+(91) 9731 203 391

[email protected]

Penetration Testing Training

Participants will learn how to deploy ethical hacking to expose weaknesses in your organization. Participants will learn how gather intelligence by employing reconnaissance, published data, and scanning tools. Participants will…

Created by

Stalwart Learning

Category

Testing

Date & Time

Price

Duration

4 Days

Location

https://stalwartlearning.com

ENQUIRE NOW


Course Description

Overview of Penetration Testing

  • Participants will learn how to deploy ethical hacking to expose weaknesses in your organization
  • Participants will learn how gather intelligence by employing reconnaissance, published data, and scanning tools
  • Participants will learn how test and improve your security by compromising your netwrk using hacking tools
  • Participants will learn how protect against privilege escalation to prevent intrusions

Duration

4 Days

Prerequisite for Penetration Testing

Experience with security issues.

Course Outline for Penetration Testing

Introduction to Ethical Hacking
  • Defining a penetration testing methodology
  • Creating a security testing plan
  • Footprinting and Intelligence Gathering
Acquiring target information
  • Locating useful and relevant information
  • Scavenging published data
  • Mining archive sites
Scanning and enumerating resources
  • Identifying authentication methods
  • Harvesting e–mail information
  • Interrogating network services
  • Scanning from the inside out with HTML and egress busting
  • Identifying Vulnerabilities
Correlating weaknesses and exploits
  • Researching databases
  • Determining target configuration
  • Evaluating vulnerability assessment tools
Bypassing router Access Control Lists (ACLs)
  • Discovering filtered ports
  • Manipulating ports to gain access
  • Connecting to blocked services
Compromising operating systems
  • Examining Windows protection modes
  • Analysing Linux / UNIX processes
Subverting web applications
  • Injecting SQL and HTML code
  • Hijacking web sessions by prediction and Cross–Site Scripting (XSS)
  • Bypassing authentication mechanisms
  • Manipulating Clients to Uncover Internal Threats
Baiting and snaring inside users
  • Executing client–side attacks
  • Gaining control of browsers
Manipulating internal clients
  • Harvesting client information
  • Enumerating internal data
Deploying the social engineering toolkit
  • Cloning a legitimate site
  • Diverting clients by poisoning DNS
  • Exploiting Targets to Increase Security
Initiating remote shells
  • Selecting reverse or bind shells
  • Leveraging the Metasploit Meterpreter
Pivoting and island–hopping
  • Deploying portable media attacks
  • Routing through compromised clients
Pilfering target information
  • Stealing password hashes
  • Extracting infrastructure routing, DNS and NetBIOS data
Uploading and executing payloads
  • Controlling memory processes
  • Utilizing the remote file system

ENQUIRE NOW