CompTIA PenTest+


Start your prep for the PT0-001 exam with the CompTIA PenTest+ PT0-001 Study Guide. The lab simulates real-world, hardware, software, and command-line interface environments and can be mapped to any text-book, course, or training. 

The Penetration Testing course covers the PT0-001 exam objectives and helps you to gain skills on topics of penetration testing such as planning and scoping a penetration testing assessment, exploiting wired and wireless networks, performing post-exploitation techniques, and more.

 Here’s what you will get: Lessons | Test Prep | Lab


Here’s what’s included


The CompTIA PenTest+ certification is an intermediate-level certification that validates the candidates’ knowledge and skills in planning, reporting, and scoping an assessment, comprehending legal and compliance requirements, executing penetration testing and vulnerability scanning, interpreting data, and adequately reporting the results. The PenTest+ PT0-001 exam evaluates the latest penetration testing, vulnerability assessment, and management skills essential to determine the resiliency of the system against assaults.


UK apprenticeship


12+ Lessons

221+ Quizzes

112+ Flashcards

112+ Glossary of terms

UK apprenticeship

Test Prep

84+ Pre Assessment Questions

2+ Full-Length Tests

85+ Post Assessment Questions

167+ Practice Test Questions


Video Lessons

192+ Videos

7HR 26+ Minutes

UK apprenticeship


62+ Performance Lab


What you will learn

  • Introduction
  • Understanding Ethical Hacking and Penetration Testing
  • Understanding the Current Threat Landscape
  • Exploring Penetration Testing Methodologies
  • Building Your Own Lab
  • Review All Key Topics
  • Explaining the Importance of the Planning and Preparation Phase
  • Understanding the Legal Concepts of Penetration Testing
  • Learning How to Scope a Penetration Testing Engagement Properly
  • Learning the Key Aspects of Compliance-Based Assessments
  • Review All Key Topics
  • Understanding Information Gathering and Reconnaissance
  • Understanding the Art of Performing Vulnerability Scans
  • Understanding How to Analyse Vulnerability Scan Results
  • Review All Key Topics
  • Understanding Social Engineering Attacks
  • Phishing
  • Pharming
  • Malvertising
  • Spear Phishing
  • SMS Phishing
  • Voice Phishing
  • Whaling
  • Elicitation, Interrogation, and Impersonation (Pretexting)
  • Social Engineering Motivation Techniques
  • Shoulder Surfing
  • USB Key Drop and Social Engineering
  • Review All Key Topics
  • Exploiting Network-Based Vulnerabilities
  • Exploiting Wireless and RF-Based Attacks and Vulnerabilities
  • Review All Key Topics
  • Overview of Web Applications for Security Professionals
  • How to Build Your Own Web Application Lab
  • Understanding Injection-Based Vulnerabilities
  • Exploiting Authentication-Based Vulnerabilities
  • Exploiting Authorization-Based Vulnerabilities
  • Understanding Cross-Site Scripting (XSS) Vulnerabilities
  • Understanding Cross-Site Request Forgery Attacks
  • Understanding Clickjacking
  • Exploiting Security Misconfigurations
  • Exploiting File Inclusion Vulnerabilities
  • Exploiting Insecure Code Practices
  • Review All Key Topics
  • Exploiting Local Host Vulnerabilities
  • Understanding Physical Security Attacks
  • Review All Key Topics
  • Maintaining Persistence After Compromising a System
  • Understanding How to Perform Lateral Movement
  • Understanding How to Cover Your Tracks and Clean Up Systems After a Penetration Testing Engagement
  • Review All Key Topics
  • Understanding the Different Use Cases of Penetration Testing Tools and How to Analyze Their Output
  • Leveraging Bash, Python, Ruby, and PowerShell in Penetration Testing Engagements
  • Review All Key Topics
  • Explaining Post-Engagement Activities
  • Surveying Report Writing Best Practices
  • Understanding Report Handling and Communications Best Practices
  • Review All Key Topics

Hands on activities

  • Fill in the blanks by selecting the appropriate types of assessments from the lists.
  • Fill in the blanks by dragging the appropriate teams from the bottom onto their correct boxes
  • Using DNSRecon
  • Performing Nmap SYN Scan
  • Performing Nmap UDP Scan
  • Performing Nmap FIN Scan
  • Using Nmap for Host Enumeration
  • Using Nmap for User Enumeration
  • Using Nmap for Group Enumeration
  • Using Nmap to Perform recon
  • Using Nmap for Web Application Enumeration
  • Using Nmap for Network Enumeration
  • Performing Domain Enumeration
  • Using DNSdumpster
  • Using Recon-ng
  • Performing Zone Transfer Using dig
  • Performing Automated Vulnerability Scanning
  • Using the SET Tool
  • Exploiting SMB
  • Exploiting SNMP
  • Exploiting SMTP
  • Understanding the Pass-the-hash Attack
  • Using Searchsploit
  • Performing ARP Spoofing
  • Performing the Man-in-the-Middle Attack
  • Performing DHCP Starvation Attack
  • Understanding MAC Bypass
  • Simulating DDoS Attack
  • Using the EternalBlue Exploit in Metasploit
  • Exploiting SQL Injection Vulnerabilities
  • Exploiting Blind SQL Injection Vulnerabilities
  • Exploit PHP Object Injection
  • Exploiting the Stored (Persistent) XSS Attack
  • Exploiting the DOM-Based XSS Attack
  • Exploiting the Reflected XSS Attack
  • Exploiting the Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Exploiting Command Injection Vulnerabilities
  • Understanding Credential based Brute-force Attack
  • Performing Session Hijacking
  • Exploiting Local File Inclusion Vulnerabilities
  • Exploiting Remote File Inclusion Vulnerabilities
  • Understanding SUID or SGID and Unix Program
  • Understanding Local Privilege Escalation
  • Exploiting SAM Database
  • Using Apktool to Decode and Analyze apk File
  • Creating Reverse and Bind Shells using Netcat
  • Using the Metasploit RDP Post-Exploitation Module
  • Using Nslookup for Passive Reconnaissance
  • Using Dig for Passive Reconnaissance
  • Using ExifTool
  • Using the theHarvester Tool to Gather Information about a Victim
  • Using Nikto
  • Using Burp and the OWASP ZAP Attack Proxy
  • Using meterpreter
  • Using Bash for Penetration Testing
  • Using Python for Penetration Testing
  • Using PowerShell for Penetration Testing
  • Using Maltego
  • Using Zenmap
  • Using OpenVAS
  • Using the Dradis Framework CE on Kali Linux
  • Studying the Communication Plan and the Main Elements of a Pen Test Report

Frequently Asked Questions

Where do I take the exam?

What is the format of the exam?

Multiple choice questions (single and multiple response), drag and drops and performance-based

How many questions are asked in the exam?

The exam contains 85 questions

What is the duration of the exam?

165 minutes

What is the passing score?

Core 1: 220-1001: 675

Core 2: 220-1002: 700

(on a scale out of 900)

What is the exam's retake policy?

Here are the retake policies:

In the event that you fail your first attempt at passing the A+ examination, CompTIA’s retake policies are:

  1. CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
  2. If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  3. A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  4. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.

What is the exam's registration fee?


What are the career opportunities after passing this exam?

Penetration Tester

Vulnerability Tester

Vulnerability Assessment Analyst

What is the validity of the certification?

CompTIA PenTest+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA’s Continuing Education Program.