Penetrating Testing Tools and Techniques

Course

Online

£ 1,595 + VAT

Description

  • Type

    Course

  • Methodology

    Online

In this course you learn to discover weaknesses in your network using the same methodologies as hackers such as footprinting, enumeration, exploiting and escalating privileges. You acquire the knowledge to systematically test and exploit internal and external defenses by following an established methodology. Exploit frameworks are used to accomplish these tasks. You also learn countermeasures such as patching in order to mitigate and reduce risks to your enterprise. Who will benefit from this course? This course is beneficial to Blue and Red Team members, security consultants, auditors, firewall/IDS personnel, those responsible for securing enterprise systems from unwanted intrusion, and others involved in cyber security measures and implementation. Learning Objectives You Will Learn How To:Deploy ethical hacking to expose weaknesses in your organisationGather intelligence by employing reconnaissance, published data and scanning toolsProbe and compromise your network using hacking tools to test and improve your securityProtect against privilege escalation to prevent intrusionsHands-On Experience:Executing advanced port scanningPerforming injection attacksHijacking web sessions with XSSModifying data flows with man-in-the-middle attacksDefeating stateless firewalls, IDS and antivirus software

About this course

The course requires an understanding of Information Security fundamentals such as basic attack strategies, exploitation of vulnerabilities and an awareness of basic operating system and network functions.

Questions & Answers

Add your question

Our advisors and other users will be able to reply to you

Who would you like to address this question to?

Fill in your details to get a reply

We will only publish your name and question

Reviews

Subjects

  • Network Training
  • IDS
  • Web
  • Hacking
  • IDS training
  • Network
  • Testing

Course programme

Introduction to Ethical Hacking

  • Defining a penetration testing methodology
  • Creating a security testing plan
Footprinting and Intelligence GatheringAcquiring target information
  • Locating useful and relevant information
  • Scavenging published data
  • Mining archive sites
Scanning and enumerating resources
  • Identifying authentication methods
  • Harvesting e–mail information
  • Interrogating network services
  • Scanning from the inside out with HTML and egress busting
Identifying VulnerabilitiesCorrelating weaknesses and exploits
  • Researching databases
  • Determining target configuration
  • Evaluating vulnerability assessment tools
Leveraging opportunities for attack
  • Discovering exploit resources
  • Attacking with Metasploit
Attacking Servers and Devices to Build Better DefencesBypassing router Access Control Lists (ACLs)
  • Discovering filtered ports
  • Manipulating ports to gain access
  • Connecting to blocked services
Compromising operating systems
  • Examining Windows protection modes
  • Analysing Linux/UNIX processes
Subverting web applications
  • Injecting SQL and HTML code
  • Hijacking web sessions by prediction and Cross–Site Scripting (XSS)
  • Bypassing authentication mechanisms
Manipulating Clients to Uncover Internal ThreatsBaiting and snaring inside users
  • Executing client–side attacks
  • Gaining control of browsers
Manipulating internal clients
  • Harvesting client information
  • Enumerating internal data
Deploying the social engineering toolkit
  • Cloning a legitimate site
  • Diverting clients by poisoning DNS
Exploiting Targets to Increase SecurityInitiating remote shells
  • Selecting reverse or bind shells
  • Leveraging the Metasploit Meterpreter
Pivoting and island–hopping
  • Deploying portable media attacks
  • Routing through compromised clients
Pilfering target information
  • Stealing password hashes
  • Extracting infrastructure routing, DNS and NetBIOS data
Uploading and executing payloads
  • Controlling memory processes
  • Utilising the remote file system
Testing Antivirus and IDS SecurityMasquerading network traffic
  • Obfuscating vectors and payloads
  • Side–stepping perimeter defences
Evading antivirus systems
  • Discovering stealth techniques to inject malware
  • Uncovering the gaps in antivirus protection
Mitigating Risks and Next Steps
  • Reporting results and creating an action plan
  • Managing patches and configuration
  • Recommending cyber security countermeasures

Penetrating Testing Tools and Techniques

£ 1,595 + VAT