- Participants will learn how to deploy ethical hacking to expose weaknesses in your organization
- Participants will learn how gather intelligence by employing reconnaissance, published data, and scanning tools
- Participants will learn how test and improve your security by compromising your netwrk using hacking tools
- Participants will learn how protect against privilege escalation to prevent intrusions
4 Days
Experience with security issues
- Defining a penetration testing methodology
- Creating a security testing plan
- Footprinting and Intelligence Gathering
- Locating useful and relevant information
- Scavenging published data
- Mining archive sites
- Identifying authentication methods
- Harvesting e–mail information
- Interrogating network services
- Scanning from the inside out with HTML and egress busting
- Identifying Vulnerabilities
- Researching databases
- Determining target configuration
- Evaluating vulnerability assessment tools
- Discovering filtered ports
- Manipulating ports to gain access
- Connecting to blocked services
- Examining Windows protection modes
- Analysing Linux / UNIX processes
- Injecting SQL and HTML code
- Hijacking web sessions by prediction and Cross–Site Scripting (XSS)
- Bypassing authentication mechanisms
- Manipulating Clients to Uncover Internal Threats
- Executing client–side attacks
- Gaining control of browsers
- Harvesting client information
- Enumerating internal data
- Cloning a legitimate site
- Diverting clients by poisoning DNS
- Exploiting Targets to Increase Security
- Selecting reverse or bind shells
- Leveraging the Metasploit Meterpreter
- Deploying portable media attacks
- Routing through compromised clients
- Stealing password hashes
- Extracting infrastructure routing, DNS and NetBIOS data
- Controlling memory processes
- Utilizing the remote file system