About the course

This course gives you a practical understanding of penetration testing.
  • Learn how network protocol attacks and network reconnaissance works.
  • Learn web penetration testing.
  • Understand how database injections work.
  • Get knowledge about web application vulnerabilities.


  • One should have a basic understanding of windows/ Linux environment.
  • Basic knowledge of the TCP/IP protocols.
  • Strong desire to learn hacking and network security.

Who is the target audience?

This course is designed for
  • Security Analyst, Security Consultant
  • Individuals looking to learn penetration testing.
  • Anyone want to start a career in IT Security with the knowledge of penetration testing.


Module 1: Introduction to Pen Testing

  • 1.1  The need for Pen Testing
  • 1.2  Methodology of Pen Testing
  • 1.3  Ethics and Compliance to Legal Systems

Module 2: Pen Testing Engagement Lifecycle

  • 2.1  Pen Testing Scope and Boundaries

Module 3: The Basics

  • 3.1  Networking Concepts
  • 3.2  Operating System Security
  • 3.3  Application Layer Protocols
  • 3.4  Cryptography Concepts Review
  • 3.5  Wireless and Database Concepts Review

Module 4: Information Gathering & Social Engineering

  • 4.1  Creating USB Payloads for Social Engineering Attacks
  • 4.2  Gathering DNS Registration Information
  • 4.3  Gathering Router
  • 4.4   Firewall and IPS Information
  • 4.5  Gathering Email Addresses from Public and Social Websites
  • 4.6  Reading Metadata of Files Revealing Target Information
  • 4.7  Hiding Attacks Using Onion Routing Network

Module 5: Target Discovery Fingerprinting & Enumeration

  • 5.1  Discovering the Operating System Details
  • 5.2  Port and Services Discovery using NMAP

Module 6: Vulnerability Mapping

  • 6.1  Understanding Vulnerability Taxonomy
  • 6.2  Discovering and Analyzing Weaknesses

Module 7: Target Exploitation & Privilege Escalation

  • 7.1  Escalation for Windows and Linux
  • 7.2  Choosing Attack Vectors
  • 7.3  Performing Local and Remote Attacks
  • 7.4  Gathering and Cracking Password Hashes using Mimikatz and John the Ripper
  • 7.5  Attacking a Target through a Compromised Target (Pivoting)
  • 7.6  Creating Man In The Middle Attacks through Spoofing
  • 7.7  Sniffing Authentication Packets Revealing Passwords
  • 7.8  Cracking Default Passwords with Password Lists and Rainbow Tables

Module 8: Maintaining Access & Covering Tracks

  • 8.1  Creating Metasploit Backdoor Payloads
  • 8.2  Antivirus
  • 8.3   Firewall
  • 8.4   and IPS Evasion Techniques

Module 9: Web Pen Testing & Database Injection

  • 9.1  Bypassing Authentication using Cross Site Scripting
  • 9.2  Revealing User Accounts and Passwords through Database Injection

Module 10: Documentation, Reporting & Presentation

  • 10.1  Writing Pen Testing Reports
Request a detailed syllabus.

Get Answers (Answering their questions)

What kind of learning does ITlearn360.com provide?

ITlearn360.com offers instructor-led online live sessions and classroom-based corporate trainings and bootcamps for various courses and certifications to the learners.

Who are the instructors @ITlearn360.com?

@ITlearn360.com, we have an instructor community of industry professionals who are working in leading organizations and are veterans in their respective fields. These experts belong to various industries and are willing to share their talent with learners like you.

Are classes @ITlearn360.com conducted through online video streaming?

Yes, the classes @ITlearn360.com are conducted through online video streaming where there is two-way communication between users and instructors. The users can speak by using a microphone, chat by sending a message through a chat window and share their screens with an instructor. For better understanding, users also get recorded video of the class.

Sign for next demo class