Course Overview

Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers is the next step in YOUR penetration testing and ethical hacking journey.

Most engagements are conducted remotely, meaning that the tester must have the ability to move about freely from outside of the network into it. We do this using various techniques. Some of the simplest can be utilizing a compromised password to access a desktop environment via remote desktop and attempting to access other machines with those credentials. More complicated techniques include utilizing compromised endpoints to act as a proxy for us, forwarding traffic from internal targets back to our own.

MP&P will cover topics such as:

  • Username and Password List Generation
  • Password Spraying
  • Email Phishing
  • Command and Control (C2)
  • Credential Harvesting and Passing
  • Routing, Port Forwarding, SOCKS Proxies, and Bind Usage
  • Offensive PowerShell
  • How the Misconfigurations We See in Real Pentests Happen
  • Common Remediation Strategies You Can Use to Report to Clients



  • This course is not meant to be a course for beginners. It is assumed that each student has a basic to intermediate understanding of penetration testing and ethical hacking, including the use of Nmap, Metasploit, OWASP ZAP or Burp Suite, and other well-used tools. Some basic level knowledge will be used, such as enumeration, and expanded upon for various lessons.
  • The course will require the generation of a local lab environment. In order to gain the full benefit from the course, the student’s PC will need at least 16GB of RAM. It is possible to configure the lab with less, however some assets will have to be suspended to run critical services. Students can also opt to generate lab environments using Azure, AWS, or Google Cloud; however, implementation will be outside the scope of the course.
  • Students should have the knowledge to install VirtualBox, create and provision virtual machines. VirtualBox will be necessary in order to provision the virtual networks needed for the course. Automated generation scripts are provided in order to create necessary user accounts and permissions for your Active Directory domain environment. Some additional configurations will be required, which will be covered at the appropriate point in the course.


Why should you purchase this course?

  • The information in this course comes from first hand experiences in real world penetration tests.  
  • This course will provide you with advanced hacking techniques and expertise that can help you pass professional pentesting certifications such as eCPPT, OSCP, ePTX, PNPT, and more.
  • The skills you will learn in Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers are the same that employers are demanding from applicants looking to enter the field.

What will I receive from this course?

  • Access to the student-only channel on Discord to receive support from the instructor and other students
  • Custom Kali Linux distribution for students
  • Course completion certificate

Course Curriculum - 5 Hours

  First Section
Available in days
days after you enroll
  Lab Setup
Available in days
days after you enroll
  Introduction to Command and Control
Available in days
days after you enroll
  Gaining the Foothold
Available in days
days after you enroll
  Enumerating the Local Machine, Privilege Escalation, and Local Persistence
Available in days
days after you enroll
  Domain Enumeration
Available in days
days after you enroll
  Movement, Pivoting, and Persistence in the Domain
Available in days
days after you enroll
Available in days
days after you enroll

This course is closed for enrollment.

About the Instructor

Joe Helle is an Army Veteran of the Iraq and Afghanistan Wars, former Mayor, and senior penetration tester at TCM Security. Known online as “TheMayor,” Joe has provided educational content and mentoring to thousands of people through Twitch and Youtube. 

Joe is eCPPT, eWPT, OSCP, SSCP, CEH, Security+, Network+, and A+ and holds a Bachelor’s of Science in Cybersecurity and Information Assurance. 

Follow Joe on Social Media:

LinkedIn: https://