This 1-day course will teach you the foundations of penetration testing and how to find and exploit vulnerabilities within different technologies. This introductory course will train attendees in understanding penetration testing, and provide background information, risks and vulnerabilities associated with different systems and provide insight to how the mindset of a hacker works. Students will also get access to an online training environment platform which will be used to practice the concepts taught during the course.
Attendees will gain understanding in the following topics:
Understand different network topologies and addressing schemes
Understand the properties and security of common network protocols and thenetwork protocol stacks.
How to fingerprint, enumerate and exploit common windows and linux
misconfigurations and vulnerabilities.
Differentiate between types of wireless standards and understand the benefits andrisks associated with these standards.
How to exploit common web application security flaws.
Hacking History 101
Hacking in 2018
Art of Hacking methodology
Introduction to Kali Linux
MAC Addressing and Network Addressing
Introduction to Port addressing
Understanding the OSI Layer and TCP/IP Model
Domain Name System (DNS) Attack Surface
TCP vs UDP
Introduction to Linux
Linux Filesystem Hierarchy
Linux File Permissions
Berkeley Rsh/Rlogin Services
Network File System (NFS) Security
Missing Security Patches
Case Study: Shellshock
Introduction to Metasploit
Windows Password Hashing
Workgroups vs Domains
Windows Exploitation 101
Case Study: WannaCry
Introduction to Content Management Systems
Enumerating CMS Platforms
HTTP Protocol Basics
Understanding Web Application Attack Surface
Case Study: T alkT alk SQL Injection
Cross-Site Scripting (XSS)
WiFi Security 101
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)
Wi-Fi Protected Setup (WPS) flaws
Rogue Access Points Attacks
System administrators, Web Developers, IT Managers, Security enthusiasts, Anyone interested in Penetration testing and ethical hacking. (No prior experience is required to take this course)
Lab-Based Training - Written by BlackHat Trainers - Available Globally
NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure / web applications as a day job & wish to add to their existing skill set.
Working exclusively with 3 training delivery partners, NotSoSecure Hacking Training is available around the world.