Penetration Testing

In this course, students will learn how to:

• Deploy ethical hacking to expose weaknesses in the organization and select countermeasures
• Gather intelligence by employing reconnaissance, published data and scanning tools
• Probe and compromise the network using hacking tools to test and improve security
• Protect against privilege escalation to prevent intrusions
• Evade antivirus software, firewalls and IDS

Who Should Attend
Security consultants, Information Assurance auditors, firewall/IDS personnel, programmers, PCI security testers and those involved in cybersecurity measures and implementation with security knowledge

Introduction to Ethical Hacking

• Defining a penetration testing methodology
• Creating a security testing plan

Footprinting and Intelligence Gathering
Acquiring target information

• Locating useful and relevant information
• Scavenging published data
• Mining archive sites

Scanning and enumerating resources

• Identifying authentication methods
• Harvesting e-mail information
• Interrogating network services
• Scanning from the inside out with HTML

Identifying Vulnerabilities
Correlating weaknesses and exploits

• Researching databases
• Determining target configuration
• Evaluating Vulnerability Assessment tools

Leveraging opportunities for attack

• Discovering exploit resources
• Attacking with Metasploit

Attacking Servers and Devices to Build Better Defenses
Bypassing router access control lists (ACLs)

• Discovering filtered ports
• Manipulating ports to gain access
• Connecting to blocked services

Compromising operating systems

• Examining Windows protection modes
• Analyzing Linux/UNIX processes

Subverting web applications

• Injecting SQL and HTML code
• Hijacking web sessions by prediction and fixation
• Bypassing authentication mechanisms

Manipulating Clients to Uncover Internal Threats
Baiting and snaring inside users

• Executing cross-site scripting (XSS)
• Gaining control of browsers

Creating custom malware

• Harvesting client information
• Enumerating internal data

Deploying the Social Engineering Toolkit

• Cloning a legitimate site
• Diverting clients by poisoning DNS

Exploiting Targets to Increase Security
Initiating remote shells

• Selecting reverse or bind shells
• Leveraging the Metasploit Meterpreter

Pivoting and island-hopping

• Deploying portable media attacks
• Routing through compromised clients

Pilfering target information

• Stealing password hashes
• Extracting infrastructure routing, DNS and NetBIOS data

Uploading and executing payloads

• Controlling memory processes
• Utilizing the remote file system

Testing Antivirus and IDS Security
Masquerading network traffic

• Obfuscating vectors and payloads
• Side-stepping perimeter defenses

Evading antivirus systems

• Falsifying file headers to inject malware
• Discovering the gaps in antivirus protection

Mitigating Risks and Next Steps

• Reporting results and creating an action plan
• Managing patches and configuration
• Recommending cybersecurity countermeasures