About
The Penetration Tester course is designed to enhance the knowledge, skills, and e-competencies of Information Technology and Information Security professionals, enabling them to excel in the field of penetration testing. The training program primarily focuses on preparing individuals to operate at e-CF level 2 and EQF level 4 and 5, ensuring they possess the necessary expertise to conduct penetration tests independently and proficiently.
Target group:
IT/IS professionals with advanced knowledge and skills in the domain of penetration testing.
-
Objective 1:
The program aims to create a highly skilled and specialized workforce in the cybersecurity sector. This will serve as a catalyst for business development in the fast-evolving and highly competitive landscape of cybersecurity.
-
Objective 2
The training program seeks to provide all participants with the necessary knowledge, skills, and competencies directly aligned with market demands. Simultaneously, it aims to enhance their mobility in the European Union labor market, bridging the cybersecurity skills gap effectively.
-
Objective 3
Participants will acquire the essential theoretical and technical knowledge, skills, and competencies to strategize, design, implement, and execute penetration testing activities and attack scenarios. This will enable them to assess the effectiveness of existing or planned security measures.
-
Objective 4
The program emphasizes reskilling IT and IS professionals to align with the evolving market requirements for cybersecurity experts, ensuring they possess the aptitude and expertise demanded by the industry.
-
LM0: Introduction
This module provides an overview of the Penetration Tester training program, introducing participants to the core concepts and objectives. It covers the Penetration Tester profile and highlights the market demand for professionals in this field.
-
LM0: Basic Technical Knowledge
This module focuses on establishing a foundational understanding of technical concepts. Participants will gain preliminary knowledge, explore Cyber Ranges for practical exercises, and develop an understanding of the ethical and legal aspects from a cybersecurity perspective.
-
LM1: Threat Intelligence analysis
In this module, participants will be introduced to Cyber Threat Intelligence (CTI) terms, tasks, and roles. They will explore CTI platforms and automation, as well as learn how to visualize and interpret Cyber Threat Intelligence effectively.
-
LM2: Information Systems and Network Security
This module delves into Information Systems monitoring, logging, measurement, and evaluation processes and tools. Participants will learn how to set up logging functionality, collect logs, operate Security Information and Event Management (SIEM) systems, and engage in hands-on labs.
-
LM3: Software Development and Vulnerability Assessment
Participants will acquire in-depth knowledge of software for Web Penetration and the OWASP TOP-10 vulnerabilities. This module focuses on testing for SQL Injection (SQLI) and Server-side Request Forgery (SSRF) vulnerabilities.
-
LM4: Testing and Evaluation
The final module introduces participants to network ethical hacking, covering essential tools and techniques for network cybersecurity. It explores the Cyber Kill Chain framework, equipping participants with a systematic approach to identify and mitigate security threats effectively.
Sara Ricci
Sara Ricci is a postdoctoral researcher at Brno University of Technology, Czech Republic. She accomplished her M.Sc. degree in Mathematics at University of Pisa, Italy in 2015 and her Ph.D. studies in Computer Engineering and Mathematics Security at Universitat Rovira i Virgili, Spain in 2018. Her research interests are theoretical cryptography, in particular lattice-based and elliptic curve cryptography, and data privacy and security. She is also focused on the design of new privacy-preserving cryptographic protocols and their security analyses.
– Brno University of Technology
Imre Lendak
Petros Portokalakis is an R&D Software Engineer with a strong emphasis on cybersecurity. He specializes in the technical aspects of software engineering, networking, and security. He has experience in research and operational environments, like EU-funded research projects, and enterprise-level network engineering. Petros holds an integrated master’s degree from the Technical University of Crete.
– TUC
Manos Athanatos
Manos Athanatos has more than 15 years of experience in cybersecurity and research and is a Technical Project Manager at FORTH-ICS and TUC and acting as a external cybersecurity consultant and product manager. He has been involved in more than thirty R&D projects in his career, both from the research and the product development scope. He has had the roles of the acting Project Coordinator, Scientific and Technical Coordinator, Technical Team lead and more. He has provided trainings to NATO (NMIOTC Course 19000) in ’21, ’22 and provided cybersecurity training to end users in the context of R&D projects. He is a member of the OASIS CACAO TC, TAC TC, CTI TC, FIRST.org and ENISA AHWG on SOC.
– TUC
Imre Lendak
Imre Lendak is an Associate Professor teaching data analytics tools and technologies, critical infrastructure security and distributed systems and algorithms. His main research and professional interests are industrial control system (ICS) security and security aspects of machine learning solutions. He coordinated the EU-funded Information Security Services Education in Serbia (ISSES) project in the 2017-2021 period. He was the recipient of the Balkans Cybersecurity Fellowship 2021 awarded by CRDF Global. He is a member of the Steering Committee of the European Cyber Security Challenge (ECSC) competition for top cyber security talents organized by the European Union Agency for Cybersecurity (ENISA).
– Unicom- Telecom
Pedro Adao
Pedro Adão is an Associate Professor at the Department of Computer Science and Engineering of Instituto Superior Técnico (IST), and a researcher from Instituto de Telecomunicações. He obtained his PhD degree in Mathematics in 2006 at the Technical University of Lisbon. Pedro Adão has led (and co-lead) several research projects in the areas of security, and currently coordinates the CTF team of Tecnico initiative. He is also the coach of the Portuguese Team for the European CyberSecurity Challenge (organized by ENISA), and coach of Team Europe for the International CyberSecurity Challenge 2022 and 2023.
– Instituto Superior Técnico, Universidade de Lisboa
Matthews Jose
Matthews Jose holds an engineering degree in computer science from the EPITA engineering school of Computer Science. Over the years, he has had the privilege of collaborating with Orange Labs and the RESIST team at Inria, earning his Ph.D. with a focus on real-value computation on programmable network switches. Early in his career, he worked as a network engineer, gaining invaluable experience at Tellabs and Capgemini. Presently, Matthews Jose has the pleasure of contributing to the ongoing work at University of Lorraine, France. He is actively involved in the REWIRE project, where he contributes to the development of a comprehensive cybersecurity blueprint and to the design and implementation of online courses for penetration testing. Matthews Jose’s interests lie in areas like network security, programmable dataplanes, in-network computing, and in-network AI. He remains committed to advancing the fields of cyber security and networking, driven by his passion for making impactful contributions.