Prepare students to conduct successful penetration testing and ethical hacking projects. Give students the skills of proper planning, scoping and reconnaissance, scanning, target exploitation, password attacks, and wireless and web applications with detailed hands-on exercises and practical tips for doing the job safely and effectively. Give students the skills to conduct a penetration test against a sample target organisation.
Network Penetration Testing: Planning, Scoping, and Reconnaissance
The mindset of a professional penetration tester and ethical hackerTypes of penetration tests and ethical hacking projects, with an overview of various testing methodologiesLimitations of penetration testing, and how testing fits into an overall security programDefining rules of engagement and scoping a projectLegal issues with penetration testing around the worldWhois lookups - maximizing the usefulness of registrars, Autonomous System Numbers, etc.DNS lookups with nslookup, dig, Sensepost's BiLE, etcSearch engine vulnerability-finding tools: Aura, Wikto, EvilAPI, and more
Network Penetration Testing: Scanning
Types of scans - Network sweeps, network tracing, port scans, OS fingerprinting, version scans, and vulnerability scansOverall scanning tips - tcpdump for the pen tester, protocol anomalies, and troubleshootingNetwork tracing in-depth with traditional traceroute and exotic network mapping techniquesPort scanning in-depth with the latest Nmap featuresVulnerability Scanning
Network Penetration Testing: Exploitation and Post Exploitation
Exploit categories - server-side, client-side, and local privilege escalationMetasploit Framework coverage - exploits, stagers, stages and how penetration testers can get the most value out of subtle but powerful featuresThe Metepreter in depth, including file, process, and network interactions and the priv moduleInstalling and activating VNC, RDP, sshd, and telnet services from a command shellMoving files with exploits cross platformWindows command line kung fu specifically targeted at pen testers: making ping sweepers, port scanners, reverse DNS lookup tools, and password guessers at the command-line
Network Penetration Testing: Password Attacks
The primacy of passwordsAccount lockout and strategies for avoiding itPassword representation formats in depth: Windows LANMAN, NT, NTLMv1, NTLMv2, Unix DES, and Linux MD5Dumping Windows hashes with fgdump, via an instrumented Netcat relayJohn the Ripper features for penetration testersRainbow table attacks in depth: How the tables work and how you can use them for more efficiencyPass-the-hash attacks against Windows: Using hashes without even cracking a password
| Module Content & Assessment | |
|---|---|
| Assessment Breakdown | % |
| Other Assessment(s) | 100 |