Penetration Testing Training: Tools and Techniques

Course 537

  • Duration: 4 days
  • Labs: Yes
  • Language: English
  • 32 (ISC)2 CPE A Credits
  • Level: Intermediate

In this Penetration Testing course, you'll delve into understanding how hackers breach operating systems and circumvent antivirus measures. By adopting hackers' strategies and approaches, you'll uncover vulnerabilities within your network. This hands-on experience equips you with the ability to test and exploit your defenses, enabling the implementation of effective countermeasures to mitigate risks within your enterprise.

    Penetration Testing Training: Tools and Techniques Delivery Methods

    • In-Person

    • Online

    Penetration Testing Training Course Information

    In this Penetration Testing course, you will learn how to:

    • Deploy ethical hacking to expose weaknesses in your organisation.
    • Gather intelligence by employing reconnaissance, published data, and scanning tools.
    • Test and improve your security by compromising your network using hacking tools.
    • Protect against unauthorised access by identifying key weakness proactively.

    Prerequisites

    Before taking this course, you should have knowledge of TCP/IP concepts and experience with security issues at the level of:

    Penetration Testing Course Outline

    • Choosing a penetration testing framework
    • Creating a security testing plan

    Acquiring target information

    • Locating useful and relevant information
    • Scavenging published data
    • Mining archive sites

    Scanning and enumerating resources

    • Identifying authentication methods
    • Harvesting email information
    • Interrogating network services
    • Scanning from the inside out with HTML and egress busting

    Correlating weaknesses and exploits

    • Researching databases
    • Determining target configuration
    • Evaluating vulnerability assessment tools

    Leveraging opportunities for attack

    • Crafting malware and undetectable exploits
    • Attacking with Metasploit

    Bypassing router Access Control Lists (ACLs)

    • Discovering filtered ports
    • Manipulating ports to gain access
    • Connecting to blocked services

    Compromising firewalls

    • Bypassing URL filtering
    • Performing Man-in-the-Middle attacks

    Subverting web applications

    • Injecting SQL and HTML code
    • Hijacking web sessions by prediction and Cross-Site Scripting (XSS)
    • Bypassing authentication mechanisms

    Baiting and snaring inside users

    • Executing client-side attacks
    • Gaining control of browsers

    Manipulating internal clients

    • Harvesting client information
    • Enumerating internal data

    Deploying the social engineering toolkit

    • Cloning a legitimate site
    • Diverting clients by poisoning DNS

    Initiating remote shells

    • Selecting reverse or bind shells
    • Leveraging the Metasploit Meterpreter

    Pivoting and island hopping

    • Performing lateral movement
    • Routing through compromised clients

    Pilfering target information

    • Stealing password hashes
    • Extracting infrastructure routing, DNS and NetBIOS data

    Uploading and executing payloads

    • Controlling memory processes
    • Bypassing User Account Controls

    Masquerading network traffic

    • Obfuscating vectors and payloads
    • Sidestepping perimeter defenses

    Evading antivirus systems

    • Discovering stealth techniques to inject malware
    • Uncovering the gaps in antivirus protection
    • Reporting results and creating an action plan
    • Managing patches and configuration
    • Recommending cyber security countermeasures

    Need Help Finding The Right Training Solution?

    Our training advisors are here for you.

    Penetration Testing Course FAQs

    Penetration testing tests a computer system, network or web app to ensure there are no vulnerabilities that a potential attacker could use.

    Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available in class and live online.