Bukan sertifikat kehadiran, bukan sertifikat completion, tapi sertifikat professional. Buktikan kemampuan Anda dengan ujian nyata. Tanpa pilihan ganda. Tanpa teori kosong. 100% hands-on exam.

Apa itu CPES?

CPES (Certified Privilege Escalation Specialist) adalah sertifikasi profesional tingkat lanjut yang menguji kemampuan eskalasi hak akses di lingkungan Linux, Windows, dan Active Directory melalui skenario serangan dunia nyata.

Attack chain: Web Exploitation→ Initial Access → Linux Privilege Escalation → Windows Privilege Escalation → Domain Compromise → Cross-Domain Attack → Parent Domain Takeover.

Dibangun dan didukung di atas infrastruktur AWS (Amazon Web Services), CPES menghadirkan pengalaman ujian yang realistis, stabil, dan enterprise-grade.

VALUE PROPOSITION

1. 100% Hands-On Exam: Tidak ada soal pilihan ganda. Semua peserta diuji dengan serangan nyata di lab private.
2. Real Attack Chain: Web Exploitation→ Initial Access → Linux Privilege Escalation → Windows Privilege Escalation → Domain Compromise → Cross-Domain Attack → Parent Domain Takeover.
3. Diakui Industri: Sertifikat berbasis kompetensi yang dapat dibuktikan melalui laporan dan bukti POC.

APA YANG AKAN ANDA KUASAI

Linux Privilege Escalation

Cron job abuse, writable directory exploitation, SUID/SGID analysis, misconfiguration exploit.

Windows Privilege Escalation

Scheduled Task abuse, service misconfiguration, registry exploitation, file permission abuse.

Credential Dumping & Extraction

SAM/NTDS dumping, secretsdump, hash extraction, credential reuse.

Active Directory Enumeration & Exploitation

LDAP enumeration, trust relationship analysis, Kerberoasting, AS-REP Roasting, BloodHound analysis.

Cross-Domain Escalation (Expert)

Golden Ticket attack, SID History abuse (ExtraSID), Parent-Child trust exploitation, Enterprise Admin takeover.

Professional Reporting

Template lengkap + requirement laporan POC untuk nilai kelulusan.

FORMAT UJIAN

Durasi Lab: 24 Jam
Durasi Laporan: 24 Jam
Tipe: Private Lab (Spawn per peserta)
Level: Intermediate – Advanced
Target Audience: Red Team / Penetration Tester
Metode Penilaian: Flag + Laporan Teknis

Flow Ujian:

1. Web Exploitation
2. Initial Access
3. Linux Privilege Escalation (Low Privilege → Root)
4. Credential Discovery & Enumeration
5. Windows Privilege Escalation (Domain User → Local Admin)
6. Domain Credential Dumping
7. Active Directory Enumeration
8. Cross-Domain Attack (Golden Ticket + ExtraSID)
9. Parent Domain Takeover
10. Capture Flag: cpes.txt

Setiap peserta mendapatkan lab environment yang terisolasi dan bersih.

SYLLABUS RINGKAS

• Reconnaissance & Enumeration
• Linux Privilege Escalation Deep Dive
• Windows Privilege Escalation
• Active Directory Enumeration
• Credential Dumping Techniques
• Kerberos Attack (Golden Ticket, ExtraSID)
• Trust Relationship Exploitation
• Cross-Domain Attack
• Reporting & Remediation

PERSIAPAN SKILL

Sebelum mengambil CPES, peserta direkomendasikan memiliki pemahaman tentang:

• Linux command line & bash scripting
• Windows command line & PowerShell basics
• Active Directory fundamentals
• Network fundamentals (TCP/IP, DNS, SMB)
• Basic penetration testing methodology

HARGA SERTIFIKASI

CPES VS PROFESSIONAL CERTIFICATION LAINNYA

FITUR	CPES	CRTP	CRTE
HARGA	Rp. 1.499.000	Rp. 4.200.000	Rp. 5.000.000
Linux Privilege Escalation	✅	❌	❌
Windows Privilege Escalation	✅	✅	✅
Kerberoasting	✅	✅	✅
Golden Ticket	✅	✅	✅
Cross-Domain Attack	✅	❌	✅
ExtraSID / SID History	✅	❌	✅
Forest Trust Abuse	✅	❌	✅
Report Required	✅	✅	✅
2x Attempt Included	✅	❌	❌
Materi Included	✅	✅	✅

FAQ

Buktikan skill Anda dalam ujian praktikal 24 jam. Tidak ada jalan pintas. Hanya skill yang berbicara.

REFERENSI CPES

Linux Privilege Escalation

• GTFOBins: https://gtfobins.github.io/
• PayloadsAllTheThings: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md

Network Discovery

• Nmap Official Documentation: https://nmap.org/book/man.html
• ldapsearch Man Page: https://linux.die.net/man/1/ldapsearch

Windows Privilege Escalation

• PayloadsAllTheThings: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
• smbclient Documentation: https://www.samba.org/samba/docs/current/man-html/smbclient.1.html

Credential Dumping

• Impacket – secretsdump.py: https://github.com/fortra/impacket/blob/master/examples/secretsdump.py
• Impacket – lookupsid.py: https://github.com/fortra/impacket/blob/master/examples/lookupsid.py
• Microsoft Documentation – SID Structure: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers

Golden Ticket + ExtraSID Attack (Kerberos + Cross-Domain)

• The Hacker Recipes – Kerberos: https://www.thehacker.recipes/ad/movement/kerberos
• AD Security – Golden Ticket: https://adsecurity.org/?p=1640
• Impacket – ticketer.py: https://github.com/fortra/impacket/blob/master/examples/ticketer.py
• Impacket – getST.py: https://github.com/fortra/impacket/blob/master/examples/getST.py
• Red Team Notes: https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/child-domain-da-to-ea-in-parent-domain

CPES PRE-EXAM

Anda harus mempelajari CPES Pre-Exam. Luangkan waktu Anda untuk menguasai pemahaman sebelum memulai sertifikasi.

DIBUAT 100% OLEH LINUXENIC CORPORATION TEAM

Scenario Creator
Rio Saroha Simamora

Scenario Co-Creator
Thierry Ferdinanda

DevOps Architecture
Hambali

DUKUNGAN PROGRAM CPES

Campus Ambassador
Firmansyah Dzakwan Arifien | STT Terpadu Nurul Fikri
Aria Fatah Anom | STT Terpadu Nurul Fikri
Nofa Anggun Febriyani | Universitas Jenderal Achmad Yani
Martin Rizki Wendi Sinurat | Institut Teknologi Nasional Bandung