Every organization needs skilled information security personnel who can find vulnerabilities and mitigate their effects, and this entire course is specially designed to get you ready for that role. The course starts with proper planning, scoping and recon, then dives deep into scanning, target exploitation, password attacks, and web app manipulation, with over 30 detailed hands-on labs throughout. The course is chock full of practical, real-world tips from some of the world’s best penetration testers to help you do your job safely, efficiently…and masterfully.
• Offering in-depth technical excellence along with industry-leading methodologies to conduct high-value penetration tests. • Getting deep into the tools arsenal with numerous hands-on exercises that show subtle, less well-known and undocumented features that are useful for professional penetration testers and ethical hackers. • Discussing how the tools interrelate with each other in an overall testing process. Rather than just throwing up a bunch of tools and playing with them, we analyze how to leverage information from one tool to get the most bang out of the next tool. • Focusing on the workflow of professional penetration testers and ethical hackers, proceeding step by step and discussing the most effective means for conducting projects. • Covering several timesaving tactics based on years of in-the-trenches experience of real penetration testers and ethical hacker – tasks that might take hours or days unless you know the little secrets we will cover that will let you surmount a problem in minutes. • The course stresses the mindset of successful penetration testers and ethical hackers, which involves balancing the often contravening forces of thinking outside the box, methodically trouble-shooting, carefully weighing risks, following a time-tested process, painstakingly documenting results and creating a high-quality final report that achieves management and technical buy-in. • Analyzing how penetration testing and ethical hacking should fit into a comprehensive enterprise information security program.
Who Should Attend?
• Security personnel whose job involves assessing networks and systems to find and remediate vulnerabilities • Penetration testers • Ethical hackers • Defenders who want to better understand offensive methodologies, tools, and techniques • Auditors who need to build deeper technical skills • Red team members • Blue team members • Forensics specialists who want to better understand offensive tactics
Day One: Comprehensive Pen Test Planning, Scoping, and Recon
• The Mindset of the Professional Pen Tester • Building a World-Class Pen Test Infrastructure • Creating Effective Pen Test Scopes and Rules of Engagement • Detailed Recon Using the Latest Tools • Effective Pen Test Reporting to Maximize Impact • Mining Search Engine Results • Document Metadata Extraction and Analysis
Day Two: In-Depth Scanning
• Tips for Awesome Scanning • Tcpdump for the Pen Tester • Nmap In-Depth: The Nmap Scripting Engine • Version Scanning with Nmap • Vulnerability Scanning with Nessus • False-Positive Reduction • Packet Manipulation with Scapy • Enumerating Users • Netcat for the Pen Tester • Monitoring Services during a Scan
Day Three: Exploitation
• Comprehensive Metasploit Coverage with Exploits/Stagers/Stages • Strategies and Tactics for Anti-Virus Evasion • In-Depth Meterpreter Analysis, Hands-On • Implementing Port Forwarding Relays for Merciless Pivots • How to Leverage Shell Access to a Target Environment
Day Four: Post-Exploitation and Merciless Pivoting
• Windows Command Line Kung Fu for Penetration Testers • PowerShell’s Amazing Post-Exploitation Capabilities • Password Attack Tips • Account Lockout and Strategies for Avoiding It • Automated Password Guessing with THC-Hydra • Retrieving and Manipulating Hashes from Windows, Linux, and Other Systems • Pivoting through Target Environments • Extracting Hashes and Passwords from Memory with Mimikatz Kiwi
Day Five: In-Depth Password Attacks and Web App Pen Testing
• Password Cracking with John the Ripper • Sniffing and Cracking Windows Authentication Exchanges Using Cain • Using Rainbow Tables to Maximum Effectiveness • Pass-the-Hash Attacks with Metasploit and More • Finding and Exploiting Cross-Site Scripting • Cross-Site Request Forgery • SQL Injection • Leveraging SQL Injection to Perform Command Injection • Maximizing Effectiveness of Command Injection Testing
Day six: Penetration Test & Capture the Flag Workshop