Define, scope, and sell the work
Use modules 001โ002 to frame pentests, lock scopes, and deliver kickoff assets the board respects.
CNWPP โ Certified Network & Website Pentesting Professional (2025 Edition)
Welcome amazing hacker to my first ever certificate - CNWPP has been developed to prove that you can hack ... and more! Through several modules, learn how CNWPP can help you lead your own pentesting team or even company!
The only certificate where I torture my students, and they thank me! Secure your CNWPP seat
โฌ350.00
Inside the 2025 CNWPP edition
- 01 - Defining a pentest 02 - The pentesting methodologies
- 03 - Network scanning and pentesting 04 + 05 - Web exploits
- 06 - Applied methodologies 07 - Scanners and tools
- 08 - The OWASP top 10 + WAFs
- Your exam: 1 hour MCQ - 1 hour verbal exam - 4 hours to make a test plan - 8 hours to hack - 24 hours to report
Why CNWPP matters in 2025
Follow the refreshed path from fundamentals to client-ready network and web operations.
Go beyond hacking
Hacking is a big part of CNWPP - but the rest matters a lot as well. Your client interactions, your documentation and everything around your pentest.
Find the strength within yourself
Our rats?! They simply thank when they fail their exam for what i taught them and they try again and succeed. Slay your demons!
Jump to the CNWPP FAQWhat's included in the CNWPP bundle
A combined course and exam package built for rats who need results fast.
Get instant access to my refreshed syllabus and an exam attempt.
- 2025 CNWPP lesson library with downloadable assets and lab briefs.
- A discord to train together and help each other
- One CNWPP exam voucher valid for 365 days plus scheduling support.
CNWPP Official Guide contents
The CNWPP programme mirrors the 2025 official guide so students can rehearse every deliverable, stakeholder touchpoint, and exploitation track before the exam. Use the outline below to jump directly into the playbooks, exercises, and report templates that matter most during certification week.
Orientation, client engagement, and reporting foundations
Start with the business layer. The guide walks you through service definitions, scope design, risk scoring, and communication habits so every engagement feels predictable for the client.
- Understand pentest stages, deliverables, and the roles on a modern engagement.
- Build secure communication cadences, meeting notes, and alignment checkpoints.
- Draft scopes, estimates, NDAs, and coverage reports that survive legal review.
- Practise report structures, evidence packaging, and live debrief facilitation.
Network penetration testing track
Build repeatable network campaigns from recon to post-exploitation. Each module pairs tooling walkthroughs with reporting checklists so you can translate shell access into client outcomes.
- Establish footholds: shells, tunnelling, and file transfer techniques under pressure.
- Automate enumeration with scanners, service fingerprinting, and version analysis.
- Exploit misconfigurations, weak credentials, and outdated services responsibly.
- Document persistence, lateral movement, and remediation guidance for infrastructure teams.
Web application penetration testing track
Expand into web application tradecraft with a focus on storytelling and remediation. Every exploit lab pairs with evidence capture, stakeholder messaging, and mitigation planning.
- Spot logic flaws, CSRF, clickjacking, and broken access controls in business context.
- Audit auth tokens, CSP policies, template engines, XXE, SSRF, and OS command exposure.
- Practice XSS and SQLi chains with repeatable payload libraries and cleanup procedures.
- Translate findings into backlog-ready remediation guidance and detection hints.
Automation tooling and scanners
Learn how to select, tune, and operationalise automation. The toolkit section explains how to blend scanners with manual validation without drowning stakeholders in noise.
- Compare leading scanners and when to deploy each against hybrid environments.
- Integrate automation outputs into reporting workflows and evidence lockers.
- Stand up out-of-band infrastructure responsibly and capture actionable telemetry.
API engagements and methodologies
Close the programme by connecting methodologies with API-specific tactics. This section ensures you can reference industry frameworks while staying grounded in practical execution.
- Refresh web and API OWASP guidance with CAPIE-aligned labs.
- Master Postman-driven engagements and evidence workflows.
- Map methodologies (OSSTMM, PTES, NIST 800-115, OWASP WSTG) to client deliverables.
- Build executive-ready roadmaps that blend standards with actionable next steps.
2025 CNWPP module domains
From orientation to exploits
Navigate the modules to master methodologies, enumeration, tooling, and client interactions.
Beat a brutal exam
Networks, websites, client interactions, documentation, ... all come together in this brutal exam that lasts 36 hours in total with the reporting phase.
Review the readiness checklistFrequently asked questions
Key details about the CNWPP journey, exams, and support.
The bundle grants lifetime access to all lesson material, labs, and live class recordings plus a CNWPP exam voucher that is valid for 365 days.
Your voucher stays active for a full year from purchase. You can pick any available exam window within those 12 months.
You gain access to the Rat community Discord, live classes, and bundled guidelines that reinforce network, web, and API tradecraft as you prep for both the theoretical and practical assessments.
CNWPP stands for Certified Network and Web App Pentesting Professional. It covers network, web, and API exploitation in a practical format with custom-built labs.
The CNWPP exam is challenging but fair. It requires hands-on exploitation across network, web, and API layers, plus structured reporting. Success demands both breadth and depth of skills.
The CNWPP certification does not expire. It is a lifetime credential, though continuous learning is encouraged.
CNWPP reviews
Hear how operators level up their network, web, and API tradecraft with CNWPP.
“I closed my first six-figure pentest after rehearsing the full client flow inside the labs.”
“CNWPP gave me the confidence to pivot from audit checklists to real adversary tradecraft.”