コース概要
Introduction
- Overview of Kali Linux
- Installing and configuring Kali Linux
- Using and updating Kali Linux
Penetration Testing Standards and Classification
- Open Web Application Security Project (OWASP)
- Licensee Penetration Testing (LPT)
- White box and black box
- Penetration testing vs vulnerability assessment
Advanced Penetration Methodology
- Target framework and scope
- Gathering client requirements
- Checklist for test plan
- Profiling test boundaries
- Advance penetration testing using Kali Linux
Information Discovery
- Hacking Google
- Gathering DNS and who information
- Gathering route and network information
- Gathering all-in-one information
Scanning and Enumerating Target
- Advance network scanning
- Port and Udp port scanning
- Stealth port scanning techniques
- Packet crafting with Hping
- Nmap scanning and plug-ins
- Active and passive banners and system OS enumeration
- Enumerating users, groups, and shares
- Enumerating DNS resource records and network devices
Vulnerability Assessment Tools
- Nessus
- Open Vas
Target Exploitation
- Setting up Metaslpoit
- Exploitation with Metaslpoit
- Meterpreter session
- VNC exploitation
- Stealing password hash
- Adding custom modules to Metaslpoit
- Using immunity debugger
- Writing exploit
Privileges Escalation and Access Maintenance
- Breaking password hash
- Cracking telnet, ssh, and FTP password
- Using Metasploit post-exploitation modules
- Protocol tunneling
- Proxy
- Installing persistent backdoor
Advance Sniffing
- ARP poisoning
- DHCP starvation
- Mac flooding
- DNS poisoning
- Sniffing credentials from a secured website
DOS Attack
- Syn attack
- Application request flood attack
- Service request flood
- Service attack permanent denial
Penetration Testing
- Web penetration testing
- Wireless penetration testing
Exploitation and Client Side Attack
- Exploiting browser vulnerability
- Buffer overflow
- Fuzzing
- Fast-track hacking
- Phishing passwords
- Generating backdoors
- Java applet attack
Firewall Testing
- Firewall overview
- Testing firewall and ports
- Rules of testing firewall
Management and Reporting
- Documentation and results verification
- Dradis framework
- Magic tree and Maltego
- Data collection and evidence management
- Report types and presentation
- Post testing procedure
Summary and Next Steps
要求
- Basic knowledge of using Kali Linux for penetration testing
- Basic understanding of Linux/Unix and networking concepts
- An understanding of network vulnerabilities
Audience
- Ethical hackers
- Penetration testers
- Security engineers
- IT professionals
お客様の声 (5)
ファイル権限
Angel - Vodacom
コース - Linux Command Line Basics
Machine Translated
新しいことを学ぶたびに演習をしなければならないのもよかったです
Daria
コース - Intermediate Unix
Machine Translated
- すべてのコース参加者に適応する - クールでわかりやすい例
Katarzyna - Rossmann SDP Sp. z.o.o
コース - Introduction to Linux
Machine Translated
非常によく構成されて提供された情報、知識の伝達に役立つ実践的な演習がたくさんあり、トレーナーはあらゆる質問に答え、全員を助けてくれました。
Catalin - DB Global Technology
コース - Linux Administration Fundamentals
Machine Translated
The extra informations not in the official docs