Mile2 Approved · HRDC Claimable

Certified Penetration Testing Engineer (CPTE) Training Malaysia

5-day intensive Mile2 CPTE prep with full cyber-range labs and the CPTE exam on Friday. Built for IT pros transitioning into offensive security and aspiring Malaysian penetration testers.

Reserve a Seat Talk to an Expert

Why CPTE

The Malaysian penetration testing market is constrained by people, not demand. NACSA's Cyber Security Act 2024 brought a new tier of NCII operators inside a formal regulator, BNM RMiT continues to drive intelligence-led testing in financial services, and PDPA 2024 amendments have raised the cost of breach. Every one of these creates pull for credentialed pentesters — and the entry pipeline is thin.

CPTE is a deliberately structured on-ramp. Where OSCP rewards raw persistence on a punishing exam, CPTE walks the candidate through a complete, repeatable methodology over five focused days, then certifies the result with a hands-on-leaning multiple-choice exam. For a Malaysian IT professional with a few years of network or sysadmin experience who wants a credible first pentest credential, CPTE is the most efficient route.

We deliver the official Mile2 CPTE courseware paired with a private cyber-range lab built and maintained by our own consulting team. The labs reflect the kinds of mis-configurations our consultants actually find in Malaysian SME and mid-market environments — Windows AD with stale service accounts, exposed file shares, weak segmentation between corporate and OT, public-facing apps with the usual OWASP Top 10 patterns.

Course structure — 5 days

Day 1

Methodology & reconnaissance

Pentest lifecycle, ROE, legal authorisation, OSINT, passive and active reconnaissance, footprinting Malaysian-style targets.

Day 2

Scanning & enumeration

Network discovery, port scanning, service fingerprinting, vulnerability scanning, AD enumeration, SMB/RPC/LDAP weaknesses.

Day 3

Exploitation

Public exploit selection and modification, Metasploit framework, manual exploitation, web exploitation (OWASP Top 10), password attacks.

Day 4

Post-exploitation & lateral movement

Privilege escalation (Windows + Linux), credential harvesting, pass-the-hash / pass-the-ticket, lateral movement, persistence, anti-forensics awareness.

Day 5 (AM)

Reporting & deliverables

Writing findings (CVSS scoring, business impact), executive summary technique, evidence packaging, retest strategy, the regulator-grade report.

Day 5 (PM)

Mile2 CPTE Exam

2-hour, 100-question online proctored exam. 70% pass mark. Mile2 issues the digital certificate on a successful pass.

Who should attend

• IT professionals (sysadmins, network engineers) transitioning into offensive security
• SOC analysts wanting to understand the attacker side of the kill chain
• Internal red-team members at Malaysian banks, telcos and government agencies
• Software developers seeking an applied security credential
• Candidates planning to attempt OSCP and wanting a methodical primer first

Next intake

Date: Next public intake — August 2026 (5 consecutive working days, Monday – Friday)

Venue: Kuala Lumpur city centre (also available virtual instructor-led with remote lab access)

Class size: capped at 14 to keep lab time generous

Trainer: Working penetration tester with OSCP and CREST CPSA/CRT credentials

Includes: Official Mile2 courseware, lab access, exam fee, lunch & refreshments

HRDC: SBL-Khas claimable

Frequently asked questions

What is the Mile2 CPTE certification?

Mile2's Certified Penetration Testing Engineer (CPTE) is a vendor-neutral, hands-on penetration testing certification that maps to the NICCS Cybersecurity Workforce Framework and is recognised under DoD Directive 8140 (formerly 8570) baseline categories in the United States. It validates a practitioner's ability to plan and execute a structured penetration test across reconnaissance, scanning, exploitation, post-exploitation and reporting.

Who should take CPTE?

Aspiring penetration testers, IT professionals transitioning into offensive security, SOC analysts who want to understand the attacker side, and internal red-team members at Malaysian enterprises. CPTE is a strong stepping-stone toward OSCP and CREST CPSA/CRT for candidates who want a more methodical entry into the discipline before tackling those harder exams.

Are there prerequisites?

Mile2 recommends 12 months of networking and information security experience plus prior exposure to Linux command line and basic scripting. We screen enrolments — if your background is too thin we will steer you toward a Foundation-level course first so the lab time is useful, not frustrating.

What does a typical day look like?

Mornings cover the methodology block (theory, walk-throughs, demos). Afternoons are full lab time on a dedicated cyber range with vulnerable Windows AD, Linux and web targets. By Friday afternoon you will have walked the full kill chain on a multi-host network, written the engagement report, and sat the CPTE exam.

Is the exam included?

Yes. The Mile2 CPTE exam (2 hours, 100 questions, 70% pass mark) is included in the course fee and taken online on Friday afternoon. Mile2 issues the digital certificate on a successful pass.

Reserve your August 2026 seat

CPTE class is capped at 14. If you would like to bundle the cohort with a follow-on internal pentest engagement, ask us about combined training-plus-engagement pricing.

Reserve a Seat