Advanced penetration testing - Infosectrain

6
Advanced Penetration Testing Course Agenda [email protected] | www.infosectrain.com

Transcript of Advanced penetration testing - Infosectrain

Page 1: Advanced penetration testing - Infosectrain

Advanced Penetration Testing

Course Agenda

[email protected] | www.infosectrain.com

Page 2: Advanced penetration testing - Infosectrain

[email protected] | www.infosectrain.com

Introduction to LinuxIntelligence GatheringScanning and EnumerationWhat is hashing?Scripting ExploitationThe Metasploit FrameworkPost -ExploitationWireless Exploitation and Wireless auditingWeb Application Penetration Testing Data Collection ,Evidence Management and Reporting

Course Objectives

Page 3: Advanced penetration testing - Infosectrain

[email protected] | www.infosectrain.com

Installing Linux distribution for Pen testingConfiguring DistributionIntroduction to Bash Environment a. Intro to Bash Scripting Practical bash usage - Example 1 Practical bash usage - Example 2

Introduction to Linux

SMB EnumerationSMTP EnumerationSNMP EnumerationFTP EnumerationRetinaOpen-VasNessusNikto

Scanning and Enumeration

Hashing ConceptsKerberos AuthenticationWindows, Linux crackingReverse Hashing

What is hashing?

Online SourcesActive Information Gathering

Intelligence Gathering

Page 4: Advanced penetration testing - Infosectrain

[email protected] | www.infosectrain.com

System command Privilege EscalationConfiguration filesSudors priviledgeKernel exploitsBackdoorLinux post ExploitationWindows post Exploitation

a. Setting up Metasploit Exploring the Metasploit Framework Using Metasploit Auxiliaryb. Using Exploits Modulesc. Exercises

a. Staged and Non-staged Payloadsb. Working with Meterpreter Sessionc. Working with Multi Handlerd. Executable Payloadse. Exercises

Metasploit Payloads

The Metasploit Framework

Scripting

Windows and LinuxUsing Custom ExploitsBuffer Overflows

Exploitation

Post-Exploitation

Page 5: Advanced penetration testing - Infosectrain

[email protected] | www.infosectrain.com

Introduction to Wireless SecurityCracking Wireless EncryptionsCracking WEPCracking WPA and WPA2WIFI-PhishingHalting Wireless Network Through Dos AttackRestricting Wireless Access Through Wireless JammerSecuring Wireless Access Points Auditing and Reporting

Wireless Exploitation and Wireless auditing

Introduction to Web Application VulnerabilitiesIntroduction to BurpSuite ProxyCross Site Scripting (XSS)IFRAME InjectionCookie StealingSession HijackingCross Site Request Forgery (CSRF)LFI and RFIHacking database using SQL injectionEnumerating DatabaseSQL Injection with Automated ToolsWeb Application Assessment and Exploitation with Automated ToolsDOS Attack

Web Application Penetration Testing

Type of ReportPresentation ReportPost Testing Procedure

Data Collection ,Evidence Management and Reporting

Page 6: Advanced penetration testing - Infosectrain

[email protected] | www.infosectrain.com


INFORMATION SHEET PENETRATION TESTING...Vulnerability scanning VS penetration testing Penetration testing distinguishes itself from general vulnerability scanning but the two phrases

INFORMATION SHEET PENETRATION TESTING...Vulnerability scanning VS penetration testing Penetration testing distinguishes itself from general vulnerability scanning but the two phrases

Penetration Testing - Brown University Departmentcs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-PenetrationTesti… · Penetration Testing 12/7/2010 Penetration Testing 1 What Is

Penetration Testing - Brown University Departmentcs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-PenetrationTesti… · Penetration Testing 12/7/2010 Penetration Testing 1 What Is

BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

Penetration Testing Methodologies Testing... · penetration testing, aiutando la comunità di sicurezza nella scelta del percorso migliore per il penetration testing. Il termine open

Penetration Testing Methodologies Testing... · penetration testing, aiutando la comunità di sicurezza nella scelta del percorso migliore per il penetration testing. Il termine open

Penetration Testing Results

Penetration Testing Results

Penetration Testing Presentation

Penetration Testing Presentation

Penetration Testing Report - E-SPIN Group · Penetration Testing Report Independent / 3rd party Web Application Vulnerability & Security Assessment / Penetration Testing / Audit (come

Penetration Testing Report - E-SPIN Group · Penetration Testing Report Independent / 3rd party Web Application Vulnerability & Security Assessment / Penetration Testing / Audit (come

Penetration Testing Network & Perimeter Testing

Penetration Testing Network & Perimeter Testing

Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

Penetration testing Professional

Penetration testing Professional

Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

sap penetration testing sap penetration testing - Black Hat

sap penetration testing sap penetration testing - Black Hat

Penetration Testing Basics

Penetration Testing Basics

Overview - InfoSecTrain

Overview - InfoSecTrain

Custom Penetration Testing - SANS Sims - Custom... · Advanced Penetration Testing - 2009 SANS 3 What is Penetration Testing? • Process of testing a target environment for weaknesses

Custom Penetration Testing - SANS Sims - Custom... · Advanced Penetration Testing - 2009 SANS 3 What is Penetration Testing? • Process of testing a target environment for weaknesses

Firewall Penetration Testing

Firewall Penetration Testing

Web Applications Penetration Testingcs1160315/WebPenetration... · 2018. 3. 3. · Penetration testing typically includes network penetration testing and application security testing

Web Applications Penetration Testingcs1160315/WebPenetration... · 2018. 3. 3. · Penetration testing typically includes network penetration testing and application security testing

Penetration Testing Methodology

Penetration Testing Methodology

Wireless Penetration Testing

Wireless Penetration Testing

Internal Penetration Testing

Internal Penetration Testing