Realdolmen Education

Details

Practical Penetration Testing

This course is currently not scheduled on the open calendar, but can be organized on request.

Request Course

Duration

5 day(s)

Audience

This course aims at providing Security Professionals with a practical insight to penetration testing.

Prerequisites

No prerequisites.

Objectives

This course follows the methodology of a pentest, showing the logic and the tools involved, so at the end of the course attendants should be able to perform a basic penetration test.

Methods

The course is very much hands-on, with lots of exercises. We believe that having the skills to hack provides a better insight into how to protect your company.

Description

Penetration Testing - or Pen Testing - is a simulated attack conducted in an organized fashion. We will try to penetrate the network, systems and applications, just like a hacker would. This can be done in 2 ways: "blackbox" and "whitebox/chrystalbox". "Blackbox" means that no information is given prior to the tests. Usually the purpose of this kind of test is to get a realistic view of the security risks that apply to the target (whether the target is a company, a network range, a single system or a single application). "Chrystal Box" means that information is given prior to the test. These kinds of tests are usually performed when timing is an issue. Unlike real hackers, professional penetration testers work with time restrictions.

This training is delivered by Filip Waeytens (www.wsec.be)

Contents

  • Day 1
    • Introduction
    • Kali Linux
    • Security Powertools
    • Footprinting & Enumeration
  • Day 2
    • Portscanning
    • Service Enumeration
    • Vulnerability Scanning
  • Day 3
    • A buffer overflow dissected
    • Metasploit Server Side
    • Metasploit Meterpreter
  • Day 4
    • Metasploit Client Side
    • Metasploit Auxiliary Modules
    • Password Cracking
  • Day 5
    • Post Exploitation
    • Persistence
    • Importance of communication within Service Operation.