Preferred method of contact:

Penetration Testing: Tools and Techniques — GCHQ Certified Training

COURSE TYPE

Intermediate

Course Number

537

Duration

4 Days

PDF Add to WishList

The most effective way to discover weaknesses in your own network is using the same mindset and methods as hackers. In this cyber security ethical hacking training course, you learn how hackers compromise operating systems and evade antivirus software, and acquire the skills to test and exploit your defenses, and implement countermeasures to reduce risk in your enterprise.

You Will Learn How To

  • Deploy ethical hacking to expose weaknesses in your organisation
  • Gather intelligence by employing reconnaissance, published data, and scanning tools
  • Test and improve your security by compromising your network using hacking tools
  • Protect against privilege escalation to prevent intrusions

Important Course Information

Requirements:

  • Experience with security issues at the level of:
    • Course 468, System and Network Security Introduction, or
    • Course 446 CompTIA Security+ Certification Exam Preparation

Recommended Experience:

  • Knowledge in TCP/IP concepts

GCHQ Certified Training and Exam Information:

  • This is a GCHQ Certified Training (GCT) course. GCHQ Certified Training has been recognised for excellence by a UK Government developed cyber security scheme. GCT is part of the UK Government’s initiative to address the shortage of skilled cyber security professionals. The GCT scheme is underpinned by the industry respected IISP framework and assesses the quality of the course materials and the Instructors’ delivery of the course against GCHQ’s exacting standards.
  • Successful completion of the end of course exam will gain you an independent APMG-International GCT certification award.

Course Outline

  • Introduction to Ethical Hacking
  • Defining a penetration testing methodology
  • Creating a security testing plan
  • Footprinting and Intelligence Gathering

Acquiring target information

  • Locating useful and relevant information
  • Scavenging published data
  • Mining archive sites

Scanning and enumerating resources

  • Identifying authentication methods
  • Harvesting e–mail information
  • Interrogating network services
  • Scanning from the inside out with HTML and egress busting
  • Identifying Vulnerabilities

Correlating weaknesses and exploits

  • Researching databases
  • Determining target configuration
  • Evaluating vulnerability assessment tools

Leveraging opportunities for attack

  • Discovering exploit resources
  • Attacking with Metasploit
  • Attacking Servers and Devices to Build Better Defences

Bypassing router Access Control Lists (ACLs)

  • Discovering filtered ports
  • Manipulating ports to gain access
  • Connecting to blocked services

Compromising operating systems

  • Examining Windows protection modes
  • Analysing Linux/UNIX processes

Subverting web applications

  • Injecting SQL and HTML code
  • Hijacking web sessions by prediction and Cross–Site Scripting (XSS)
  • Bypassing authentication mechanisms
  • Manipulating Clients to Uncover Internal Threats

Baiting and snaring inside users

  • Executing client–side attacks
  • Gaining control of browsers

Manipulating internal clients

  • Harvesting client information
  • Enumerating internal data

Deploying the social engineering toolkit

  • Cloning a legitimate site
  • Diverting clients by poisoning DNS
  • Exploiting Targets to Increase Security

Initiating remote shells

  • Selecting reverse or bind shells
  • Leveraging the Metasploit Meterpreter

Pivoting and island–hopping

  • Deploying portable media attacks
  • Routing through compromised clients

Pilfering target information

  • Stealing password hashes
  • Extracting infrastructure routing, DNS and NetBIOS data

Uploading and executing payloads

  • Controlling memory processes
  • Utilising the remote file system
  • Testing Antivirus and IDS Security

Masquerading network traffic

  • Obfuscating vectors and payloads
  • Side–stepping perimeter defences

Evading antivirus systems

  • Discovering stealth techniques to inject malware
  • Uncovering the gaps in antivirus protection
  • Mitigating Risks and Next Steps
  • Reporting results and creating an action plan
  • Managing patches and configuration
  • Recommending cyber security countermeasures
Show complete outline
Show Less

Convenient Ways to Attend This Instructor-Led Course

Hassle-Free Enrolment: No advance payment required to reserve your seat.
Tuition Fee due 30 days after you attend your course.

In the Classroom

Live, Online

Private Team Training

In the Classroom — OR — Live, Online

Tuition Fee — Standard: £2095  

30 Jan - 2 Feb (4 Days)
9:00 AM - 4:30 PM GMT
London / Online (AnyWare) London / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

29 May - 1 Jun (4 Days)
9:00 AM - 4:30 PM BST
London / Online (AnyWare) London / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

25 - 28 Sep (4 Days)
9:00 AM - 4:30 PM BST
London / Online (AnyWare) London / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

AFTERNOON START: Attend these live courses online via Anyware

16 - 19 Jan (4 Days)
2:00 PM - 9:30 PM GMT
Online (AnyWare) Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online

13 - 16 Feb (4 Days)
2:00 PM - 9:30 PM GMT
Rockville, MD / Online (AnyWare) Rockville, MD / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

20 - 23 Mar (4 Days)
1:00 PM - 8:30 PM GMT
Alexandria, VA / Online (AnyWare) Alexandria, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

10 - 13 Apr (4 Days)
2:00 PM - 9:30 PM BST
New York / Online (AnyWare) New York / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

24 - 27 Apr (4 Days)
2:00 PM - 9:30 PM BST
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

14 - 17 Aug (4 Days)
2:00 PM - 9:30 PM BST
Alexandria, VA / Online (AnyWare) Alexandria, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

18 - 21 Sep (4 Days)
2:00 PM - 9:30 PM BST
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

9 - 12 Oct (4 Days)
2:00 PM - 9:30 PM BST
New York / Online (AnyWare) New York / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Guaranteed to Run

Show all dates
Show fewer dates

Private Team Training

Enroling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training.

For details, call 0800 282 353 or Click here »

Tuition Fee

Standard

In Classroom or
Online

Standard

£2095

Private Team Training

Contact Us »

Course Tuition Fee Includes:

After-Course Instructor Coaching
When you return to work, you are entitled to schedule a free coaching session with your instructor for help and guidance as you apply your new skills.

Free Course Exam
You can take your Learning Tree course exam on the last day of your course or online at any time after class and receive a Certificate of Achievement with the designation "Awarded with Distinction."

Prev
Next

Training Hours

Standard class hours:
9:00 a.m. - 4:30 p.m.

Last day class hours:
9:00 a.m. - 3:30 p.m.

Free Course Exam – Last Day:
3:30 p.m. - 4:30 p.m.

Each class day:
Informal discussion with instructor about your projects or areas of special interest:
4:30 p.m. - 5:30 p.m.

AFTERNOON START class hours:
2:00 p.m. - 9:30 p.m.


Last day class hours:
2:00 p.m. - 8:30 p.m.


Free Course Exam – Last Day:
8:30 p.m. - 9:30 p.m.


Each class day:
Informal discussion with instructor about your projects or areas of special interest
9:30 p.m. - 10:30 p.m.

Enhance Your Credentials with Professional Certification

Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.

This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.

Learning Tree Courses mapped to the Industry respected IISP Skills Framework and assessed against the exacting standards of GCHQ. Read more ...

“Thanks to the Learning Tree Course, we can now do periodic security audits more frequently and at a lower cost than contracting out the work”.

- D. Caswell, Programmer/Analyst
North Carolina Housing Finance Agency

Prev
Next
Chat Now

Please Choose a Language

Canada - English

Canada - Français