Introduction to Pen Testing

Contact information

For further information or to request a quotation, please contact the Professional Education Courses Unit on:

Enquiries Phone: 02 5114 5573

Enquiries Email:

In-house delivery

UNSW Canberra Professional Education Courses may be available for in-house delivery at your organisation's premises. In-house courses allow maximum attendance without the additional travel costs. Courses can be developed to suit the specific staff development and training needs of your organisation. Recommended for groups of 10 or more.

This course provides an introduction to Penetration Testing and works through the differences between Vulnerability Assessments and actual Penetration Tests. The course will take participants into the world of the attackers and the lengths they will go to gain a foothold in the networks of their victims.

Topics covered include:

  • Pre-engagement interactions
  • Reconnaissance
  • Threat Modelling
  • Vulnerability Analysis
  • Exploitation
  • Post Exploitation
  • Reporting

Learning outcomes

On completion of this course, you participants be able to:

  • Understand the different types of penetration testing and the industry standards that regulate the field.
  • Understand how penetration testers utilise common attack vectors in exploits.
  • Use software and command line tools for scanning, enumeration and exploitation.
  • Understand how web based attacks affect penetration testing workflows.
  • Understand how social engineering techniques are utilised in penetration testing strategies.

Course Information

Day 1

Pen Testing Introduction

The first section of the course gives a brief history and overview of the  purpose and different types of penetration testing. We will also discuss the goals and outcomes of penetration testing, rules of engagement that govern the field, data collection and reporting methods.


Red teaming, Vulnerability scanning, Attack cycles, Change control, Testing frameworks, Exploit techniques, Stakeholder engagement.

Day 2

Scanning and Enumeration

On day 2 we start by looking at techniques and tools used in network scanning such as ARP sweeping, DNS scanning, DNS enumeration and port scanning. We will finish off by running through several practical lab based exercises utilising Ettercap and Kali Linux.


Networking scanning, Google hacking database vulnerability scanning, Netcat, Nikto, Golismero tool, Dnswalk, Dnsrecon, Fierce Script, Thehavester.

Day 3

Exploitation Techniques

We’ll continue exploring network exploitation techniques utilising the Metasploit framework, modules and shellcode payloads. Afterwards we’ll see how the framework integrates with Postgresql database within Kali Linux. We will end the day with a lab walkthrough on MSF3 Windows System.


Metasploit framework, Ruby programming, Exploit code, Auxiliary modules, Exploit modules, Post modules, Shellcode, Listeners, Encoders, Social Engineer Toolkit.

Day 4

Website Penetration Testing

This session is designed to broaden your knowledge of web based attacks and provide a greater understanding of how dangerous and difficult they are to identify and track. You will gain hands on experience using the same tools and processes attackers follow in simulated online scenarios.


Injection attacks, Scripting attacks, Sensitive information exposure, Cross site scripting, SQLi, SQLMAP, Web scanners, directory brute force tools.

Day 5

Internal Testing & Social Engineering

The final day of the course will focus on how social engineering (SE) campaigns are formed and will introduce some of the software and methods used for these attacks. We will touch on the use of SMB Protocol, MimiKatz, Responder Python Script and Social-Engineer Toolkit.


SMB Protocol with Kali Linux, MimiKatz Post exploit tool, Responder Python Script, Browser exploitation framework.

Introduction to Pen Testing
filter Download 518.48 KB PDF
Introduction to Pen Testing

This course maps to the following NICE Framework KSAs (Knowledge, Skills & Abilities):

K0070: Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

K0161: Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).

K0177: Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

K0342: Knowledge of penetration testing principles, tools, and techniques.

K0449: Knowledge of how to extract, analyse, and use metadata.

K0565: Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

S0001: Skill in conducting vulnerability scans and recognising vulnerabilities in security systems.

S0051: Skill in the use of penetration testing tools and techniques.

S0052: Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).

S0137: Skill in conducting application vulnerability assessments.

A0001: Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.

What is the NICE Framework?

The National Initiative for Cybersecurity Education (NICE) Cyber Security Workforce Framework developed by the National Institute of Standards and Technology (NIST) establishes a taxonomy and common lexicon that describes cyber security work and job roles.

To find out more about the NICE Framework, go to:

Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.

UNSW Institute for Cyber Security is a unique, cutting-edge, interdisciplinary research and teaching centre, working to develop the next generation of cyber security experts and leaders.

The centre is based in Canberra at the Australian Defence Force Academy and provides professional, undergraduate and post graduate education in cyber security. Our air-gapped, state of the art cyber range offers a secure environment where we deliver a number of technical and highly specialised learning opportunities.

Our courses are designed to give the next generation of cyber security professionals the skill sets needed to thrive in the industry. We can also create bespoke professional education programs tailored to your organisation's needs.

Contact us at to discuss how.