CompTIA PenTest+ domain 5: Tools and code analysis
Pentesting tools and code analysis
Coding and code analysis is a big part of a pentester’s job. Pentesters may need to develop scripts to automate phases of the pentest and may encounter exploit code that they need to read and understand.
Domain 5 of the PenTest+ exam also covers the wide range of tools used by a pentester during an assessment. While these tools are covered in context in previous domains, a pentester also needs to know when and how to use them.
Tools and code analysis career skills
This domain of the PenTest+ exam covers a variety of widely-applicable skills. A large chunk of the domain is devoted to programming and code analysis. Writing code applies to developer roles, and blue team members share a pentester’s need to automate and analyze potentially malicious code samples.
This domain also discusses various tools that could be used while attacking an organization’s systems. Blue team members can use many of these same tools to test their own defenses. The ability to recognize particular tools or their effects can be useful for incident investigation and response.
What’s covered in PenTest+ domain 5 of the exam?
This domain of the PenTest+ exam covers the basics of coding and a long list of pentesting tools. It is one of the smaller domains in the PenTest+ exam, accounting for 16% of a candidate’s score on the test. This domain is broken up into the following three sections:
Explain the basic concepts of scripting and software development
A fundamental understanding of software development and coding is essential for a penetration tester. A pentester may need to write scripts to automate parts of the pentesting process and may need to be able to analyze code samples to learn their intended purpose and identify any vulnerabilities.
This exam section tests a candidate’s knowledge of basic software development concepts. These include:
- Logic constructs: logic constructs enable comparisons and affect the control flow. Tested concepts include loops, conditions, Boolean operators, string operators and arithmetic operators.
- Data structures: data structures are objects that allow data to be stored in a structured way. PenTest+ tests knowledge of several types of data structures, including arrays, JSON, CSV, trees and more.
- Libraries: libraries enable applications to use existing functionality and code, often written by a third party. A candidate should know how to import and use library functions.
- Classes: a class is an object that contains data and functions that run on that data. Candidates should be familiar with class structures in common languages.
- Procedures: procedures are a callable block of self-contained code. In some languages, procedures do not return values when executed.
- Functions: functions are functionally identical to procedures, and the terms are often used interchangeably. Functions do return values when called.
Given a scenario, analyze a script or code sample for use in a penetration test
A pentester may need to read or write code samples during a pentest. This could include developing automation scripts or reading existing code to understand an exploit or identify potentially exploitable vulnerabilities.
In this section, PenTest+ tests how to read and write code. The topics explored in this section include:
- Shells: this section tests a candidate’s knowledge of common shells and shell scripts, including bash and PS.
- Exploit code analysis: this section of the exam tests a candidate’s ability to analyze exploit code that was developed for different purposes. These include downloading files, launching remote access, enumerating users and enumerating assets.
- Opportunities for automation: automation is essential for speed and scalability in a pentest. This section tests knowledge of how to automate pentest steps, use scripting to modify IP addresses during a test, and how to write certain types of nmap scripts.
Explain use cases of the following tools during the phases of a penetration test
The PenTest+ examination covers a variety of different tools across its five domains. These tools are mentioned in the context where they would be used in previous domains.
In this section, PenTest+ tests if an applicant knows when to use different penetration testing tools during a pentest engagement. This includes tools from each of the following categories:
- Credential testing tools
- Web application tools
- Social engineering tools
- Remote access tools
- Networking tools
- Miscellaneous tools
- Steganography tools
- Cloud tools
For more information on the PenTest+ exam, see the full CompTIA PenTest+ (PT0-002) exam objectives.
- CompTIA PenTest+, CompTIA
- CompTIA PenTest+ Certification Exam Objectives, CompTIA
- CompTIA PenTest+: Everything you need to know about the exam, Infosec Edge