Learning Path: Kali Linux
Course
Online
Description
-
Type
Course
-
Methodology
Online
-
Start date
Different dates available
An introduction to white hat penetration testingThe phrase ‘the best offense is a good defense’ couldn’t be more applicable to the realm of enterprise penetration testing and security. This Learning Path specifically focuses on the broader Kali Linux toolkit, and will provide you with the expertise and exposure you need to fully test and explore your local networks with confidence. Please test responsibly.About the AuthorJustin Hutchens currently works as a security consultant and regularly performs penetration tests and security assessments for a wide range of clients. He previously served in the United States Air Force where he worked as an intrusion detection specialist, network vulnerability analyst and malware forensic investigator for a large enterprise network with over 55,000 networked systems. He currently holds a Bachelor’s degree in Information Technology and multiple professional information security certifications, to include CISSP (Certified Information Systems Security Professional), OSCP (Offensive Security Certified Professional), eWPT (eLearnSecurity Web-Application Penetration Tester), GCIH (GIAC Certified Incident Handler), CNDA (Certified Network Defense Architect), CEH (Certified Ethical Hacker), ECSA (EC-Council Certified Security Analyst) and CHFI (Computer Hacking Forensic Investigator). He was also the writer and producer of the Packt eLearning video course “Kali Linux - Backtrack Evolved”.
Aaron Johns currently works for Intrasect Technologies as an IT Specialist. He provides support for over 160 clients. His work roles include maintaining business networks and security policies to increase operational efficiencies and reduce costs.
Aaron also publishes videos and books for Packt Publishing, one of the most prolific and fast-growing tech book publishers in the world. He has also filmed several independent videos..
Aaron started broadcasting YouTube videos in 2007. In 2009, he was offered a partnership with YouTube
Facilities
Location
Start date
Start date
About this course
This course will offer a complete roadmap for the penetration testing process from start to finish
Experience hands-on video demonstrations regarding how to use an extensive collection of tools within the Kali-Linux environment to perform penetration tests against every aspect of a target network
Advanced techniques with detailed explanations that are useful to novice users and experienced viewers alike
Explore advanced techniques to bypass firewalls and IDS, and remain hidden
Discover advanced exploitation methods on even the most updated systems
Scan your application for vulnerabilities with dynamic tools such as w3af and OWASP Zap to resolve them on time
Reviews
This centre's achievements
All courses are up to date
The average rating is higher than 3.7
More than 50 reviews in the last 12 months
This centre has featured on Emagister for 4 years
Subjects
- Network Training
- Install
- Systems
- Web
- Operating Systems
- Hacking
- Installation
- Network
- Database training
- Database
- Works
- Server
- Linux
- Networks
- Windows
- Testing
- Access
Course programme
- Download Linux distro operating systems from DistroWatch
- Acquire trial Windows operating systems from Microsoft Technet
- Students can acquire a fully licensed Microsoft software from DreamSpark
- Download VirtualBox from virtualbox.org and install
- Create a virtual machine
- Configure virtual machine settings
- Download VMware Player from vmware.com and install it
- Create a virtual machine
- Configure virtual machine settings
- Download Kali Linux image file
- Launch live boot of Kali Linux from a virtual machine
- Follow guided install to complete installation
- Turn off the firewall, automatic updates, and remove installed updates on host systems
- Install unnecessary roles and features on server systems
- Install Metasploitable, an intentionally vulnerable Linux distribution
- Look at the target website and its historical archives
- Profile company and employees using LinkedIn
- Gather technical information with serversniff.net
- Use of Google search operators
- Use of Google special characters
- Use the Google Hacking database for unique queries
- Search exclusively in the target domain with a site operator
- Use an appropriate syntax to search for subdomains and add results to the list
- Remove the previous results and repeat the process
- Use Dmitry to gather IP translations, netcraft info, subdomains, and email addresses
- Use Goofile to enumerate files within a domain
- Record information collected
- Introduce a point of departure
- Perform Transforms to gather information on networked systems
- Organize and manage the information collected
- Use the arping utility to discover hosts
- Use nmap ARP scans to discover hosts
- Use NetworkDiscover to perform an active and passive layer 2 discovery
- Use fping for layer-3 discovery
- Use hping3 for layer-3 discovery
- Use a Bash script to create a layer 3 discovery script
- Use nmap pingsweep for basic host discovery
- UDP scan for host discovery
- TCP ACK scan for host discovery
- Basic packet formatting with Scapy
- Sending and receiving packets with Scapy
- Integrating Scapy into Python scripting for custom scans
- Perform passive OS identification with p0f
- Active OS identification with xprobe2
- Active OS identification with nmap
- Basic nmap port scanning
- Scan multiple systems and network ranges
- Use unique nmap TCP flag scans
- Nmap scanning with Zenmap
- Visual analysis of scan results
- Create scan profiles
- Explore NSE (Nmap Scripting Engine) scripts
- Use NSE scripts with nmap
- Use a Bash script for greppable output analysis
- Configure IPID sequence scanner in Metasploit
- Discover a host with an incremental IPID sequence to perform a scan
- Use zombie host to perform an idle scan against a target
- Use Netcat for network service banner grabbing
- Use Dmitry for automated banner grabbing
- Use Amap to verify port-associated services
- Search scanners to test target-specific services
- Configure options for the selected scanner
- Run a scan against a target(s)
- Download and install the Nessus package
- Start Nessus service and connect to the web interface
- Complete the guided installation and registration
- Scan a single target
- How to scan a range or group of targets
- Create a scan template for later use
- Review preconfigured policies
- Modify existing scan polices
- Create a new scan policy
- Review scan results ordered by the host
- Review scan results ordered by vulnerability
- Review specific vulnerability information for later use in exploitation
- Perform a denial of service (DOS) attack against Windows 2008 Server
- Launch an SMB exploit against Windows XP host
- Perform a Java RMI exploit against Linux Server
- Navigate the remote system using Meterpreter commands
- Perform upload, download, and execute commands
- Open a command prompt shell on a remote system
- Sniff network traffic using a sniffer
- Use Espia to capture screenshots of a remote system
- Use keyscan to perform a keylogger attack against a remote system
- Use msfconsole to launch the installation
- Browse to the web interface and complete configuration
- Get a trial license and activate MSF Pro
- Create a new project and perform network discovery
- Use Nexpose to perform a vulnerability scan or import Nessus results
- Use vulnerabilities to exploit systems on the network and interact with the acquired shells
- Locate applicable exploit in files.csv
- Modify the exploit code if necessary and launch
- Verify the delivered payload by connecting to the remote shell
- Configure credential harvester with a spoofed login website
- Use DNS poisoning attack to redirect the victim to the spoofed website
- Wait for the victim to browse to the site and then collect the login credentials
- Intercept a login request with Burp Suite Proxy
- Run a Sniper attack against password payload position
- Identify an "access granted" response
- Perform a SQL injection attack
- Perform a Cross-Site-Scripting (XSS) attack
- Perform an unrestricted upload and command execution attacks
- Install Netcat backdoor and create a registry key to start Netcat on startup
- Use Netcat listener or Metasploit handler to connect to Netcat backdoor
- Use Metsvc script to install Meterpreter backdoor on a target system
- Scan for hosts and select victim targets
- Start ARP poisoning and sniffing
- Collect traffic between systems using Wireshark
- Acquire a password hash
- Use Hash-Identifier to determine a hash type
- Use Find-My-Hash to crack the hash value
- Use Hydra help information to view capabilities
- Use Hydra to perform a dictionary attack against a network service
- Use Hydra to perform a brute force attack against a network service
- Acquire Windows hashes with Meterpreter
- Acquire Linux hashes with Meterpreter
- Crack each with John the Ripper
- Start graphical interfaces from the command line
- Use Johnny graphical interface to crack password hash files
- Use xHydra to perform online password attacks against network services
- Download Linux distro operating systems from DistroWatch
- Acquire trial Windows operating systems from Microsoft Technet
- Students can acquire a fully licensed Microsoft software from DreamSpark
- Download VirtualBox from virtualbox.org and install
- Create a virtual machine
- Configure virtual machine settings
- Download VMware Player from vmware.com and install it
- Create a virtual machine
- Configure virtual machine settings
- Download Kali Linux image file
- Launch live boot of Kali Linux from a virtual machine
- Follow guided install to complete installation
- Turn off the firewall, automatic updates, and remove installed updates on host systems
- Install unnecessary roles and features on server systems
- Install Metasploitable, an intentionally vulnerable Linux distribution
- Look at the target website and its historical archives
- Profile company and employees using LinkedIn
- Gather technical information with serversniff /p
How to Install Oracle VirtualBox
Must manage network operating systems in a singe virtual environment / install the VirtualBox virtualization software
- Download VirtualBox from virtualbox.org and install
- Create a virtual machine
- Configure virtual machine settings
- Download VirtualBox from virtualbox.org and install
- Create a virtual machine
- Configure virtual machine settings
- Download VirtualBox from virtualbox.org and install
- Create a virtual machine
- Configure virtual machine settings
- Download...
Additional information
Learning Path: Kali Linux