Skills you'll gain
Path Outline
Collection Outline
Coming Soon
The Leadership and Management Career Path is expected to release in Q2 of 2025. Sign up now to explore our other leadership courses and content.
Start Learning for FreeLearn
Learn core concepts and get hands-on with key skills.
PenTest+: Planning and Scoping
In this CompTIA PenTest+: Planning and Scoping course, you will learn about governance, risk, and compliance concepts, scoping and organizational/customer requirements, and the ethical hacking mindset.
PenTest+: Information Gathering and Vulnerability Scanning
In this CompTIA PenTest+: Information Gathering and Vulnerability Scanning course, you will learn about active and passive reconnaissance and vulnerability scanning.
PenTest+: Attacks and Exploits
In this CompTIA PenTest+: Attacks and Exploits course, you will learn about network attacks, wireless attacks, application-based attacks, and post-exploitation techniques.
PenTest+: Reporting and Communication
In this CompTIA PenTest+: Reporting and Communication course, you will learn about the components of written reports, how to analyze findings and recommend remediation and post-report delivery activities.
PenTest+: Tools and Code Analysis
In this CompTIA PenTest+: Tools and Code Analysis course, you will learn about scripting and software development, how to analyze a script or code sample for use in a penetration test and use cases of different tools during the phases of the penetration test.
Practice
Exercise your problem-solving and creative thinking skills with security-centric puzzles
OSINT
In this hands-on lab, you will learn the basics of Open-Source Intelligence (OSINT). You will practice gathering publicly available information about a target organization's assets and people from a number of sources.
Network Reconnaissance
In this lab, you will learn the basics of performing reconnaissance and enumeration on a target network. You will practice using Masscan and Nmap to scan and enumerate a network.
Vulnerability Scanner Basics
In this hands-on lab, you will learn the basics of vulnerability scanners, including basic functionality and practical applications. You will practice configuring and analyzing scans using the OpenVAS vulnerability scanner.
Metasploit Basics
In this hands-on lab, you will learn the basics of Metasploit, a popular penetration testing tool. You will practice using some core features of Metasploit to identify and exploit vulnerabilities on a live server.
Network Sniffing
In this hands-on lab, you will learn the basics of network sniffing, including passive and active sniffing techniques. You will practice using Wireshark to sniff network traffic, and retrieve and apply actionable information from a target network.
Tunneling and Pivoting
In this hands-on lab, you will learn about tunneling and pivoting as tactics for traversing target networks. You will practice tunneling and pivoting using Metasploit and SSH Dynamic Port Forwarding.
Burp Suite Basics
In this hands-on lab, you will learn the basics of Burp Suite, a popular web application penetration testing tool. You will practice using some core features of Burp Suite to identify and exploit vulnerabilities in a web application.
Injection Attacks
In this hands-on lab, you will learn the basics of injection attacks. You will practice performing SQL injection, command injection, and XSS attacks against a vulnerable web application.
SSRF Attacks
In this hands-on lab, you will learn the basics of Server-Side Request Forgery (SSRF) Attacks. You will practice performing live SSRF attacks against a vulnerable web application.
Deserialization Attacks
In this hands-on lab, you will learn the basics of deserialization attacks. You will practice performing deserialization attacks using Python scripts and Burp Suite.
API Attacks
In this hands-on lab, you will learn the basics of API Attacks. You will practice exploiting some common API vulnerabilities in a REST-based web application.
Social Engineering Basics
In this hands-on lab, you will learn the basics of Social Engineering. You will practice using the Social Engineering Toolkit to simulate a pharming attack and create a malicious payload to be delivered via a spearphishing email.
Prove
Assess your knowledge and skills to identify areas for improvement and measure your growth
PenTest+ PT0-003
The CompTIA PenTest+ certification exam is for cybersecurity professionals tasked with penetration testing and vulnerability management. Testers will be required to demonstrate hands-on skills and knowledge to test devices in environments such as the cloud and mobile, in addition to traditional desktops and servers.
Train Your Team
Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.
Instructors
Instructors
Get Hands-on Learning
Put your skills to the test in virtual labs, challenges, and simulated environments.
Measure Your Progress
Track your skills development from lesson to lesson using the Cybrary Skills Tracker.
Connect with the Community
Connect with peers and mentors through our supportive community of cybersecurity professionals.
Success from Our Learners
Frequently Asked Questions
This certification prep path is designed for mid-to-advanced career practitioners who are interested in earning their PenTest+ certification.
This certification prep path is aligned with the PT0-002 version of PenTest+.
More information about the PenTest+ exam is available here: https://www.comptia.org/certifications/pentest
